CVE-2012-1181

fcgidspawnctl.c in the modfcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service memory consumption via a series of HTTP requests that triggers a process...

CVE-2012-1181

fcgidspawnctl.c in the modfcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service memory consumption via a series of HTTP requests that triggers a process...

Design/Logic Flaw

fcgidspawnctl.c in the modfcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service memory consumption via a series of HTTP requests that triggers a process...

CVE-2012-1181

CVE-2012-1181 affects the Apache mod_fcgid module (version 2.3.6) where fcgid_spawn_ctl.c fails to recognize the FcgidMaxProcessesPerClass directive for a virtual host. This misbehavior can allow remote attackers to trigger a higher-than-intended process count, leading to memory consumption and p...

CVE-2012-1181

fcgidspawnctl.c in the modfcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service memory consumption via a series of HTTP requests that triggers a process...

CVE-2012-1181

fcgidspawnctl.c in the modfcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service memory consumption via a series of HTTP requests that triggers a process...

Fedora Update for httpd FEDORA-2012-1642

Check for the Version of httpd OpenVAS Vulnerability Test Fedora Update for httpd FEDORA-2012-1642 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

[SECURITY] Fedora 15 Update: httpd-2.2.22-1.fc15

The Apache HTTP Server is a powerful, efficient, and extensible web server...

IBM WebSphere Application Server for z/OS JAX-RPC远程安全漏洞

BUGTRAQ ID: 52250 CVE ID: CVE-2012-0199 IBM WebSphere Application Server WAS是由IBM遵照开放标准，例如Java EE, XML 还有Web Services，开发并发行的一种应用服务器。与其兼容的Web服务器包括：Apache HTTP Server，Netscape Enterprise Server，Microsoft Internet Information Services IIS以及IBM HTTP Server。 IBM WebSphere Application Server for...

PT-2012-2927 · Apache +2 · Apache Http Server +2

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions prior to 2.4.2 Description: The issue is related to insecure handling of the LD LIBRARY PATH environment variable, which allows a local user to potentially gain privileges by executing a Trojan horse DSO in the...

RedHat Update for httpd RHSA-2012:0323-01

Check for the Version of httpd OpenVAS Vulnerability Test RedHat Update for httpd RHSA-2012:0323-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

httpd: http 0.9 request bypass of the reverse proxy vulnerability CVE-2011-3368 fix

The modproxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of 1 RewriteRule and 2 ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to...

USN-1368-1: Apache HTTP Server vulnerabilities

It was discovered that the Apache HTTP Server incorrectly handled the SetEnvIf .htaccess file directive. An attacker having write access to a .htaccess file may exploit this to possibly execute arbitrary code. CVE-2011-3607 Prutha Parikh discovered that the modproxy module did not properly intera...

Session fixation

The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service application crash via a crafted application that uses a PDO driver for a fetch and then calls the sessionstart function, as demonstrated by...

CVE-2012-0788

The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service application crash via a crafted application that uses a PDO driver for a fetch and then calls the sessionstart function, as demonstrated by...

[SECURITY] Fedora 15 Update: php-5.3.10-1.fc15

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

Moderate: Red Hat Security Advisory: httpd security update

Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

httpd: ap_pregsub Integer overflow to buffer overflow

Integer overflow in the appregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the modsetenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted...

Debian: Security Advisory (DSA-2405-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 2405-1 (apache2)

The remote host is missing an update to apache2 announced via advisory DSA 2405-1. OpenVAS Vulnerability Test $Id: deb24051.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2405-1 apache2 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...