Moderate: Red Hat Security Advisory: apache security update

Updated Apache httpd packages that correct a security issue are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular and freely-available Web server. A flaw in modim...

RHEL 3 / 4 : httpd (RHSA-2006:0159)

Updated Apache httpd packages that correct three security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular and freely-available Web server. A memo...

httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2006:0159 Updated Apache httpd packages that correct three security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server i...

Moderate: Red Hat Security Advisory: httpd security update

Updated Apache httpd packages that correct three security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular and freely-available Web server. A memo...

CVE-2005-4814

Unrestricted file upload vulnerability in Segue CMS before 1.3.6, when the Apache HTTP Server handles .phtml files with the PHP interpreter, allows remote attackers to upload and execute arbitrary PHP code by placing .phtml files in the userfiles/ directory...

Apache HTTP Server 2.x < 2.0.50 Multiple DoS Vulnerabilities

Apache HTTP Server is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Apache HTTP Server 'mod_include' Privilege Escalation Vulnerability

The remote web server appears to be running a version of Apache HTTP Server that is older than version 1.3.33. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Apache HTTP Server UserDir Sensitive Information Disclosure

An information leak occurs on Apache HTTP Server based web servers whenever the UserDir module is enabled. The vulnerability allows an external attacker to enumerate existing accounts by requesting access to their home directory and monitoring the response. SPDX-FileCopyrightText: 2001 SecuriTeam...

Apache HTTP Server Connection Blocking Denial of Service Vulnerability

The remote web server appears to be running a version of Apache HTTP Server that is less that 2.0.49 or 1.3.31. These versions are vulnerable to a denial of service attack where a remote attacker can block new connections to the server by connecting to a listening socket on a rarely accessed port...

Apache HTTP Server Error Log Escape Sequence Injection Vulnerability

Apache HTTP Server allows the injection of arbitrary escape sequences into its error logs. SPDX-FileCopyrightText: 2004 George A. Theall Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Apache HTTP Server Remote Command Execution via .bat files

The Apache HTTP Server 2.0.x Win32 installation is shipped with a default script, /cgi-bin/test-cgi.bat, that allows an attacker to execute commands on the Apache server although it is reported that any .bat file could open this vulnerability. SPDX-FileCopyrightText: 2002 Matt Moore Some text...

Apache HTTP Server Multiple '/' Vulnerability - Active Check

Certain versions of Apache HTTP Server for Win32 have a bug wherein remote users can list directory entries. SPDX-FileCopyrightText: 2000 John Lampe Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Apache HTTP Server 2.0.x <= 2.0.39 Win32 Directory Traversal Vulnerability

Apache HTTP Server is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Apache HTTP Server Auth Module SQL Insertion Attack

This plugin checks whether the web server is using Apache Auth modules which are known to be vulnerable to SQL insertion attacks. SPDX-FileCopyrightText: 2001 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

PHP.EXE / Apache HTTP Server Win32 Arbitrary File Reading Vulnerability - Active Check

A configuration vulnerability exists for PHP.EXE cgi running on Apache HTTP Server for Win32 platforms. SPDX-FileCopyrightText: 2002 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Apache HTTP Server 'mod_ssl' Off By One Vulnerability

The remote host is using a version of modssl which is older than 2.8.10. This version is vulnerable to an off by one buffer overflow which may allow a user with write access to .htaccess files to execute arbitrary code on the system with permissions of the web server. SPDX-FileCopyrightText: 2002...

apache -- mod_imap cross-site scripting flaw

The Apache HTTP Server Project reports: A flaw in modimap when using the Referer directive with image maps. In certain site configurations a remote attacker could perform a cross-site scripting attack if a victim can be forced to visit a malicious URL using certain web browsers...

Apache, mod_ssl: Multiple vulnerabilities

Background The Apache HTTP server is one of the most popular web servers on the Internet. modssl provides SSL v2/v3 and TLS v1 support for Apache 1.3 and is also included in Apache 2. Description modssl contains a security issue when "SSLVerifyClient optional" is configured in the global virtual...

httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2005:608 Updated Apache httpd packages that correct two security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The Apache HTTP Server is ...

Important: Red Hat Security Advisory: httpd security update

Updated Apache httpd packages that correct two security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular and freely-available Web server. A flaw...