[SECURITY] [DSA 2298-2] apache2 regression fix

------------------------------------------------------------------------- Debian Security Advisory DSA-2298-2 [email protected] http://www.debian.org/security/ Stefan Fritsch September 05, 2011 http://www.debian.org/security/faq -...

apache2: Fixed a remote denial of service via byte-ranges (important)

This update fixes a remote denial of service bug memory exhaustion in the Apache 2 HTTP server, that could be triggered by remote attackers using multiple overlapping Request Ranges . CVE-2011-3192...

Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : apache2 vulnerability (USN-1199-1)

A flaw was discovered in the byterange filter in Apache. A remote attacker could exploit this to cause a denial of service via resource exhaustion. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to...

Security fix for the ALT Linux 10 package apache2 version 2.2.20-alt1

Aug. 31, 2011 Aleksey Avdeev 2.2.20-alt1 - 2.2.20 - Security fixes CVE-2011-3192 - Update patchset itk for apache2.2-mpm-itk-2.2.17-01...

Security fix for the ALT Linux 9 package apache2 version 2.2.20-alt1

Aug. 31, 2011 Aleksey Avdeev 2.2.20-alt1 - 2.2.20 - Security fixes CVE-2011-3192 - Update patchset itk for apache2.2-mpm-itk-2.2.17-01...

Security fix for the ALT Linux 8 package apache2 version 2.2.20-alt1

Aug. 31, 2011 Aleksey Avdeev 2.2.20-alt1 - 2.2.20 - Security fixes CVE-2011-3192 - Update patchset itk for apache2.2-mpm-itk-2.2.17-01...

SuSE 10 Security Update : apache2-mod_auth_mysql (ZYPP Patch Number 7682)

This update of apache2-modauthmysql fixes a possible SQL injection vulnerability that can be exploited using multibyte character encoding. CVE-2008-2384: CVSS v2 Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N: SQL Injection. CWE-89 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text...

Debian DSA-2298-2 : apache2 - denial of service

Two issues have been found in the Apache HTTPD web server : - CVE-2011-3192 A vulnerability has been found in the way the multiple overlapping ranges are handled by the Apache HTTPD server. This vulnerability allows an attacker to cause Apache HTTPD to use an excessive amount of memory, causing a...

DSA-2298-1 apache2 - denial of service

Bulletin has no description...

apache2-mod_fcgid: fixed possible stack overflow due to wrong pointer arithmetic (CVE-2010-3872) (important)

A possible stack overflow in apache2-modfcgid due to wrong pointer arithmetic has been fixed. CVE-2010-3872 has been assigned to this issue...

[Manual] Безопасный web-сервер. (chroot,mod-security2,etc)

1. Теория 1.0. Постановка задачи Нам требуется построить максимально безопасный web-сервер на основе минимального дистрибьютива Ubuntu, а именно: 1. Создать chroot "песочницу" с помощью debootstrap 2. Установить в песочнице apache2, php5, mysql 3. Установить и настроить mod-security2, а также...

Ubuntu: Security Advisory (USN-1134-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 2237-2] apr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2237-2 [email protected] http://www.debian.org/security/ Stefan Fritsch May 21, 2011 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 2202-1 (apache2)

The remote host is missing an update to apache2 announced via advisory DSA 2202-1. OpenVAS Vulnerability Test $Id: deb22021.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2202-1 apache2 Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

Debian: Security Advisory (DSA-2202-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:1012-1)

Insufficient handling of certain character sequences in the utf8decode function could be leveraged to conduct cross-site-scripting XSS attacks CVE-2010-3870. php5 could also consume large amounts of memory and crash if a long mail address was passed to filtervar with parmeter FILTERVALIDATEEMAIL...

openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:1012-1)

Insufficient handling of certain character sequences in the utf8decode function could be leveraged to conduct cross-site-scripting XSS attacks CVE-2010-3870. php5 could also consume large amounts of memory and crash if a long mail address was passed to filtervar with parmeter FILTERVALIDATEEMAIL...

openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0276-1)

php5 was updated to fix several security issues. CVE-2010-3709, CVE-2010-4150, CVE-2010-4645, CVE-2010-4697, CVE-2010-4698, CVE-2010-4699, CVE-2010-4700, CVE-2011-0752, CVE-2011-0753, CVE-2011-0755,CVE-2011-0708, CVE-2011-0420 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

SuSE 10 Security Update : PHP5 (ZYPP Patch Number 7375)

php5 was updated to fix several security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. if NASLLEVEL 3000 exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid53285; scriptversion"1.7";...

[SECURITY] [DSA 2202-1] apache2 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2202-1 [email protected] http://www.debian.org/security/ Stefan Fritsch March 23, 2011 http://www.debian.org/security/faq -...