Lucene search
K

33 matches found

F5 Networks
F5 Networks
added 2023/02/21 6:1 p.m.45 views

K40284849: Apache vulnerability CVE-2010-0434

Security Advisory Description The apreadrequest function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow...

4.3CVSS8.6AI score0.18443EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.27 views

Oracle Linux 4 : httpd (ELSA-2010-0175)

From Red Hat Security Advisory 2010:0175 : Updated httpd packages that fix one security issue, a bug, and add an enhancement are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring...

4.3CVSS7.8AI score0.18443EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.25 views

Oracle Linux 5 : httpd (ELSA-2010-0168)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2010-0168 advisory. 2.2.3-31.0.1.el54.4 - Replace index.html with Oracle's index page oracleindex.html - Update vstring and distro in specfile 2.2.3-31.4 - require and BR ...

5CVSS8.1AI score0.20787EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.37 views

Scientific Linux Security Update : httpd on SL5.x i386/x86_64

CVE-2010-0408 httpd: modproxyajp remote temporary DoS CVE-2010-0434 httpd: request header information leak It was discovered that modproxyajp incorrectly returned an 'Internal Server Error' response when processing certain malformed requests, which caused the back-end server to be marked as faile...

5CVSS7.9AI score0.20787EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.24 views

CentOS Update for httpd CESA-2010:0168 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.7AI score0.20787EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.26 views

CentOS Update for httpd CESA-2010:0168 centos5 i386

Check for the Version of httpd OpenVAS Vulnerability Test CentOS Update for httpd CESA-2010:0168 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

5CVSS8.8AI score0.20787EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2010/12/02 12:0 a.m.28 views

SuSE 11 Security Update : Apache 2 (SAT Patch Number 2293)

The following bugs have been fixed : - When using a multithreaded MPM Apache could leak memory of requests handled by a different thread when processing subrequests. CVE-2010-0434 - Specially crafted requests could crash modproxyajp. CVE-2010-0408 %NASLMINLEVEL 70300 C Tenable Network Security,...

5CVSS8AI score0.20787EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2010/10/20 12:0 a.m.5062 views

Apache 2.2.x < 2.2.15 Multiple Vulnerabilities

According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.15. It is, therefore, potentially affected by multiple vulnerabilities : - A TLS renegotiation prefix injection attack is possible. CVE-2009-3555 - The 'modproxyajp' module returns the wrong status cod...

10CVSS7.7AI score0.94248EPSS
Exploits27References8
Tenable Nessus
Tenable Nessus
added 2010/10/11 12:0 a.m.26 views

SuSE 10 Security Update : Apache 2 (ZYPP Patch Number 6987)

The following bugs have been fixed : When using a multi-threaded MPM apache could leak memory of requests handled by a different thread when processing subrequests CVE-2010-0434. Specially crafted requests could crash modproxyajp. CVE-2010-0408 %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

5CVSS8AI score0.20787EPSS
Exploits2References4
Kaspersky
Kaspersky
added 2010/09/23 12:0 a.m.155 views

KLA10386 Multiple vulnerabilities in VMware

Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to cause denial of service, inject arbitrary scripts, execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities 1. Insecure file...

10CVSS9.8AI score0.94248EPSS
Exploits21References5
Tenable Nessus
Tenable Nessus
added 2010/07/01 12:0 a.m.74 views

Fedora 11 : httpd-2.2.15-1.fc11.1 (2010-6131)

The Apache HTTP Server Project is proud to announce the release of version 2.2.15 of the Apache HTTP Server 'httpd'. This version is principally a security and bugfix release. Notably, this release was updated to reflect the OpenSSL Project's release 0.9.8m of the openssl library, and addresses...

9.8CVSS7.7AI score0.87264EPSS
Exploits15References7
OpenVAS
OpenVAS
added 2010/06/07 12:0 a.m.45 views

Fedora Update for httpd FEDORA-2010-6055

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

9.8CVSS7.5AI score0.87264EPSS
Exploits15References2
Tenable Nessus
Tenable Nessus
added 2010/05/11 12:0 a.m.38 views

RHEL 4 : httpd (RHSA-2010:0175)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2010:0175 advisory. The Apache HTTP Server is a popular web server. A use-after-free flaw was discovered in the way the Apache HTTP Server handled request headers in...

4.3CVSS7.9AI score0.18443EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2010/05/11 12:0 a.m.42 views

RHEL 5 : httpd (RHSA-2010:0168)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0168 advisory. - httpd: modproxyajp remote temporary DoS CVE-2010-0408 - httpd: request header information leak CVE-2010-0434 Note that Nessus has not test...

5CVSS8.1AI score0.20787EPSS
Exploits2References9
OpenVAS
OpenVAS
added 2010/05/07 12:0 a.m.45 views

Fedora Update for httpd FEDORA-2010-6131

Check for the Version of httpd OpenVAS Vulnerability Test Fedora Update for httpd FEDORA-2010-6131 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

5.8CVSS7.9AI score0.87264EPSS
Exploits15References2
Tenable Nessus
Tenable Nessus
added 2010/04/27 12:0 a.m.38 views

openSUSE Security Update : apache2 (openSUSE-SU-2010:0165-1)

When using a multithreaded MPM apache could leak memory of requests handled by a different thread when processing subrequests CVE-2010-0434. Specially crafted requests could crash modproxyajp CVE-2010-0408. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package chec...

5CVSS8AI score0.20787EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2010/04/27 12:0 a.m.30 views

openSUSE Security Update : apache2 (openSUSE-SU-2010:0165-1)

When using a multithreaded MPM apache could leak memory of requests handled by a different thread when processing subrequests CVE-2010-0434. Specially crafted requests could crash modproxyajp CVE-2010-0408. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package chec...

5CVSS8AI score0.20787EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2010/04/19 12:0 a.m.75 views

Debian DSA-2035-1 : apache2 - multiple issues

Two issues have been found in the Apache HTTPD web server : - CVE-2010-0408 modproxyajp would return the wrong status code if it encountered an error, causing a backend server to be put into an error state until the retry timeout expired. A remote attacker could send malicious requests to trigger...

5CVSS8AI score0.20787EPSS
Exploits2References5
Debian
Debian
added 2010/04/17 8:58 p.m.36 views

[SECURITY] [DSA-2035-1] New apache2 packages fix several issues

------------------------------------------------------------------------ Debian Security Advisory DSA-2035-1 [email protected] http://www.debian.org/security/ Stefan Fritsch April 17, 2010 http://www.debian.org/security/faq -...

5CVSS10AI score0.20787EPSS
Exploits2
OSV
OSV
added 2010/04/17 12:0 a.m.33 views

DSA-2035-1 apache2 - several issues

Bulletin has no description...

5CVSS8.6AI score0.20787EPSS
Exploits2
Rows per page
Query Builder