Debian DSA-2452-1 : apache2 - insecure default configuration

Niels Heinen noticed a security issue with the default Apache configuration on Debian if certain scripting modules like modphp or modrivet are installed. The problem arises because the directory /usr/share/doc, which is mapped to the URL /doc, may contain example scripts that can be executed by...

[SECURITY] [DSA 2452-1] apache2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2452-1 [email protected] http://www.debian.org/security/ Stefan Fritsch April 15, 2012 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2452-1] apache2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2452-1 [email protected] http://www.debian.org/security/ Stefan Fritsch April 15, 2012 http://www.debian.org/security/faq -...

SuSE 10 Security Update : Apache2 (ZYPP Patch Number 7972)

This update of apache fixes regressions and several security problems : - Fixed a scoreboard corruption shared mem segment by child causes crash of privileged parent invalid free during shutdown. bnc741243, CVE-2012-0031 - Fixed an issue in error responses that could expose 'httpOnly' cookies whe...

apache2: fixed various security bugs (important)

This update of apache2 fixes regressions and several security problems: bnc728876, fix graceful reload bnc741243, CVE-2012-0031: Fixed a scoreboard corruption shared mem segment by child causes crash of privileged parent invalid free during shutdown. bnc743743, CVE-2012-0053: Fixed an issue in...

Ubuntu: Security Advisory (USN-1368-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for apache2 USN-1368-1

Ubuntu Update for Linux kernel vulnerabilities USN-1368-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN13681.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for apache2 USN-1368-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

SuSE 11.1 Security Update : Apache2 (SAT Patch Number 5760)

This update of apache2 and libapr1 fixes regressions and several security problems. - Fixed a scoreboard corruption shared mem segment by child causes crash of privileged parent invalid free during shutdown. CVE-2012-0031 - Fixed an issue in error responses that could expose 'httpOnly' cookies wh...

WampServer 2.2c Cross Site Scripting

WampServer = 2.2c lang Remote Cross-Site Scripting Vulnerability Vendor: Alter Way Product web page: http://www.wampserver.com Affected version: = 2.2c 32/64bit Summary: WampServer is a Windows web development environment. It allows you to create web applications with Apache2, PHP and a MySQL...

WampServer <= 2.2c (lang) Remote Cross-Site Scripting Vulnerability

Summary WampServer is a Windows web development environment. It allows you to create web applications with Apache2, PHP and a MySQL database. Description WampServer is vulnerable to cross-site scripting vulnerability. This issue is due to the application's failure to properly sanitize user-suppli...

Debian: Security Advisory (DSA-2405-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 2405-1 (apache2)

The remote host is missing an update to apache2 announced via advisory DSA 2405-1. OpenVAS Vulnerability Test $Id: deb24051.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2405-1 apache2 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

[SECURITY] [DSA 2405-1] apache2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2405-1 [email protected] http://www.debian.org/security/ Stefan Fritsch February 06, 2012 http://www.debian.org/security/faq -...

Security fix for the ALT Linux 8 package apache2 version 2.2.22-alt1

Feb. 2, 2012 Aleksey Avdeev 2.2.22-alt1 - 2.2.22 - Security fixes CVE-2011-3368, CVE-2011-3607, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053...

Security fix for the ALT Linux 9 package apache2 version 2.2.22-alt1

Feb. 2, 2012 Aleksey Avdeev 2.2.22-alt1 - 2.2.22 - Security fixes CVE-2011-3368, CVE-2011-3607, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053...

Security fix for the ALT Linux 10 package apache2 version 2.2.22-alt1

Feb. 2, 2012 Aleksey Avdeev 2.2.22-alt1 - 2.2.22 - Security fixes CVE-2011-3368, CVE-2011-3607, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053...

[SECURITY] [DSA 2365-1] dtc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2365-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 18, 2011 http://www.debian.org/security/faq -...

SuSE 10 Security Update : Apache2 (ZYPP Patch Number 7882)

This update fixes several security issues in the Apache2 webserver. - This update also includes several fixes for a modproxy reverse exposure via RewriteRule or ProxyPassMatch directives. CVE-2011-3639 / CVE-2011-3368 / CVE-2011-4317 - Fixed the SSL renegotiation DoS by disabling renegotiation by...

SuSE 11.1 Security Update : Apache2 (SAT Patch Number 5482)

This update fixes several security issues in the Apache2 webserver. - This update also includes several fixes for a modproxy reverse exposure via RewriteRule or ProxyPassMatch directives. CVE-2011-3639 / CVE-2011-3368 / CVE-2011-4317 - Fixed the SSL renegotiation DoS by disabling renegotiation by...

SuSE 10 Security Update : apache2-mod_auth_mysql (ZYPP Patch Number 7683)

This update of apache2-modauthmysql fixes a possible SQL injection vulnerability that can be exploited using multibyte character encoding. CVE-2008-2384: CVSS v2 Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N: SQL Injection. CWE-89 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text...