Apache HTTP Server 'mod_lua' Denial of Service Vulnerability (May 2015)

Apache HTTP Server is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Apache HTTP Server 'mod_cache' Denial of Service Vulnerability (May 2015)

Apache HTTP Server is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Apache HTTP Server 'mod_proxy_fcgi' Denial of Service Vulnerability (May 2015)

Apache HTTP Server is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

[SECURITY] Fedora 21 Update: php-5.6.8-1.fc21

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

Apache HTTP Server 'protocol.c' Remote Denial of Service Vulnerability

Apache HTTP Server is an open source web server from the Apache Software Foundation. Apache HTTP Server 2.2.29/2.4.12 suffers from a null pointer indirect reference vulnerability in the implementation. An attacker is allowed to exploit this vulnerability to crash the application, resulting in a...

CVE-2015-3330

The phphandler function in sapi/apache2handler/sapiapache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via pipelined HTTP...

Apache: Multiple vulnerabilities

Background Apache HTTP Server is one of the most popular web servers on the Internet. Description Multiple vulnerabilities have been discovered in Apache HTTP Server. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to execute arbitrary code or...

[SECURITY] Fedora 20 Update: php-5.5.23-1.fc20

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

[SECURITY] Fedora 22 Update: php-5.6.7-2.fc22

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update

CentOS Errata and Security Advisory CESA-2015:0325 Updated httpd packages that fix two security issues, several bugs, and add various enhancements are for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. Common Vulnerability Scoring System...

[SECURITY] Fedora 21 Update: httpd-2.4.10-15.fc21

The Apache HTTP Server is a powerful, efficient, and extensible web server...

ESA-2015-014: RSA® Digital Certificate Solution Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-014: RSA® Digital Certificate Solution Multiple Vulnerabilities EMC Identifier: ESA-2015-014 CVE Identifier: See below for individual CVEs Severity Rating: CVSS v2 Base Score: View details below for individual CVSS Score for each CVE. Affecte...

[USN-2523-1] Apache HTTP Server vulnerabilities

========================================================================== Ubuntu Security Notice USN-2523-1 March 10, 2015 apache2 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Apache HTTP Server Denial of Service Vulnerability (CNVD-2015-01691)

Apache HTTP Server is an open source web server from the Apache Software Foundation that runs on most computer operating systems and is widely used as one of the most popular web server-side software due to its multi-platform and security. A denial-of-service vulnerability exists in Apache HTTP...

Ubuntu 14.04 LTS : Apache HTTP Server vulnerabilities (USN-2523-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2523-1 advisory. Martin Holst Swende discovered that the modheaders module allowed HTTP trailers to replace HTTP headers during request processing. A remote attacker coul...

USN-2523-1: Apache HTTP Server vulnerabilities

Martin Holst Swende discovered that the modheaders module allowed HTTP trailers to replace HTTP headers during request processing. A remote attacker could possibly use this issue to bypass RequestHeaders directives. CVE-2013-5704 Mark Montague discovered that the modcache module incorrectly handl...

CVE-2015-0228

The luawebsocketread function in luarequest.c in the modlua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service child-process crash by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function...

Code injection

The luawebsocketread function in luarequest.c in the modlua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service child-process crash by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function...

DEBIAN-CVE-2015-0228

The luawebsocketread function in luarequest.c in the modlua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service child-process crash by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function...

CVE-2015-0228

The luawebsocketread function in luarequest.c in the modlua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service child-process crash by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function...