Security fix for the ALT Linux 10 package apache2 version 2.2.5-alt1

Aug. 18, 2007 Aleksey Avdeev 2.2.5-alt1 - 2.2.5 - Adding SECURITY to upstream old patchs removing: + CVE-2007-3847 + CVE-2007-1863 remove apache2-2.2.3-fedora-fix-CVE-2007-1863.patch + CVE-2007-3304 remove apache2-2.2.4-alt-fix-CVE-2007-3304.0.1.patch + CVE-2006-5752 remove...

Security fix for the ALT Linux 9 package apache2 version 2.2.5-alt1

Aug. 18, 2007 Aleksey Avdeev 2.2.5-alt1 - 2.2.5 - Adding SECURITY to upstream old patchs removing: + CVE-2007-3847 + CVE-2007-1863 remove apache2-2.2.3-fedora-fix-CVE-2007-1863.patch + CVE-2007-3304 remove apache2-2.2.4-alt-fix-CVE-2007-3304.0.1.patch + CVE-2006-5752 remove...

Security fix for the ALT Linux 8 package apache2 version 2.2.4-alt31

July 5, 2007 Aleksey Avdeev 2.2.4-alt31 - Using Fedora Project patchs for security fixes: + CVE-2006-5752 apache2-2.2.3-fedora-fix-CVE-2006-5752.patch + CVE-2007-1863 apache2-2.2.3-fedora-fix-CVE-2007-1863.patch + CVE-2007-3304 apache2-2.2.4-alt-fix-CVE-2007-3304.0.1.patch...

Security fix for the ALT Linux 10 package apache2 version 2.2.4-alt31

July 5, 2007 Aleksey Avdeev 2.2.4-alt31 - Using Fedora Project patchs for security fixes: + CVE-2006-5752 apache2-2.2.3-fedora-fix-CVE-2006-5752.patch + CVE-2007-1863 apache2-2.2.3-fedora-fix-CVE-2007-1863.patch + CVE-2007-3304 apache2-2.2.4-alt-fix-CVE-2007-3304.0.1.patch...

Security fix for the ALT Linux 8 package apache2 version 2.2.4-alt30

July 4, 2007 Aleksey Avdeev 2.2.4-alt30 - Add Fedora Project patchs for security fixes: + CVE-2006-5752 apache2-2.2.3-fedora-fix-CVE-2006-5752.patch + CVE-2007-1863 apache2-2.2.3-fedora-fix-CVE-2007-1863.patch + CVE-2007-3304 apache2-2.2.3-fedora-fix-CVE-2007-3304.patch...

Security fix for the ALT Linux 10 package apache2 version 2.2.4-alt30

July 4, 2007 Aleksey Avdeev 2.2.4-alt30 - Add Fedora Project patchs for security fixes: + CVE-2006-5752 apache2-2.2.3-fedora-fix-CVE-2006-5752.patch + CVE-2007-1863 apache2-2.2.3-fedora-fix-CVE-2007-1863.patch + CVE-2007-3304 apache2-2.2.3-fedora-fix-CVE-2007-3304.patch...

Security fix for the ALT Linux 9 package apache2 version 2.2.4-alt26

June 14, 2007 Aleksey Avdeev 2.2.4-alt26 - Fix CVE-2007-1862 see &LThttp://issues.apache.org/bugzilla/showbug.cgi?id=41551 + use apache2-2.2.4-asc-fix-CVE-2007-1862-0.1.patch + add Requires libapr1-devel = 1.2.8-alt1.2...

Security fix for the ALT Linux 8 package apache2 version 2.2.4-alt26

June 14, 2007 Aleksey Avdeev 2.2.4-alt26 - Fix CVE-2007-1862 see &LThttp://issues.apache.org/bugzilla/showbug.cgi?id=41551 + use apache2-2.2.4-asc-fix-CVE-2007-1862-0.1.patch + add Requires libapr1-devel = 1.2.8-alt1.2...

Security fix for the ALT Linux 10 package apache2 version 2.2.4-alt26

June 14, 2007 Aleksey Avdeev 2.2.4-alt26 - Fix CVE-2007-1862 see &LThttp://issues.apache.org/bugzilla/showbug.cgi?id=41551 + use apache2-2.2.4-asc-fix-CVE-2007-1862-0.1.patch + add Requires libapr1-devel = 1.2.8-alt1.2...

Vulnerability - cpCommerce - XSS

cpcommerce is a FOSS php-based e-commerce shopping cart web application. Exploit: Javascript placed inside a user's "Full Name:" field will not be stripped - it will be added to the database 'as-is' as long as it has no quotations in the string. When the admin goes to the clients view page, the...

SUSE-SA:2006:051: apache2

The remote host is missing the patch for the advisory SUSE-SA:2006:051 apache2. The web server Apache2 has been updated to fix several security issues: The security fix for CVE-2005-3357 denial of service broke the earlier security fix for SSL verification CVE-2005-2700. This problem has been...

On the Windows System to achieve the DDOS attack-vulnerability warning-the black bar safety net

First said we used to attack the client and server method of configuration, using the moment the most famous of REDHAT LINUX for testing, the present attack test I'm using FEDORA CORE3, the software is the most famousDDOSattack tool TFN2K LINUX Edition, is to attack the WINDOWS Server system is...

The use of LINUX systems with DDOS attacks for WINDOWS servers-vulnerability warning-the black bar safety net

Use the moment the most famous of the REDHAT LINUX test,the present attack test I'm using FEDORA CORE3 ,software is the most famousDDOSattack tool TFN2K LINUX version,is to attack the WINDOWS Server system is using Windows 2000 Server service open APACHE2 FTP VNC little relationship,mainly to...

Debian DSA-1132-1 : apache2 - buffer overflow

Mark Dowd discovered a buffer overflow in the modrewrite component of apache, a versatile high-performance HTTP server. In some situations a remote attacker could exploit this to execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks i...

[SECURITY] [DSA 1000-1] New Apache2::Request packages fix denial of service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1000-1 [email protected] http://www.debian.org/security/ Martin Schulze March 14th, 2006 http://www.debian.org/security/faq -...

CVE-2006-0042

Unspecified vulnerability in 1 apreqparseheaders and 2 apreqparseurlencoded functions in Apache2::Request Libapreq2 before 2.07 allows remote attackers to cause a denial of service CPU consumption via unknown attack vectors that result in quadratic computational complexity...

Ubuntu 4.10 / 5.04 / 5.10 : apache2, apache vulnerabilities (USN-241-1)

The 'modimap' module which provides support for image maps did not properly escape the 'referer' URL which rendered it vulnerable against a cross-site scripting attack. A malicious web page or HTML email could trick a user into visiting a site running the vulnerable modimap, and employ...

Ubuntu 4.10 : apache2 bug fix (USN-173-3)

USN-173-2 fixed a vulnerability in Apache's regular expression parser. However, the packages from that advisories had a bug that prevented Apache from starting. This update fixes this. We apologize for the inconvenience!. Note that Tenable Network Security has extracted the preceding description...

Ubuntu 4.10 / 5.04 : apache2, libapache-mod-ssl vulnerabilities (USN-177-1)

Apache did not honour the 'SSLVerifyClient require' directive within a block if the surrounding block contained a directive 'SSLVerifyClient optional'. This allowed clients to bypass client certificate validation on servers with the above configuration. CAN-2005-2700 Filip Sneppe discovered a...

Ubuntu 4.10 : apache2 vulnerability (USN-23-1)

Chintan Trivedi discovered a Denial of Service vulnerability in apache2. The field length limit was not enforced for certain malicious requests. This could allow a remote attacker who is able to send large amounts of data to a server to cause HTTP server instances to consume proportional amounts ...