RedHat Update for httpd RHSA-2014:0369-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for httpd CESA-2014:0369 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RedHat Update for httpd RHSA-2014:0370-01

Check for the Version of httpd OpenVAS Vulnerability Test RedHat Update for httpd RHSA-2014:0370-01 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

CentOS Update for httpd CESA-2014:0370 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2014:0370 Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base score...

RHEL 5 : httpd (RHSA-2014:0369)

Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

CentOS 6 : httpd (CESA-2014:0370)

Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Moderate: Red Hat Security Advisory: httpd security update

Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

httpd: mod_dav denial of service via crafted DAV WRITE request

The davxmlgetcdata function in main/util.c in the moddav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service daemon crash via a crafted DAV WRITE request...

Apache HTTP Server mod_log_config Denial of Service (CVE-2014-0098)

A denial of service vulnerability has been reported in Apache HTTP server. The vulnerability is due to a log processing error in the modlogconfig module. A remote, unauthenticated attacker can leverage this vulnerability by sending a malicious request to the target server...

[SECURITY] Fedora 20 Update: httpd-2.4.9-2.fc20

The Apache HTTP Server is a powerful, efficient, and extensible web server...

Fedora 20 : httpd-2.4.9-2.fc20 (2014-4555)

This update contains the latest release of the Apache HTTP Server, version 2.4.9. Numerous bug fixes and minor enhancements are included; for more information see : http://www.apache.org/dist/httpd/CHANGES2.4.9 Note that Tenable Network Security has extracted the preceding description block...

Amazon Linux AMI : httpd24 (ALAS-2014-309)

The logcookie function in modlogconfig.c in the modlogconfig module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service segmentation fault and daemon crash via a crafted cookie that is not properly handled during truncation. C Tenable Network Security, Inc...

Design/Logic Flaw

The 1 ssl.conf and 2 httpd.conf files in the Apache HTTP Server component in IBM Netezza Performance Portal 2.0 before 2.0.0.4 have weak SSLCipherSuite values, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack...

CVE-2014-0848

CVE-2014-0848 affects IBM Netezza Performance Portal 2.0 (before 2.0.0.4) where the Apache HTTP Server default config uses weak SSLCipherSuite values, enabling a remote attacker to potentially defeat cryptographic protections via brute-force. Vulnerable component: Apache web server in PERFPORTAL ...

CVE-2014-0848

The 1 ssl.conf and 2 httpd.conf files in the Apache HTTP Server component in IBM Netezza Performance Portal 2.0 before 2.0.0.4 have weak SSLCipherSuite values, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack...

USN-2152-1: Apache HTTP Server vulnerabilities

Ning Zhang & Amin Tora discovered that the moddav module incorrectly handled whitespace characters in CDATA sections. A remote attacker could use this issue to cause the server to stop responding, resulting in a denial of service. CVE-2013-6438 Rainer M Canavan discovered that the modlogconfig...

Medium: httpd24

Issue Overview: The logcookie function in modlogconfig.c in the modlogconfig module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service segmentation fault and daemon crash via a crafted cookie that is not properly handled during truncation. Affected Package...

Apache HTTP Server多个拒绝服务漏洞

BUGTRAQ ID: 66303 CVE ID: CVE-2013-6438,CVE-2014-0098 Apache HTTP Server是开源HTTP服务器。 Apache HTTP Server 2.4.7, 2.4.6, 2.4.4, 2.4.3, 2.4.2, 2.4.1在实现上存在安全漏洞，可被恶意利用造成拒绝服务。 1、记录截断cookie时，modlogconfig模块存在错误，可被利用造成工作线程崩溃。要成功利用此漏洞需要使用线程化MPM。 2、删除前导空格时，moddav模块存在边界错误，可被利用通过特制的DAV WRITE请求破坏内存。 0 Apache Gro...

Critical: Red Hat Security Advisory: php security update

Updated php packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are availabl...