14 matches found
Linux Distros Unpatched Vulnerability : CVE-2010-2068
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - modproxyhttp.c in modproxyhttp in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain...
F5 Networks BIG-IP : Apache HTTPD vulnerability (K23332326)
modproxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in...
HP/HPE System Management Homepage (SMH) Multiple Vulnerabilities (HPSBMU02764)
HP/HPE System Management Homepage SMH is prone to multiple vulnerabilities. Copyright C 2012 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...
Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001)
This host is missing an important security update according to Mac OS X 10.6.6 Update/Mac OS X Security Update 2011-001. OpenVAS Vulnerability Test $Id: secpodmacosxsu11-001.nasl 7015 2017-08-28 11:51:24Z teissa $ Mac OS X v10.6.6 Multiple Vulnerabilities 2011-001 Authors: Antu Sanadi Copyright:...
Mac OS X Multiple Vulnerabilities (Security Update 2011-001)
The remote host is running a version of Mac OS X 10.5 that does not have Security Update 2011-001 applied. This security update contains fixes for the following products : - Apache - bzip2 - ClamAV - ImageIO - Kerberos - Libinfo - libxml - Mailman - PHP - QuickLook - Ruby - X11 C Tenable Network...
[security bulletin] HPSBMA02568 SSRT100219 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS), HTTP Response Splitting, and Other Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02512995 Version: 1 HPSBMA02568 SSRT100219 rev.1 - HP System Management Homepage SMH for Linux and Windows, Remote Cross Site Scripting XSS, HTTP Response Splitting, and Other Vulnerabilities...
Security fix for the ALT Linux 9 package apache2 version 2.2.16-alt1
Sept. 16, 2010 Aleksey Avdeev 2.2.16-alt1 - 2.2.16 Closes: 23933 - Security fixes CVE-2009-3555, CVE-2010-0408, CVE-2010-0425, CVE-2010-043, CVE-2010-1452, CVE-2010-2068 - Updated messages a2en,dis: added an indication of the file Closes: 20932 - Move %apache2extraavailable/Directorydefault.conf....
Security fix for the ALT Linux 8 package apache2 version 2.2.16-alt1
Sept. 16, 2010 Aleksey Avdeev 2.2.16-alt1 - 2.2.16 Closes: 23933 - Security fixes CVE-2009-3555, CVE-2010-0408, CVE-2010-0425, CVE-2010-043, CVE-2010-1452, CVE-2010-2068 - Updated messages a2en,dis: added an indication of the file Closes: 20932 - Move %apache2extraavailable/Directorydefault.conf....
httpd: Reverse proxy sends wrong responses after time-outs
modproxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in...
Apache mod_proxy_http模块超时处理信息泄露漏洞
BUGTRAQ ID: 40827 CVE ID: CVE-2010-2068 Apache HTTP Server是一款流行的Web服务器。 Apache HTTP Server的modproxyhttp模块中的modproxyhttp.c文件没有正确地检测超时,在某些超时情况下服务器可能返回属于其他用户的响应,导致泄漏敏感信息。仅有可触发使用代理worker池的配置才受影响。 Apache 2.2.x 厂商补丁: Apache Group ------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
CVE-2010-2068
modproxyhttp.c in modproxyhttp in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive...
CVE-2010-2068
modproxyhttp.c in modproxyhttp in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive...
CVE-2010-2068
CVE-2010-2068 affects Apache HTTP ServerAffected: mod_proxy_http.c in Apache HTTP Server 2.2.9–2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, OS/2 in certain proxy worker pool configurations.Root cause: timeout handling in mod_proxy_http did not correctly detect timeouts, allowing a re...
[advisory] httpd Timeout detection flaw (mod_proxy_http) CVE-2010-2068
Vulnerability; httpd Timeout detection flaw modproxyhttp CVE-2010-2068 Classification; important Description; A timeout detection flaw in the httpd modproxyhttp module causes proxied response to be sent as the response to a different request, and potentially served to a different client, from the...