Fedora 18 : httpd-2.4.6-2.fc18 (2013-13922)

This update contains the latest release of the Apache HTTP Server, version 2.4.6. Two security issues are resolved in this update : - moddav: Sending a MERGE request against a URI handled by moddavsvn could trigger a segfault. CVE-2013-1896 - modsessiondbd: Make sure that dirty flag is respected...

[SECURITY] Fedora 18 Update: httpd-2.4.6-2.fc18

The Apache HTTP Server is a powerful, efficient, and extensible web server...

CentOS Update for httpd CESA-2013:1156 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for httpd CESA-2013:1156 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for httpd CESA-2013:1156 centos5

Check for the Version of httpd OpenVAS Vulnerability Test CentOS Update for httpd CESA-2013:1156 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

RHEL 6 : httpd (RHSA-2013:1156)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:1156 advisory. The Apache HTTP Server is a popular web server. A flaw was found in the way the moddav module of the Apache HTTP Server handled merge requests. An...

Scientific Linux Security Update : httpd on SL5.x, SL6.x i386/x86_64 (20130813)

A flaw was found in the way the moddav module of the Apache HTTP Server handled merge requests. An attacker could use this flaw to send a crafted merge request that contains URIs that are not configured for DAV, causing the httpd child process to crash. CVE-2013-1896 After installing the updated...

httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2013:1156 Updated httpd packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS bas...

httpd: mod_dav DoS (httpd child process crash) via a URI MERGE request with source URI not handled by mod_dav

moddav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is configured for handling by the moddavsvn module, but a certain href...

[SECURITY] Fedora 19 Update: httpd-2.4.6-2.fc19

The Apache HTTP Server is a powerful, efficient, and extensible web server...

Moderate: Red Hat Security Advisory: httpd security update

An update for the Apache HTTP Server component of Red Hat JBoss Web Server 2.0.1 that fixes two security issues is now available from the Red Hat Customer Portal for Red Hat Enterprise Linux 5 and 6, Solaris, and Microsoft Windows. The Red Hat Security Response Team has rated this update as havin...

httpd: mod_dav DoS (httpd child process crash) via a URI MERGE request with source URI not handled by mod_dav

moddav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is configured for handling by the moddavsvn module, but a certain href...

Moderate: Red Hat Security Advisory: httpd security update

Updated httpd packages that fix two security issues are now available for Red Hat JBoss Web Server 2.0.1 for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which...

Fedora Update for php FEDORA-2013-12354

Check for the Version of php OpenVAS Vulnerability Test Fedora Update for php FEDORA-2013-12354 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

MGASA-2013-0231 Updated apache packages fix security vulnerabilities

Updated apache packages fix security vulnerabilities: moddav.c in the Apache HTTP Server before 2.4.6 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is configured for...

Updated apache packages fix CVE-2013-1896

Updated apache packages fix security vulnerability: moddav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is configured for...

Apache HTTP Server mod_session_dbd 远程安全漏洞(CVE-2013-2249)

BUGTRAQ ID: 61379 CVECAN ID: CVE-2013-2249 Apache HTTP Server是开源HTTP服务器。 Apache HTTP Server 2.4.6之前版本的modsessiondbd模块在保存会话过程中处理“脏旗标”时出错，存在远程安全漏洞，影响目前未知。 0 Apache 2.4.2 厂商补丁： Apache Group ------------ Apache Group已经为此发布了一个安全公告（Announcement2.4）以及相应补丁: Announcement2.4：Apache HTTP Server 2.4.6 Releas...

CVE-2013-2249

modsessiondbd.c in the modsessiondbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors...

CVE-2013-2249

modsessiondbd.c in the modsessiondbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors...

Design/Logic Flaw

modsessiondbd.c in the modsessiondbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors...