4991 matches found
Low: Red Hat Security Advisory: : Updated apache packages fix minor security vulnerability
Updated Apache packages that fix a minor security issue are now available for Red Hat Linux 7.1, 7.2, and 7.3. The Apache HTTP server is a powerful, full-featured, efficient, and freely-available Web server. An issue in the handling of regular expressions from configuration files was discovered i...
Moderate: Red Hat Security Advisory: : Updated httpd packages fix Apache security vulnerabilities
Updated httpd packages that fix two minor security issues in the Apache Web server are now available for Red Hat Linux 8.0 and 9. The Apache HTTP Server is a powerful, full-featured, efficient, and freely-available Web server. An issue in the handling of regular expressions from configuration fil...
Low: Red Hat Security Advisory: apache security update
Updated Apache packages that fix a minor security issue are now available for Red Hat Enterprise Linux. The Apache HTTP server is a powerful, full-featured, efficient, and freely-available Web server. An issue in the handling of regular expressions from configuration files was discovered in...
Apache: multiple buffer overflows
Background The Apache HTTP Server is one of the most popular web servers on the Internet. Description Multiple stack-based buffer overflows in modalias and modrewrite allow attackers who can create or edit configuration files including .htaccess files, to cause a denial of service and execute...
Apache stops writing access/error logs after processing "Request-URI" containing "0x1A" characters
Overview A vulnerability in the logging of URI requests may permit a remote attacker to disable logging on an Apache HTTP Server. Version 1.3.27 on Windows systems is reported vulnerable to this issue. Description Apache HTTP Server 1.3.27 running on Win32 systems contains a vulnerability that...
[ANNOUNCE][SECURITY] Apache 2.0.47 released
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Apache 2.0.47 Released The Apache Software Foundation and the Apache HTTP Server Project are pleased to announce the tenth public release of the Apache 2.0 HTTP Server. This Announcement notes the significant changes in 2.0.47 as compared to 2.0.46...
[SNS Advisory No.66] Apache HTTP Server v2 Causes a DoS When Parsing a Type-Map File
---------------------------------------------------------------------- SNS Advisory No.66 Apache HTTP Server v2 Causes a DoS When Parsing a Type-Map File Problem first discovered on: Thu, 26 Dec 2002 Published on: Wed, 09 Jul 2003 Reference: http://www.lac.co.jp/security/english/snsadve/66e.html...
Apache HTTPD contains denial of service vulnerability in basic authentication module
Overview The Apache HTTP server contains a denial-of-service vulnerability that allows remote attackers to to conduct denial-of-service attacks on the HTTP basic authentication module of an affected server. Description The Apache HTTP server contains a denial-of-service vulnerability in the...
Apache Portable Runtime contains heap buffer overflow in apr_psprintf()
Overview The Apache HTTP server contains a denial-of-service vulnerability that allows remote attackers to conduct denial-of-service attacks against an affected server. Description The Apache HTTP server contains a heap buffer overflow vulnerability in the aprpsprintf function. The Apache Softwar...
iDEFENSE Security Advisory 04.08.03: Denial of Service in Apache HTTP Server 2.x
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 04.08.03: http://www.idefense.com/advisory/04.08.03.txt Denial of Service in Apache HTTP Server 2.x April 8, 2003 I. BACKGROUND The Apache Software Foundation's HTTP Server Project is an effort to develop and maintain an...
Apache HTTP Server 2.x Memory Leak Exploit
No description provided by source. / apache-massacre.c Test code for Apache 2.x Memory Leak By Matthew Murphy DISCLAIMER: This exploit tool is provided only to test networks for a known vulnerability. Do not use this tool on systems you do not control, and do not use this tool on networks you do...
Apache HTTP Server 2.x Memory Leak Exploit
Exploit for unknown platform in category dos / poc ========================================== Apache HTTP Server 2.x Memory Leak Exploit ========================================== / apache-massacre.c Test code for Apache 2.x Memory Leak By Matthew Murphy DISCLAIMER: This exploit tool is provided...
Apache vulnerable to DoS
Overview A remotely exploitable denial-of-service vulnerability exists in the Apache HTTP Server. Exploitation of this vulnerability may allow an attacker to consume all available system resources, resulting in a denial-of-service condition. Description The Apache HTTP Server is a very popular...
Apache vulnerable to DoS via request for MS-DOS device
Overview Systems running the Apache web server under some versions of Microsoft Windows may be vulnerable to a remote denial-of-service condition. Description The Apache HTTP server fails to filter GET requests for MS-DOS style device names. This results in a denial-of-service vulnerability on...
Important: Red Hat Security Advisory: apache, mod_ssl, php security update for Stronghold
Updated versions of the Apache HTTP server, PHP, and modssl are now available which close possible buffer overflows in the Apache HTTP server benchmarking tool, fix two cross-site scripting vulnerabilities in the error pages, and fix possible local privilege escalation. These updates also fix...
Important: Red Hat Security Advisory: apache, mod_ssl, php security update for Stronghold
Updated versions of the Apache HTTP server, PHP, and modssl are now available which close possible buffer overflows in the Apache HTTP server benchmarking tool, fixes two cross-site scripting vulnerabilities in the error pages, and fix possible local privilege escalation. These updates also fix...
DSA-187 apache - several vulnerabilities
Bulletin has no description...
Apache 2.0 vulnerability affects non-Unix platforms
-----BEGIN PGP SIGNED MESSAGE----- For Immediate Disclosure =============== SUMMARY ================ Title: Apache 2.0 vulnerability affects non-Unix platforms Date: 9th August 2002 Revision: 2 Product Name: Apache HTTP server 2.0 OS/Platform: Windows, OS2, Netware Permanent URL:...
ISS Advisory: Remote Compromise Vulnerability in Apache HTTP Server
TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to [email protected] Contact [email protected] for help with any problems! --------------------------------------------------------------------------- -----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security...
Apache HTTP Server on Win32 systems does not securely handle input passed to CGI programs
Overview A vulnerability in the Apache HTTP Server running on Win32 systems Windows 9x/Me, Windows NT/2000/XP could allow an attacker to execute commands with the privileges of the web server process. Description The Apache HTTP Server is a freely available web server that runs on a variety of...