RedHat Security Advisory RHSA-2009:1087

The remote host is missing updates announced in advisory RHSA-2009:1087. modjk is an Apache Tomcat connector that allows Apache Tomcat and the Apache HTTP Server to communicate with each other. An information disclosure flaw was found in modjk. In certain situations, if a faulty client set the...

Important: Red Hat Security Advisory: mod_jk security update

Updated modjk packages that fix one security issue are now available for Red Hat Application Server v2. This update has been rated as having important security impact by the Red Hat Security Response Team. modjk is an Apache Tomcat connector that allows Apache Tomcat and the Apache HTTP Server to...

CVE-2009-1955

The expat XML parser in the aprxml interface in xml/aprxml.c in Apache APR-util before 1.3.7, as used in the moddav and moddavsvn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service memory consumption via a crafted XML document containing a large number of nest...

CVE-2009-0023

The aprstrmatchprecompile function in strmatch/aprstrmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service daemon crash via crafted input involving 1 a .htaccess file used with the Apache HTTP Server, 2 the SVNMasterURI directive in the moddavsvn module in t...

Mandrake Security Advisory MDVSA-2009:124 (apache)

The remote host is missing an update to apache announced via advisory MDVSA-2009:124. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

RedHat Security Advisory RHSA-2009:1075

The remote host is missing updates announced in advisory RHSA-2009:1075. The Apache HTTP Server is a popular and freely-available Web server. A flaw was found in the handling of compression structures between modssl and OpenSSL. If too many connections were opened in a short period of time, all...

RedHat Security Advisory RHSA-2009:1075

The remote host is missing updates announced in advisory RHSA-2009:1075. The Apache HTTP Server is a popular and freely-available Web server. A flaw was found in the handling of compression structures between modssl and OpenSSL. If too many connections were opened in a short period of time, all...

Apache HTTP Server "AllowOverride"和"Options"安全绕过漏洞

Bugraq ID: 35115 CVE ID：CVE-2009-1195 CNCVE ID：CNCVE-20091195 Apache是一款开放源代码的WEB服务程序。 Apache在处理".htaccess"文件中的"AllowOverride"和部分"options"参数存在错误，可导致通过SSI执行命令。 如下的配置存在安全问题： a 如果"AllowOverride Options=IncludesNoEXEC"配置在httpd.conf中，用户可以在.htaccess文件中设置"Options Includes"，SSI将会以exec=允许方式启用。...

DEBIAN-CVE-2009-1195

The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring 1 Options Includes, 2 Options +Includes, or 3 Options +IncludesNOEXEC in a .htaccess file, and then...

CVE-2009-1195

The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring 1 Options Includes, 2 Options +Includes, or 3 Options +IncludesNOEXEC in a .htaccess file, and then...

CVE-2009-1195

The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring 1 Options Includes, 2 Options +Includes, or 3 Options +IncludesNOEXEC in a .htaccess file, and then...

CVE-2009-1195

The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring 1 Options Includes, 2 Options +Includes, or 3 Options +IncludesNOEXEC in a .htaccess file, and then...

httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2009:1075 Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular and...

Apache 'Options' and 'AllowOverride' Directives Security Bypass Vulnerability

Apache HTTP server is prone to a security-bypass vulnerability related to the handling of specific configuration directives. A local attacker may exploit this issue to execute arbitrary code within the context of the webserver process. This may result in elevated privileges or aid in further...

RHEL 5 : httpd (RHSA-2009:1075)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:1075 advisory. The Apache HTTP Server is a popular and freely-available Web server. A flaw was found in the handling of compression structures between mods...

Moderate: Red Hat Security Advisory: httpd security update

Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular and freely-available Web server. A flaw was found in the...

httpd mod_proxy_ajp information disclosure

modproxyajp.c in the modproxyajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request...

Apache HTTP Server Detection (HTTP)

HTTP based detection of the Apache HTTP Server. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apache HTTP Server 'mod_proxy_ajp' Information Disclosure Vulnerability

Apache HTTP Server is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Apache mod_proxy_ajp Information Disclosure Vulnerability

This host is running Apache Web Server and is prone to Information Disclosure Vulnerability. OpenVAS Vulnerability Test $Id: secpodapachemodproxyajpinfodiscvuln.nasl 5055 2017-01-20 14:08:39Z teissa $ Apache modproxyajp Information Disclosure Vulnerability Authors: Sujit Ghosal Copyright: Copyrig...