Mandriva Update for subversion MDVSA-2010:199 (subversion)

Check for the Version of subversion OpenVAS Vulnerability Test Mandriva Update for subversion MDVSA-2010:199 subversion Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

[ MDVSA-2010:199 ] subversion

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:199 http://www.mandriva.com/security/ Package : subversion Date : October 12, 2010 Affected: 2009.0, 2009.1, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Problem Description: A vulnerability was...

BSA-004 Security Update for subversion

Peter Samuelson uploaded new packages for subversion which fixed the following security problems: CVE-2010-3315 When "SVNPathAuthz shortcircuit" is enabled, authz authentication in the moddavsvn module for the Apache HTTP Server is flawed. Remote authenticated users can bypass intended access...

BSA-004 Security Update for subversion

Peter Samuelson uploaded new packages for subversion which fixed the following security problems: CVE-2010-3315 When "SVNPathAuthz shortcircuit" is enabled, authz authentication in the moddavsvn module for the Apache HTTP Server is flawed. Remote authenticated users can bypass intended access...

openssl -- TLS extension parsing race condition

OpenSSL Team reports: Rob Hulswit has found a flaw in the OpenSSL TLS server extension code parsing which on affected servers can be exploited in a buffer overrun attack. Any OpenSSL based TLS server is vulnerable if it is multi-threaded and uses OpenSSL's internal caching mechanism. Servers that...

CVE-2010-3315

authz.c in the moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz shortcircuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass...

CVE-2010-1623

Memory leak in the aprbrigadesplitline function in buckets/aprbrigade.c in the Apache Portable Runtime Utility library aka APR-util before 1.3.10, as used in the modreqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service memory...

CVE-2010-3315

authz.c in the moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz shortcircuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass...

CVE-2010-1623

Memory leak in the aprbrigadesplitline function in buckets/aprbrigade.c in the Apache Portable Runtime Utility library aka APR-util before 1.3.10, as used in the modreqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service memory...

CVE-2010-3315

CVE-2010-3315 affects Apache Subversion’s mod_dav_svn: when SVNPathAuthz short_circuit is enabled, authz.c fails to correctly handle a named repository as a rule scope, allowing remote authenticated users to bypass access restrictions via svn commands. Vulnerable products/versions: Apache Subvers...

CVE-2010-1623

The CVE-2010-1623 issue affects the APR-util library (apr_brigade_split_line in buckets/apr_brigade.c) prior to version 1.3.10, where a memory leak can allow remote attackers to cause denial of service through memory consumption related to APR bucket destruction. Affected products commonly includ...

CVE-2010-3315

authz.c in the moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz shortcircuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass...

CVE-2010-1623

Memory leak in the aprbrigadesplitline function in buckets/aprbrigade.c in the Apache Portable Runtime Utility library aka APR-util before 1.3.10, as used in the modreqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service memory...

httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2010:0659 Updated httpd packages that fix two security issues and multiple bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring Syst...

RHEL 5 : httpd (RHSA-2010:0659)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0659 advisory. The Apache HTTP Server is a popular web server. A flaw was discovered in the way the modproxy module of the Apache HTTP Server handled the...

Moderate: Red Hat Security Advisory: httpd security and bug fix update

Updated httpd packages that fix two security issues and multiple bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

[SECURITY] Fedora 12 Update: php-5.3.3-1.fc12

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

[SECURITY] Fedora 13 Update: php-5.3.3-1.fc13

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

Mandriva Update for apache MDVSA-2010:152 (apache)

Check for the Version of apache OpenVAS Vulnerability Test Mandriva Update for apache MDVSA-2010:152 apache Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Mandriva Update for apache MDVSA-2010:153 (apache)

Check for the Version of apache OpenVAS Vulnerability Test Mandriva Update for apache MDVSA-2010:153 apache Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...