13 matches found
SLES9: Security update for apache and mod_ssl
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache modssl For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5018822 within t...
SLES9: Security update for apache and mod_ssl
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache modssl For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5018822 within t...
FreeBSD Ports: apache
The remote host is missing an update to the system as announced in the referenced advisory. VID 651996e0-fe07-11d9-8329-000e0c2e438a OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
Debian Security Advisory DSA 805-1 (apache2)
The remote host is missing an update to apache2 announced via advisory DSA 805-1. Several problems have been discovered in Apache2, the next generation, scalable, extendable web server. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-1268 Marc Stern...
CentOS 3 / 4 : httpd (CESA-2005:582)
Updated Apache httpd packages to correct two security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a powerful, full-featured, efficient, and...
HP-UX PHSS_34169 : HP-UX VirtualVault running Apache 1.3.X Remote Unauthorized Access (HPSBUX02101 SSRT051128 rev.1)
s700800 11.04 Virtualvault 4.7 IWS update : A security vulnerability has been identified in Apache HTTP server versions prior to Apache 1.3.34 that may allow HTTP Request Splitting/Spoofing attacks, resulting in remote unauthorized access. References: Apache HTTP Server version 1.3.34 announcemen...
HP-UX PHSS_34204 : HP-UX VirtualVault running Apache 1.3.X Remote Unauthorized Access (HPSBUX02101 SSRT051128 rev.1)
s700800 11.04 Webproxy server 2.0 update : A security vulnerability has been identified in Apache HTTP server versions prior to Apache 1.3.34 that may allow HTTP Request Splitting/Spoofing attacks, resulting in remote unauthorized access. References: Apache HTTP Server version 1.3.34 announcement...
Mandrake Linux Security Advisory : apache (MDKSA-2005:130)
Watchfire reported a flaw that occured when using the Apache server as a HTTP proxy. A remote attacker could send an HTTP request with both a 'Transfer-Encoding: chunked' header and a 'Content-Length' header which would cause Apache to incorrectly handle and forward the body of the request in a w...
Mandrake Linux Security Advisory : apache2 (MDKSA-2005:129)
Marc Stern reported an off-by-one overflow in the modssl CRL verification callback which can only be exploited if the Apache server is configured to use a malicious certificate revocation list CVE-2005-1268. Watchfire reported a flaw that occured when using the Apache server as a HTTP proxy. A...
SUSE-SA:2005:046: apache,apache2
The remote host is missing the patch for the advisory SUSE-SA:2005:046 apache,apache2. A security flaw was found in the Apache and Apache2 web servers which allows remote attacker to 'smuggle' requests past filters by providing handcrafted header entries. Fixed Apache 2 server packages were...
Fedora Core 3 : httpd-2.0.53-3.2 (2005-638)
This update includes version 2.0.53 of the Apache HTTP server, and also adds security fixes for CVE-2005-2088 and CVE-2005-1268. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clea...
CVE-2005-2088
The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Lengt...
CVE-2005-2088
The CVE-2005-2088 vulnerability affects the Apache HTTP Server when acting as an HTTP proxy. Specifically, versions before 1.3.34 and 2.0.x before 2.0.55 are susceptible. The issue arises from handling a request containing both Transfer-Encoding: chunked and Content-Length, causing the body to be...