CVE-2006-5752

Cross-site scripting XSS vulnerability in modstatus.c in the modstatus module in Apache HTTP Server httpd, when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browser...

httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2007:0533 Updated Apache httpd packages that correct two security issues and two bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP...

Moderate: Red Hat Security Advisory: httpd security update

Updated Apache httpd packages that correct two security issues and two bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A flaw was found in th...

httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2007:0556 Updated Apache httpd packages that correct three security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a...

httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2007:0534 Updated Apache httpd packages that correct two security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a...

CentOS 4 : httpd (CESA-2007:0534)

Updated Apache httpd packages that correct two security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A flaw was found in the Apache HTTP...

httpd scoreboard lack of PID protection

Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the workerscore and processscore arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."...

Moderate: Red Hat Security Advisory: httpd security update

Updated Apache httpd packages that correct three security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. The Apache HTTP Server did not...

Moderate: Red Hat Security Advisory: httpd security update

Updated Apache httpd packages that correct two security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A flaw was found in the Apache HTTP...

httpd mod_status XSS

Cross-site scripting XSS vulnerability in modstatus.c in the modstatus module in Apache HTTP Server httpd, when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browser...

Apache mod_rewrite LDAP URL buffer overflow

Added: 06/22/2007 CVE: CVE-2006-3747 BID: 19204 OSVDB: 27588 Background modrewrite is an Apache module which allows rule-based modification of URL requests. Problem An off-by-one buffer overflow vulnerability in modrewrite allows command execution when the escapeabsoluteuri function attempts to...

Apache mod_rewrite LDAP URL buffer overflow

Added: 06/22/2007 CVE: CVE-2006-3747 BID: 19204 OSVDB: 27588 Background modrewrite is an Apache module which allows rule-based modification of URL requests. Problem An off-by-one buffer overflow vulnerability in modrewrite allows command execution when the escapeabsoluteuri function attempts to...

Apache mod_rewrite LDAP URL buffer overflow

Added: 06/22/2007 CVE: CVE-2006-3747 BID: 19204 OSVDB: 27588 Background modrewrite is an Apache module which allows rule-based modification of URL requests. Problem An off-by-one buffer overflow vulnerability in modrewrite allows command execution when the escapeabsoluteuri function attempts to...

mod_perl security update

CentOS Errata and Security Advisory CESA-2007:0486-01 Updated modperl packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Modperl incorporates a Perl interpreter...

Important: Red Hat Security Advisory: mod_jk security update

Updated modjk packages that fix a security issue are now available for Red Hat Application Stack v1.1. This update has been rated as having Important security impact by the Red Hat Security Response Team. modjk is a Tomcat connector that can be used to communicate between Tomcat and the Apache HT...

Important: Red Hat Security Advisory: mod_jk security update

Updated modjk packages that fix a security issue are now available for Red Hat Application Server. This update has been rated as having Important security impact by the Red Hat Security Response Team. modjk is a Tomcat connector that can be used to communicate between Tomcat and the Apache HTTP...

tomcat directory traversal

Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...

[SECURITY] Fedora Core 6 Update: php-5.1.6-3.6.fc6

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

tomcat directory traversal

Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...

tomcat directory traversal

Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...