Oracle Linux 5 : mod_auth_mysql (ELSA-2009-0259)

The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2009-0259 advisory. 3.0.0-3.2 - add security fix for CVE-2008-2384 480613 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. No...

Oracle Linux 5 : apr / and / apr-util (ELSA-2009-1204)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2009-1204 advisory. - add security fix for CVE-2009-2412 515709 apr-util: Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. No...

Oracle Linux 4 : httpd (ELSA-2008-0006)

From Red Hat Security Advisory 2008:0006 : Updated Apache httpd packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web...

Oracle Linux 4 / 5 / 6 : nss (ELSA-2011-1444)

From Red Hat Security Advisory 2011:1444 : Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. Network Security Services NSS is a set of libraries...

Oracle Linux 3 / 4 : httpd (ELSA-2006-0619)

From Red Hat Security Advisory 2006:0619 : Updated Apache httpd packages that correct security issues and resolve bugs are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Serve...

Oracle Linux 3 : httpd (ELSA-2008-0005)

From Red Hat Security Advisory 2008:0005 : Updated Apache httpd packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web...

Oracle Linux 6 : httpd (ELSA-2012-0128)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-0128 advisory. - add security fixes for CVE-2011-4317, CVE-2012-0053, CVE-2012-0031, CVE-2011-3607 787598 Tenable has extracted the preceding description block direct...

Oracle Linux 4 : php (ELSA-2006-0730 / ELSA-2006-0669)

Updated PHP packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. Users of PHP should upgrade to these...

Oracle Linux 4 : httpd (ELSA-2007-0534)

From Red Hat Security Advisory 2007:0534 : Updated Apache httpd packages that correct two security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web...

Oracle Linux 5 : Important: / php (ELSA-2007-0348)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0348 advisory. 5.1.6-12.el5 - add security fix for CVE-2007-1864, SOAP redirect handling issue, FTP CRLF injection issue 235016 5.1.6-11.el5 - add security fix for...

Mandriva Linux Security Advisory : apache (MDVSA-2013:193)

A vulnerability has been found and corrected in apache ASF HTTPD : moddav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is...

Apache HTTP Server MERGE Request Denial of Service Vulnerability

A vulnerability in the moddav component of the Apache HTTP Server could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to insufficient validation of user-supplied input while handling URI requests. An attacker could exploit the...

apache24 -- several vulnerabilities

Apache HTTP SERVER PROJECT reports: moddav: Sending a MERGE request against a URI handled by moddavsvn with the source href sent as part of the request body as XML pointing to a URI that is not configured for DAV will trigger a segfault. modsessiondbd: Make sure that dirty flag is respected when...

CVE-2013-1896

moddav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is configured for handling by the moddavsvn module, but a certain href...

Design/Logic Flaw

moddav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is configured for handling by the moddavsvn module, but a certain href...

EUVD-2013-1893

moddav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is configured for handling by the moddavsvn module, but a certain href...

CVE-2013-1896

moddav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is configured for handling by the moddavsvn module, but a certain href...

CVE-2013-1896

moddav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is configured for handling by the moddavsvn module, but a certain href...

CVE-2013-1896

moddav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is configured for handling by the moddavsvn module, but a certain href...

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 2.0.1 update

Red Hat JBoss Web Server 2.0.1, which fixes multiple security issues and several bugs, is now available from the Red Hat Customer Portal for Red Hat Enterprise Linux 5 and 6, Solaris, and Microsoft Windows. The Red Hat Security Response Team has rated this update as having moderate security impac...