5830 matches found
CVE-2006-5752
Cross-site scripting XSS vulnerability in modstatus.c in the modstatus module in Apache HTTP Server httpd, when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browser...
httpd, mod_ssl security update
CentOS Errata and Security Advisory CESA-2007:0533 Updated Apache httpd packages that correct two security issues and two bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP...
Moderate: Red Hat Security Advisory: httpd security update
Updated Apache httpd packages that correct two security issues and two bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A flaw was found in th...
httpd, mod_ssl security update
CentOS Errata and Security Advisory CESA-2007:0556 Updated Apache httpd packages that correct three security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a...
httpd, mod_ssl security update
CentOS Errata and Security Advisory CESA-2007:0534 Updated Apache httpd packages that correct two security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a...
CentOS 4 : httpd (CESA-2007:0534)
Updated Apache httpd packages that correct two security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A flaw was found in the Apache HTTP...
httpd scoreboard lack of PID protection
Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the workerscore and processscore arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."...
Moderate: Red Hat Security Advisory: httpd security update
Updated Apache httpd packages that correct three security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. The Apache HTTP Server did not...
Moderate: Red Hat Security Advisory: httpd security update
Updated Apache httpd packages that correct two security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A flaw was found in the Apache HTTP...
httpd mod_status XSS
Cross-site scripting XSS vulnerability in modstatus.c in the modstatus module in Apache HTTP Server httpd, when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browser...
Apache Mod_Mem_Cache远程信息泄露漏洞
Apache是一款开放源代码的HTTP服务程序。 Apache包含的modmemcache模块存在信息泄露问题,远程攻击者可以利用漏洞获得对敏感数据的访问。 在使用modmemcache缓存部分小文件时,在部分条件下,会应答部分错误的HTTP头部数据,包括多个头字段,错误的ETag值,攻击者可以利用这些信息对系统进行进一步攻击。 Apache Software Foundation Apache 2.2.4 可参考如下安全公告: http://people.apache.org/covener/2.2.x-modmemcache-poolmgmt.diff...
Apache mod_rewrite LDAP URL buffer overflow
Added: 06/22/2007 CVE: CVE-2006-3747 BID: 19204 OSVDB: 27588 Background modrewrite is an Apache module which allows rule-based modification of URL requests. Problem An off-by-one buffer overflow vulnerability in modrewrite allows command execution when the escapeabsoluteuri function attempts to...
Apache mod_rewrite LDAP URL buffer overflow
Added: 06/22/2007 CVE: CVE-2006-3747 BID: 19204 OSVDB: 27588 Background modrewrite is an Apache module which allows rule-based modification of URL requests. Problem An off-by-one buffer overflow vulnerability in modrewrite allows command execution when the escapeabsoluteuri function attempts to...
Apache mod_rewrite LDAP URL buffer overflow
Added: 06/22/2007 CVE: CVE-2006-3747 BID: 19204 OSVDB: 27588 Background modrewrite is an Apache module which allows rule-based modification of URL requests. Problem An off-by-one buffer overflow vulnerability in modrewrite allows command execution when the escapeabsoluteuri function attempts to...
mod_perl security update
CentOS Errata and Security Advisory CESA-2007:0486-01 Updated modperl packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Modperl incorporates a Perl interpreter...
Important: Red Hat Security Advisory: mod_jk security update
Updated modjk packages that fix a security issue are now available for Red Hat Application Stack v1.1. This update has been rated as having Important security impact by the Red Hat Security Response Team. modjk is a Tomcat connector that can be used to communicate between Tomcat and the Apache HT...
Important: Red Hat Security Advisory: mod_jk security update
Updated modjk packages that fix a security issue are now available for Red Hat Application Server. This update has been rated as having Important security impact by the Red Hat Security Response Team. modjk is a Tomcat connector that can be used to communicate between Tomcat and the Apache HTTP...
RHEL 5 : php (RHSA-2007:0153)
Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A...
tomcat directory traversal
Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...
[SECURITY] Fedora Core 6 Update: php-5.1.6-3.6.fc6
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...