12 matches found
Moderate: Red Hat Security Advisory: JBoss Enterprise Web Server 1.0.2 update
JBoss Enterprise Web Server 1.0.2 is now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for...
Apache 2.2.x < 2.2.17 Multiple Vulnerabilities
According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.17. It is, therefore, affected by the following vulnerabilities : - Errors exist in the bundled expat library that may allow an attacker to crash the server when a buffer is over- read when parsing an...
Apache Httpd < 2.0.64 : apr_bridage_split_line DoS
A flaw was found in the aprbrigadesplitline function of the bundled APR-util library, used to process non-SSL requests. A remote attacker could send requests, carefully crafting the timing of individual bytes, which would slowly consume memory, potentially leading to a denial of service...
Apache Httpd < 2.2.17 : apr_bridage_split_line DoS
A flaw was found in the aprbrigadesplitline function of the bundled APR-util library, used to process non-SSL requests. A remote attacker could send requests, carefully crafting the timing of individual bytes, which would slowly consume memory, potentially leading to a denial of service...
Integer overflow
Multiple integer overflows in the Apache Portable Runtime APR library and the Apache Portable Utility library aka APR-util 0.9.x and 1.3.x allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via vectors that trigger crafted calls to the 1...
CVE-2004-0786
The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service child process crash via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool...
DEBIAN-CVE-2004-0786
The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service child process crash via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool...
CVE-2004-0786
The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service child process crash via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool...
Fedora Core 1 : apr-util-0.9.4-2.1 (2004-307)
Testing using the Codenomicon HTTP Test Tool performed by the Apache Software Foundation security group and Red Hat uncovered an input validation issue in the IPv6 URI parsing routines in the apr-util library. If a remote attacker sent a request including a carefully crafted URI, an httpd child...
Fedora Core 2 : apr-util-0.9.4-14.2 (2004-308)
Testing using the Codenomicon HTTP Test Tool performed by the Apache Software Foundation security group and Red Hat uncovered an input validation issue in the IPv6 URI parsing routines in the apr-util library. If a remote attacker sent a request including a carefully crafted URI, an httpd child...
Multiple Apache bugs
moddav DoS, local buffer overflows during config files parsing, potential buffer overflows in apr-util library...
apache -- apr_uri_parse IPv6 address handling vulnerability
The Apache Software Foundation Security Team discovered a programming error in the apr-util library function apruriparse. When parsing IPv6 literal addresses, it is possible that a length is incorrectly calculated to be negative, and this value is passed to memcpy. This may result in an exploitab...