38 matches found
K52470083: Apache vulnerability CVE-2010-0408
Security Advisory Description The approxyajprequest function in modproxyajp.c in modproxyajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service backend server...
SOL52470083 - Apache vulnerability CVE-2010-0408
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
Oracle Linux 5 : httpd (ELSA-2010-0168)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2010-0168 advisory. 2.2.3-31.0.1.el54.4 - Replace index.html with Oracle's index page oracleindex.html - Update vstring and distro in specfile 2.2.3-31.4 - require and BR ...
Slackware Advisory SSA:2010-067-01 httpd
The remote host is missing an update as announced via advisory SSA:2010-067-01. OpenVAS Vulnerability Test $Id: esoftslkssa201006701.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...
Slackware: Security Advisory (SSA:2010-067-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : httpd on SL5.x i386/x86_64
CVE-2010-0408 httpd: modproxyajp remote temporary DoS CVE-2010-0434 httpd: request header information leak It was discovered that modproxyajp incorrectly returned an 'Internal Server Error' response when processing certain malformed requests, which caused the back-end server to be marked as faile...
CentOS Update for httpd CESA-2010:0168 centos5 i386
Check for the Version of httpd OpenVAS Vulnerability Test CentOS Update for httpd CESA-2010:0168 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
CentOS Update for httpd CESA-2010:0168 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SuSE 11 Security Update : Apache 2 (SAT Patch Number 2293)
The following bugs have been fixed : - When using a multithreaded MPM Apache could leak memory of requests handled by a different thread when processing subrequests. CVE-2010-0434 - Specially crafted requests could crash modproxyajp. CVE-2010-0408 %NASLMINLEVEL 70300 C Tenable Network Security,...
Apache 2.2.x < 2.2.15 Multiple Vulnerabilities
According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.15. It is, therefore, potentially affected by multiple vulnerabilities : - A TLS renegotiation prefix injection attack is possible. CVE-2009-3555 - The 'modproxyajp' module returns the wrong status cod...
SuSE 10 Security Update : Apache 2 (ZYPP Patch Number 6987)
The following bugs have been fixed : When using a multi-threaded MPM apache could leak memory of requests handled by a different thread when processing subrequests CVE-2010-0434. Specially crafted requests could crash modproxyajp. CVE-2010-0408 %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Security fix for the ALT Linux 8 package apache2 version 2.2.16-alt1
Sept. 16, 2010 Aleksey Avdeev 2.2.16-alt1 - 2.2.16 Closes: 23933 - Security fixes CVE-2009-3555, CVE-2010-0408, CVE-2010-0425, CVE-2010-043, CVE-2010-1452, CVE-2010-2068 - Updated messages a2en,dis: added an indication of the file Closes: 20932 - Move %apache2extraavailable/Directorydefault.conf....
Security fix for the ALT Linux 9 package apache2 version 2.2.16-alt1
Sept. 16, 2010 Aleksey Avdeev 2.2.16-alt1 - 2.2.16 Closes: 23933 - Security fixes CVE-2009-3555, CVE-2010-0408, CVE-2010-0425, CVE-2010-043, CVE-2010-1452, CVE-2010-2068 - Updated messages a2en,dis: added an indication of the file Closes: 20932 - Move %apache2extraavailable/Directorydefault.conf....
Fedora 11 : httpd-2.2.15-1.fc11.1 (2010-6131)
The Apache HTTP Server Project is proud to announce the release of version 2.2.15 of the Apache HTTP Server 'httpd'. This version is principally a security and bugfix release. Notably, this release was updated to reflect the OpenSSL Project's release 0.9.8m of the openssl library, and addresses...
Fedora Update for httpd FEDORA-2010-6055
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
RHEL 5 : httpd (RHSA-2010:0168)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0168 advisory. - httpd: modproxyajp remote temporary DoS CVE-2010-0408 - httpd: request header information leak CVE-2010-0434 Note that Nessus has not test...
Fedora Update for httpd FEDORA-2010-6131
Check for the Version of httpd OpenVAS Vulnerability Test Fedora Update for httpd FEDORA-2010-6131 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
openSUSE Security Update : apache2 (openSUSE-SU-2010:0165-1)
When using a multithreaded MPM apache could leak memory of requests handled by a different thread when processing subrequests CVE-2010-0434. Specially crafted requests could crash modproxyajp CVE-2010-0408. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package chec...
openSUSE Security Update : apache2 (openSUSE-SU-2010:0165-1)
When using a multithreaded MPM apache could leak memory of requests handled by a different thread when processing subrequests CVE-2010-0434. Specially crafted requests could crash modproxyajp CVE-2010-0408. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package chec...
Debian DSA-2035-1 : apache2 - multiple issues
Two issues have been found in the Apache HTTPD web server : - CVE-2010-0408 modproxyajp would return the wrong status code if it encountered an error, causing a backend server to be put into an error state until the retry timeout expired. A remote attacker could send malicious requests to trigger...