Fedora 13 : httpd-2.2.15-1.fc13 (2010-5942)

The Apache HTTP Server Project is proud to announce the release of version 2.2.15 of the Apache HTTP Server 'httpd'. This version is principally a security and bugfix release. Notably, this release was updated to reflect the OpenSSL Project's release 0.9.8m of the openssl library, and addresses...

Fedora 11 : httpd-2.2.15-1.fc11.1 (2010-6131)

The Apache HTTP Server Project is proud to announce the release of version 2.2.15 of the Apache HTTP Server 'httpd'. This version is principally a security and bugfix release. Notably, this release was updated to reflect the OpenSSL Project's release 0.9.8m of the openssl library, and addresses...

Apache HTTP Server mod_negotiation Filename Handling Cross Site Scripting (CVE-2008-0455)

Apache HTTP server is a web server application that has a very broad user base. The software is made compliant to most W3C standards and recommendation. Apache HTTP server has a modular framework for developing and loading feature extension modules. Some of the Apache HTTP server features are...

Apache mod_proxy_http模块超时处理信息泄露漏洞

BUGTRAQ ID: 40827 CVE ID: CVE-2010-2068 Apache HTTP Server是一款流行的Web服务器。 Apache HTTP Server的modproxyhttp模块中的modproxyhttp.c文件没有正确地检测超时，在某些超时情况下服务器可能返回属于其他用户的响应，导致泄漏敏感信息。仅有可触发使用代理worker池的配置才受影响。 Apache 2.2.x 厂商补丁： Apache Group ------------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Design/Logic Flaw

modproxyhttp.c in modproxyhttp in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive...

CVE-2010-2068

modproxyhttp.c in modproxyhttp in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive...

CVE-2010-2068

modproxyhttp.c in modproxyhttp in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive...

CVE-2010-2068

CVE-2010-2068 affects Apache HTTP ServerAffected: mod_proxy_http.c in Apache HTTP Server 2.2.9–2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, OS/2 in certain proxy worker pool configurations.Root cause: timeout handling in mod_proxy_http did not correctly detect timeouts, allowing a re...

Fedora Update for httpd FEDORA-2010-6055

Check for the Version of httpd OpenVAS Vulnerability Test Fedora Update for httpd FEDORA-2010-6055 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

[SECURITY] Fedora 12 Update: httpd-2.2.15-1.fc12.2

The Apache HTTP Server is a powerful, efficient, and extensible web server...

Apache HTTP Server mod_isapi Dangling Pointer Remote Code Execution (CVE-2010-0425)

Apache HTTP server is a popular web server that is capable of being utilized with many different options and configurations, with a wide variety of plug-in modules which are loaded at run-time to extend its functionality. One of the technologies supported by Apache HTTP server is Internet Server...

RHEL 4 : httpd (RHSA-2010:0175)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2010:0175 advisory. The Apache HTTP Server is a popular web server. A use-after-free flaw was discovered in the way the Apache HTTP Server handled request headers in...

Moderate: Red Hat Security Advisory: httpd and httpd22 security and enhancement update

Updated httpd and httpd22 packages that fix two security issues and add one enhancement are now available for JBoss Enterprise Web Server 1.0.1 for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability...

[SECURITY] Fedora 11 Update: httpd-2.2.15-1.fc11.1

The Apache HTTP Server is a powerful, efficient, and extensible web server...

[SECURITY] Fedora 13 Update: httpd-2.2.15-1.fc13

The Apache HTTP Server is a powerful, efficient, and extensible web server...

CVE-2010-1151

Race condition in the modauthshadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interaction with an external helper application for validation of credentials...

Race condition

Race condition in the modauthshadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interaction with an external helper application for validation of credentials...

CVE-2010-1151

Race condition in the modauthshadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interaction with an external helper application for validation of credentials...

CVE-2010-1151

Race condition in the modauthshadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interaction with an external helper application for validation of credentials...

CVE-2010-1151

CVE-2010-1151 affects the Apache mod_auth_shadow module. A race condition related to the external helper validation path can bypass authentication, potentially allowing unauthorized read/modify of data. Fedora advisories state the fix addresses a bad wait(2) call that causes randomized authorizat...