HP-UX PHSS_32363 : s700_800 11.04 Webproxy server 2.0 update

s700800 11.04 Webproxy server 2.0 update : Two security vulnerabilities have been reported in Apache HTTP server http://httpd.apache.org/ versions prior to Apache 1.3.33 that may allow a Denial of Service DoS attack and execution of arbitrarty code. %NASLMINLEVEL 70300 C Tenable Network Security,...

HP-UX PHSS_30057 : HPSBUX0310-284 SSRT3622 rev.3 HP-UX Apache HTTP Server Denial of Service,unauthorized access

s700800 11.04 Virtualvault 4.7 TGP update : Potential Apache HTTP server vulnerabilities have been reported: CVE-2003-0545 CVE-2003-0543 CVE-2003-0544 CERT VU935264 CERT VU255484 CERT VU255484 CERT VU686224 CERT VU732952 CERT VU104280 http://www.openssl.org/news/secadv/20030930.txt. %NASLMINLEVEL...

HP-UX PHSS_32140 : s700_800 11.04 Virtualvault 4.7 IWS update

s700800 11.04 Virtualvault 4.7 IWS update : Two security vulnerabilities have been reported in Apache HTTP server http://httpd.apache.org/ versions prior to Apache 1.3.33 that may allow a Denial of Service DoS attack and execution of arbitrarty code. %NASLMINLEVEL 70300 C Tenable Network Security...

HP-UX PHSS_29690 : HPSBUX0310-284 SSRT3622 rev.3 HP-UX Apache HTTP Server Denial of Service,unauthorized access

s700800 11.04 Virtualvault 4.5 OWS update : Potential Apache HTTP server vulnerabilities have been reported: CVE-2003-0545 CVE-2003-0543 CVE-2003-0544 CERT VU935264 CERT VU255484 CERT VU255484 CERT VU686224 CERT VU732952 CERT VU104280 http://www.openssl.org/news/secadv/20030930.txt. %NASLMINLEVEL...

CVE-2004-2343

Apache HTTP Server 2.0.47 and earlier allows local users to bypass .htaccess file restrictions, as specified in httpd.conf with directives such as Deny From All, by using an ErrorDocument directive. NOTE: the vendor has disputed this issue, since the .htaccess mechanism is only intended to restri...

Moderate: Red Hat Security Advisory: apache, mod_ssl security update for Stronghold

Updated versions of cross-platform Stronghold that fix security issues in modssl and the Apache HTTP Server are now available. Stronghold 4 contains a number of open source technologies, including modssl and the Apache HTTP Server. A buffer overflow in the gettag function in modinclude for Apache...

Moderate: Red Hat Security Advisory: apache, mod_ssl security update

Updated apache and modssl packages that fix various minor security issues and bugs in the Apache Web server are now available for Red Hat Enterprise Linux 2.1. The Apache HTTP Server is a powerful, full-featured, efficient, and freely-available Web server. The modssl module provides strong...

Important: Red Hat Security Advisory: httpd security update

Updated httpd packages that include fixes for two security issues, as well as other bugs, are now available. The Apache HTTP server is a powerful, full-featured, efficient, and freely-available Web server. An issue has been discovered in the modssl module when configured to use the "SSLCipherSuit...

Apache 2.0: Denial of Service by memory consumption

Background The Apache HTTP Server is one of the most popular web servers on the Internet. Description Chintan Trivedi discovered a vulnerability in Apache httpd 2.0 that is caused by improper enforcing of the field length limit in the header-parsing code. Impact By sending a large amount of...

Apache 2, mod_ssl: Bypass of SSLCipherSuite directive

Background The Apache HTTP server is one of the most popular web servers on the internet. modssl provides SSL v2/v3 and TLS v1 support for Apache 1.3 and is also included in Apache 2. Description A flaw has been found in modssl where the "SSLCipherSuite" directive could be bypassed in certain...

Apache: Exposure of protected directories

Background The Apache HTTP server is one of most popular web servers on the Internet. Description A bug in the way Apache handles the Satisfy directive, which is used to require that certain conditions client host, client authentication, etc be met before access to a certain directory is granted,...

Apache vulnerable to buffer overflow when expanding environment variables

Overview There is a buffer overflow vulnerability in apresolveenv function of Apache that could allow a local user to gain elevated privileges. Description The Apache HTTP Server is a freely available web server that runs on a variety of operating systems including Unix, Linux, and Microsoft...

[ANNOUNCE] Apache HTTP Server 2.0.51 Released

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Apache Software Foundation and the The Apache HTTP Server Project are pleased to announce the release of version 2.0.51 of the Apache HTTP Server "Apache". This Announcement notes the significant changes in 2.0.51 as compared to 2.0.50. This versi...

Apache 2, mod_dav: Multiple vulnerabilities

Background The Apache HTTP server is one of most popular web servers on the internet. modssl provides SSL v2/v3 and TLS v1 support for it and moddav is the Apache module for Distributed Authoring and Versioning DAV. Description A potential infinite loop has been found in the input filter of modss...

Moderate: Red Hat Security Advisory: httpd security update

Updated httpd packages that include fixes for security issues are now available. The Apache HTTP server is a powerful, full-featured, efficient, and freely-available Web server. Four issues have been discovered affecting releases of the Apache HTTP 2.0 Server, up to and including version 2.0.50:...

RHEL 3 : httpd (RHSA-2004:463)

Updated httpd packages that include fixes for security issues are now available. The Apache HTTP server is a powerful, full-featured, efficient, and freely-available Web server. Four issues have been discovered affecting releases of the Apache HTTP 2.0 Server, up to and including version 2.0.50 :...

Important: Red Hat Security Advisory: httpd security update

Updated httpd packages that include a security fix for modssl and various enhancements are now available. The Apache HTTP server is a powerful, full-featured, efficient, and freely-available Web server. An input filter bug in modssl was discovered in Apache httpd version 2.0.50 and earlier. A...

RHEL 3 : httpd (RHSA-2004:349)

Updated httpd packages that include a security fix for modssl and various enhancements are now available. The Apache HTTP server is a powerful, full-featured, efficient, and freely-available Web server. An input filter bug in modssl was discovered in Apache httpd version 2.0.50 and earlier. A...

Apache HTTP Server < 2.0.49 mod_ssl Plain HTTP Request DoS

Binary data 1205.prm...

RHEL 3 : php (RHSA-2004:392)

Updated php packages that fix various security issues are now available. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP server. Stefan Esser discovered a flaw when memorylimit is enabled in versions of PHP 4 before 4.3.8. If a remote attacker could force the PHP...