5848 matches found
httpd: multiple ranges DoS
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service memory and CPU consumption via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different...
Important: Red Hat Security Advisory: httpd and httpd22 security update
Updated httpd and httpd22 packages that fix one security issue are now available for JBoss Enterprise Web Server 1.0.2 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS...
CVE-2011-3348
The modproxyajp module in the Apache HTTP Server before 2.2.21, when used with modproxybalancer in certain configurations, allows remote attackers to cause a denial of service temporary "error state" in the backend server via a malformed HTTP request...
CVE-2011-3348
The modproxyajp module in the Apache HTTP Server before 2.2.21, when used with modproxybalancer in certain configurations, allows remote attackers to cause a denial of service temporary "error state" in the backend server via a malformed HTTP request...
Design/Logic Flaw
The modproxyajp module in the Apache HTTP Server before 2.2.21, when used with modproxybalancer in certain configurations, allows remote attackers to cause a denial of service temporary "error state" in the backend server via a malformed HTTP request...
CVE-2011-3348
The modproxyajp module in the Apache HTTP Server before 2.2.21, when used with modproxybalancer in certain configurations, allows remote attackers to cause a denial of service temporary "error state" in the backend server via a malformed HTTP request...
CVE-2011-3348
The modproxyajp module in the Apache HTTP Server before 2.2.21, when used with modproxybalancer in certain configurations, allows remote attackers to cause a denial of service temporary "error state" in the backend server via a malformed HTTP request...
CVE-2011-3348
The CVE-2011-3348 issue affects the Apache HTTP Server’s mod_proxy_ajp in combination with mod_proxy_balancer, where certain configurations allow remote attackers to trigger a denial of service by sending a malformed HTTP request. The vulnerability is described as causing a temporary error state ...
[SECURITY] Fedora 15 Update: php-5.3.8-1.fc15
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
[SECURITY] Fedora 14 Update: php-5.3.8-1.fc14
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
Apache HTTP Server mod_proxy_ajp拒绝服务漏洞
CVECAN ID: CVE-2011-3348 Apache HTTP Server是Apache软件基金会的一个开放源代码的网页服务器,可以在大多数电脑操作系统中运行,由于其跨平台和安全性被广泛使用,是最流行的Web服务器端软件之一。 Apache HTTP Server的modproxybalancer在实现上存在安全漏洞,恶意用户可利用此漏洞造成拒绝服务。 此漏洞源于结合modproxybalancer使用时,modproxyajp中的畸形HTTP请求处理时的错误。通过发送特制的HTTP请求,可造成后端服务器故障,直到重试超时结束后才会结束临时DoS。 Apache Group...
[SECURITY] Fedora 15 Update: httpd-2.2.21-1.fc15
The Apache HTTP Server is a powerful, efficient, and extensible web server...
Fedora 15 : httpd-2.2.21-1.fc15 (2011-12715)
This update includes the latest stable release of the Apache HTTP Server, version 2.2.21. Two security issues have been fixed : modproxyajp when combined with modproxybalancer: Prevents unrecognized HTTP methods from marking ajp: balancer members in an error state, avoiding denial of service...
Fedora Update for httpd FEDORA-2011-12715
Check for the Version of httpd OpenVAS Vulnerability Test Fedora Update for httpd FEDORA-2011-12715 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
Important: Red Hat Security Advisory: httpd security update
Updated httpd packages that fix one security issue are now available for Red Hat Enterprise Linux 3 Extended Life Cycle Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...
httpd: multiple ranges DoS
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service memory and CPU consumption via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different...
PT-2011-4400 · Apache +2 · Apache Http Server +2
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions prior to 2.2.21 Description: The issue arises when the mod proxy ajp module is used in conjunction with mod proxy balancer in specific configurations, allowing remote attackers to cause a temporary denial of servic...
[SECURITY] Fedora 16 Update: php-5.3.8-1.fc16
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
CentOS Update for httpd CESA-2011:1245 centos4 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
RedHat Update for httpd RHSA-2011:1245-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...