5840 matches found
Important: Red Hat Security Advisory: httpd security update
Updated httpd packages that fix multiple security issues are now available for JBoss Enterprise Web Server 1.0.0 for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A...
httpd, mod_ssl security update
CentOS Errata and Security Advisory CESA-2009:1148 Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web...
Apache mod_proxy反向代理拒绝服务漏洞
BUGTRAQ ID: 35565 CVECAN ID: CVE-2009-1890 Apache HTTP Server是一款流行的Web服务器。 如果配置了反向代理的话,在Apache HTTP Server的modproxy模块中,modproxyhttp.c的streamreqbodycl函数没有正确地处理数量超过了 Content-Length值的流数据。远程攻击者可以通过向受影响的代理进程发送特制的请求导致耗尽大量的CPU资源。 Apache 2.2.x 厂商补丁: Apache Group ------------...
Apache 'mod_proxy_http.c' Denial Of Service Vulnerability
This host is running Apache HTTP Server and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: gbapachemodproxydosvuln.nasl 7176 2017-09-18 12:01:01Z cfischer $ Apache 'modproxyhttp.c' Denial Of Service Vulnerability Authors: Sharath S Copyright: Copyright c 2009 Greenbo...
Apache HTTP Server 'mod_proxy_http.c' Denial Of Service Vulnerability
Apache HTTP Server is prone to a Denial of Service vulnerability. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
GLSA-200907-03 : APR Utility Library: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200907-03 APR Utility Library: Multiple vulnerabilities Multiple vulnerabilities have been discovered in the APR Utility Library: Matthew Palmer reported a heap-based buffer underflow while compiling search patterns in the...
CVE-2009-1890
The streamreqbodycl function in modproxyhttp.c in the modproxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service C...
Code injection
The streamreqbodycl function in modproxyhttp.c in the modproxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service C...
CVE-2009-1890
The streamreqbodycl function in modproxyhttp.c in the modproxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service C...
CVE-2009-1890
The streamreqbodycl function in modproxyhttp.c in the modproxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service C...
CVE-2009-1890
The streamreqbodycl function in modproxyhttp.c in the modproxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service C...
GLSA-200907-02 : ModSecurity: Denial of Service
The remote host is affected by the vulnerability described in GLSA-200907-02 ModSecurity: Denial of Service Multiple vulnerabilities were discovered in ModSecurity: Juan Galiana Lara of ISecAuditors discovered a NULL pointer dereference when processing multipart requests without a part header nam...
[ GLSA 200907-02 ] ModSecurity: Denial of Service
Gentoo Linux Security Advisory GLSA 200907-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
CVE-2009-2299
The Artofdefence Hyperguard Web Application Firewall WAF module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service memory consumption via an HTTP request with a large Content-Length valu...
Design/Logic Flaw
The Artofdefence Hyperguard Web Application Firewall WAF module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service memory consumption via an HTTP request with a large Content-Length valu...
CVE-2009-2299
The Artofdefence Hyperguard Web Application Firewall WAF module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service memory consumption via an HTTP request with a large Content-Length valu...
ModSecurity: Denial of service
Background ModSecurity is a popular web application firewall for the Apache HTTP server. Description Multiple vulnerabilities were discovered in ModSecurity: Juan Galiana Lara of ISecAuditors discovered a NULL pointer dereference when processing multipart requests without a part header name...
RedHat Security Advisory RHSA-2009:1108
The remote host is missing updates announced in advisory RHSA-2009:1108. The Apache HTTP Server is a popular Web server. The httpd package shipped with Red Hat Enterprise Linux 3 contains an embedded copy of the Apache Portable Runtime APR utility library, a free library of C data structures and...
RedHat Security Advisory RHSA-2009:1108
The remote host is missing updates announced in advisory RHSA-2009:1108. The Apache HTTP Server is a popular Web server. The httpd package shipped with Red Hat Enterprise Linux 3 contains an embedded copy of the Apache Portable Runtime APR utility library, a free library of C data structures and...
Apache HTTP Server AllowOverride选项绕过安全限制漏洞
BUGTRAQ ID: 35115 CVECAN ID: CVE-2009-1195 Apache HTTP Server是一款流行的Web服务器。 Apache HTTP Server没有正确地处理AllowOverride指令中的Options=IncludesNOEXEC选项,本地用户可以通过在.htaccess文件中配置1 Options Includes、2 Options +Includes或3 Options +IncludesNOEXEC并在.shtml文件中注入exec元素导致绕过安全限制获得权限。 Apache 2.2.x 厂商补丁: Apache Group...