SuSE 11.2 Security Update : PHP5 (SAT Patch Number 6777)

This update fixes CVE-2011-1398 / CVE-2011-4388 header injection via CR. This update also changes the default configuration to use FilesMatch with 'SetHandler' rather than 'AddHandler' to protect weakly written web applications from content confusion. Since this is a hardening measure, no CVE was...

SuSE 11.1 Security Update : apache2-mod_python (SAT Patch Number 6247)

Apache2 modpython has been changed to enable randomized hashes to help fixing denial of service problems by injecting prepared values into Python hash functions. CVE-2012-1150 As some Python scripts might need a known hashing order, the old behaviour can be restored using a newly introduced modul...

Debian: Security Advisory (DSA-2579-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-2579-1 : apache2 - Multiple issues

A vulnerability has been found in the Apache HTTPD Server : - CVE-2012-4557 A flaw was found when modproxyajp connects to a backend server that takes too long to respond. Given a specific configuration, a remote attacker could send certain requests, putting a backend server into an error state...

[SECURITY] [DSA 2579-1] apache2 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2579-1 [email protected] http://www.debian.org/security/ Stefan Fritsch November 30, 2012 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2579-1] apache2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2579-1 [email protected] http://www.debian.org/security/ Stefan Fritsch November 30, 2012 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2579-1] apache2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2579-1 [email protected] http://www.debian.org/security/ Stefan Fritsch November 30, 2012 http://www.debian.org/security/faq -...

DSA-2579-1 apache2 - several

Bulletin has no description...

Ubuntu Update for apache2 USN-1627-1

Ubuntu Update for Linux kernel vulnerabilities USN-1627-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16271.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for apache2 USN-1627-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

Ubuntu: Security Advisory (USN-1627-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2012-4929

The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differenc...

SuSE 10 Security Update : PHP5 (ZYPP Patch Number 8264)

This update changes the default configuration to use FilesMatch with 'SetHandler' rather than 'AddHandler' to protect weakly written web applications from content confusion. Since this is a hardening measure, no CVE was assigned. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text...

SuSE 10 Security Update : apache2-mod_python (ZYPP Patch Number 8127)

Apache2 modpython has been changed to enable randomized hashes to help fixing denial of service problems by injecting prepared values into Python hash functions. CVE-2012-1150 As some Python scripts might need a known hashing order, the old behaviour can be restored using a newly introduced modul...

SuSE Update for apache2 openSUSE-SU-2012:0314-1 (apache2)

Check for the Version of apache2 OpenVAS Vulnerability Test $Id: gbsuse201203141.nasl 8253 2017-12-28 06:29:51Z teissa $ SuSE Update for apache2 openSUSE-SU-2012:0314-1 apache2 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This progr...

openSUSE: Security Advisory for apache2 (openSUSE-SU-2012:0314-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2012-0216

The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when modphp or modrivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting XSS...

CVE-2012-0216

The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when modphp or modrivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting XSS...

CVE-2012-0216

The CVE-2012-0216 entry concerns the Debian Apache2 package: when using mod_php or mod_rivet, the default config exposes example scripts under doc/ that can enable local XSS, privilege escalation, or information disclosure via localhost HTTP requests. Affected releases include Debian Squeeze (&lt...

CVE-2012-0216

The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when modphp or modrivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting XSS...

CVE-2012-0216

The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when modphp or modrivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting XSS...