1041 matches found
Debian DSA-3896-1 : apache2 - security update
Several vulnerabilities have been found in the Apache HTTPD server. - CVE-2017-3167 Emmanuel Dreyfus reported that the use of apgetbasicauthpw by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. - CVE-2017-3169 Vasileios Panopoulos of...
[SECURITY] [DSA 3896-1] apache2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3896-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 22, 2017 https://www.debian.org/security/faq -...
DSA-3896-1 apache2 - security update
Bulletin has no description...
Automated ettercap TCP/IP Hijacking Tool: Morpheus
morpheus framework automates tcp/udp packet manipulation tasks by using etter filters to manipulate target requests/responses under MitM attacks replacing the tcp/udp packet contents by our contents befor forward the packet back to the target host… workflow: 1. attacker - arp poison local lan mit...
Security fix for the ALT Linux 9 package apache2 version 1:2.4.25-alt1
May 18, 2017 Anton Farygin 1:2.4.25-alt1 - updated to 2.4.25 witch security fixes: + CVE-2016-8740 modhttp2: Mitigate DoS memory exhaustion via endless CONTINUATION frames. + CVE-2016-5387 core: Mitigate fcgi "httpoxy" issues + CVE-2016-2161 modauthdigest: Prevent segfaults during client entry...
Security fix for the ALT Linux 10 package apache2 version 1:2.4.25-alt1
May 18, 2017 Anton Farygin 1:2.4.25-alt1 - updated to 2.4.25 witch security fixes: + CVE-2016-8740 modhttp2: Mitigate DoS memory exhaustion via endless CONTINUATION frames. + CVE-2016-5387 core: Mitigate fcgi "httpoxy" issues + CVE-2016-2161 modauthdigest: Prevent segfaults during client entry...
Ubuntu: Security Advisory (USN-3279-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : apache2 (openSUSE-2017-417)
This update for apache2 provides the following fixes : Security issues fixed : - CVE-2016-0736: Protect modsessioncrypto data with a MAC to prevent padding oracle attacks bsc1016712. - CVE-2016-2161: Malicious input to modauthdigest could have caused the server to crash, resulting in DoS...
openSUSE Security Update : apache2 (openSUSE-2017-416)
This update for apache2 fixes the following security issues : Security issues fixed : - CVE-2016-0736: Protect modsessioncrypto data with a MAC to prevent padding oracle attacks bsc1016712. - CVE-2016-2161: Malicious input to modauthdigest could have caused the server to crash, resulting in DoS...
SUSE SLES12 Security Update : apache2 (SUSE-SU-2017:0797-1)
This update for apache2 fixes the following security issues: Security issues fixed : - CVE-2016-0736: Protect modsessioncrypto data with a MAC to prevent padding oracle attacks bsc1016712. - CVE-2016-2161: Malicious input to modauthdigest could have caused the server to crash, resulting in DoS...
SUSE SLES12 Security Update : apache2 (SUSE-SU-2017:0801-1)
This update for apache2 provides the following fixes: Security issues fixed : - CVE-2016-0736: Protect modsessioncrypto data with a MAC to prevent padding oracle attacks bsc1016712. - CVE-2016-2161: Malicious input to modauthdigest could have caused the server to crash, resulting in DoS bsc101671...
SUSE SLES11 Security Update : apache2 (SUSE-SU-2017:0729-1)
This update for apache2 fixes the following issues: Security issues fixed : - CVE-2016-2161: Malicious input to modauthdigest could have caused the server to crash, resulting in DoS bsc1016714. - CVE-2016-8743: Added new directive 'HttpProtocolOptions Strict' to avoid proxy chain misinterpretatio...
SUSE-SU-2017:0729-1 Security update for apache2
This update for apache2 fixes the following issues: Security issues fixed: - CVE-2016-2161: Malicious input to modauthdigest could have caused the server to crash, resulting in DoS bsc1016714. - CVE-2016-8743: Added new directive 'HttpProtocolOptions Strict' to avoid proxy chain misinterpretation...
Debian DLA-841-2 : apache2 regression update
The fix for CVE-2016-8743 introduced a regression which would segfault apache workers under certain conditions 858373, an issue similar to previously fixed CVE-2015-0253. The issue was introduced in DLA-841-1 and the associated 2.2.22-13+deb7u8 package version. For Debian 7 'Wheezy', these proble...
[SECURITY] [DLA 841-1] apache2 security update
Package : apache2 Version : 2.2.22-13+deb7u8 CVE ID : CVE-2016-8743 This upload fixes a security vulnerability in the header parsing code. David Dennerline, of IBM Securitys X-Force Researchers, and Régis Leroy discovered problems in the way Apache handled a broad pattern of unusual whitespace...
DLA-841-1 apache2 - security update
Bulletin has no description...
[SECURITY] [DSA 3796-1] apache2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3796-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 26, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3796-1] apache2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3796-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 26, 2017 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3796-1 (apache2 - security update)
Several vulnerabilities were discovered in the Apache2 HTTP server. CVE-2016-0736 RedTeam Pentesting GmbH discovered that modsessioncrypto was vulnerable to padding oracle attacks, which could allow an attacker to guess the session cookie. CVE-2016-2161 Maksim Malyutin discovered that malicious...
Debian: Security Advisory (DSA-3796-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...