CVE-2011-1610

CVE-2011-1610 affects Cisco Unified Communications Manager (CUCM) where the embedded Apache HTTP Server exposes xmldirectorylist.jsp. The vulnerability arises from improper validation of parameters (f, l, n) passed to the JSP, enabling a remote, unauthenticated attacker to inject and execute arbi...

Apache HTTP Server mod_tcl Module Format String (CVE-2006-4154)

Apache HTTP server is the most widely deployed web server product on the Internet. Apache HTTP server is capable of running on many platforms, including Microsoft Windows and a wide variety of Unix-like platforms. The Apache HTTP server is very flexible and customizable in many aspects of its...

CentOS 5 : php53 (CESA-2011:0196)

Updated php53 packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

CentOS 5 : subversion (CESA-2011:0327)

Updated subversion packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

mod_dav_svn, subversion security update

CentOS Errata and Security Advisory CESA-2011:0327 Updated subversion packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring Syst...

mod_dav_svn, subversion security update

CentOS Errata and Security Advisory CESA-2011:0257 Updated subversion packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...

Fedora Update for php FEDORA-2011-3636

Check for the Version of php OpenVAS Vulnerability Test Fedora Update for php FEDORA-2011-3636 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...

Mandriva Linux Security Advisory : subversion (MDVSA-2011:067)

A vulnerability was discovered and corrected in subversion : The moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a request that contains a lock token...

[SECURITY] Fedora 13 Update: php-5.3.6-1.fc13

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

Mandriva Update for apache MDVSA-2011:057 (apache)

Check for the Version of apache OpenVAS Vulnerability Test Mandriva Update for apache MDVSA-2011:057 apache Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

CVE-2011-1176

The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileg...

CVE-2011-1176

The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileg...

Design/Logic Flaw

The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileg...

CVE-2011-1176

The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileg...

CVE-2011-1176

CVE-2011-1176 affects the Apache HTTP Server ITK MPM (mpm-itk) configuration merger in itk.c for versions 2.2.11-01 and 2.2.11-02. The flaw allows a remote attacker to potentially gain privileges by abusing configuration sections that specify NiceValue but omit AssignUserID, leveraging the root U...

CVE-2011-1176

The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileg...

[SECURITY] Fedora 15 Update: php-5.3.6-1.fc15

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

CVE-2011-0715

The moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a request that contains a lock token...

Null pointer dereference

The moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a request that contains a lock token...

CVE-2011-0715

The moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a request that contains a lock token...