5843 matches found
Apache HTTP Server mod_isapi Dangling Pointer Remote Code Execution (CVE-2010-0425)
Apache HTTP server is a popular web server that is capable of being utilized with many different options and configurations, with a wide variety of plug-in modules which are loaded at run-time to extend its functionality. One of the technologies supported by Apache HTTP server is Internet Server...
RHEL 4 : httpd (RHSA-2010:0175)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2010:0175 advisory. The Apache HTTP Server is a popular web server. A use-after-free flaw was discovered in the way the Apache HTTP Server handled request headers in...
Moderate: Red Hat Security Advisory: httpd and httpd22 security and enhancement update
Updated httpd and httpd22 packages that fix two security issues and add one enhancement are now available for JBoss Enterprise Web Server 1.0.1 for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability...
[SECURITY] Fedora 11 Update: httpd-2.2.15-1.fc11.1
The Apache HTTP Server is a powerful, efficient, and extensible web server...
[SECURITY] Fedora 13 Update: httpd-2.2.15-1.fc13
The Apache HTTP Server is a powerful, efficient, and extensible web server...
CVE-2010-1151
Race condition in the modauthshadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interaction with an external helper application for validation of credentials...
Race condition
Race condition in the modauthshadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interaction with an external helper application for validation of credentials...
CVE-2010-1151
Race condition in the modauthshadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interaction with an external helper application for validation of credentials...
CVE-2010-1151
Race condition in the modauthshadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interaction with an external helper application for validation of credentials...
CVE-2010-1151
CVE-2010-1151 affects the Apache mod_auth_shadow module. A race condition related to the external helper validation path can bypass authentication, potentially allowing unauthorized read/modify of data. Fedora advisories state the fix addresses a bad wait(2) call that causes randomized authorizat...
RedHat Update for httpd RHSA-2010:0175-01
Check for the Version of httpd OpenVAS Vulnerability Test RedHat Update for httpd RHSA-2010:0175-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
RedHat Update for httpd RHSA-2010:0175-01
Check for the Version of httpd OpenVAS Vulnerability Test RedHat Update for httpd RHSA-2010:0175-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
[SECURITY] Fedora 11 Update: php-5.2.13-1.fc11
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
httpd, mod_ssl security update
CentOS Errata and Security Advisory CESA-2010:0175 Updated httpd packages that fix one security issue, a bug, and add an enhancement are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability...
Low: Red Hat Security Advisory: httpd security, bug fix, and enhancement update
Updated httpd packages that fix one security issue, a bug, and add an enhancement are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
httpd: mod_proxy_ajp remote temporary DoS
The approxyajprequest function in modproxyajp.c in modproxyajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service backend server outage via a crafted request,...
TLS: MITM attacks via session renegotiation
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services NSS 3.12.4 and earlier, multiple Cis...
Apache 2.2.x子请求处理信息泄露漏洞
BUGTRAQ ID: 38580 CVECAN ID: CVE-2010-0434 Apache HTTP Server是一款流行的Web服务器。 在使用多线程MPM时,Apache HTTP Server的server/protocol.c文件中的apreadrequest函数没有正确地处理子请求,可能允许远程攻击者从其他线程所处理的请求中读取敏感信息。 Apache Group Apache 2.2.x 厂商补丁: Apache Group ------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
[ MDVSA-2010:057 ] apache
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:057 http://www.mandriva.com/security/ Package : apache Date : March 6, 2010 Affected: 2008.0, 2009.0, 2009.1, 2010.0, Corporate 4.0, Enterprise Server 5.0 Problem Description: A vulnerabilitiy has been found...
CVE-2010-0425
modules/arch/win32/modisapi.c in modisapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapiunload for an ISAPI .dll module, which allows remote attackers ...