K15900: Apache HTTP server vulnerability CVE-2012-3499

Security Advisory Description Multiple cross-site scripting XSS vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the 1 modimagemap, 2 modinfo, 3 modlda...

Apache HTTP Server Multiple Vulnerabilities (Feb 2013) - Linux

Apache HTTP Server is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

SUSE: Security Advisory (SUSE-SU-2013:0830-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2013:0648-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Arbitrary Code Injection

The Apache HTTP Server is a popular web server. Cross-site scripting XSS flaws were found in the modproxybalancer module's manager web interface. If a remote attacker could trick a user, who was logged into the manager web interface, into visiting a specially-crafted URL, it would lead to arbitra...

Apache 2.4.x < 2.4.4 Multiple XSS Vulnerabilities

According to its banner, the version of Apache 2.4.x running on the remote host is prior to 2.4.4. It is, therefore, affected by the following cross-site scripting vulnerabilities : - Errors exist related to the modules modinfo, modstatus, modimagemap, modldap, and modproxyftp and unescaped...

Juniper NSM < 2012.2R9 Apache HTTP Server Multiple Vulnerabilities (JSA10685)

The remote host is running a version of NSM Network and Security Manager Server that is prior to 2012.2R9. It is, therefore, affected by multiple vulnerabilities in the bundled version of Apache HTTP Server : - A flaw exists due to improper escaping of filenames in 406 and 300 HTTP responses. A...

Marktplaats: Multiple Apache 2.2.22 Vulnerabilities (XSS/ Code Exec/ DoS)

Hello, Your current version of apache 2.2.22 for http://aanbieding.marktplaats.com is vulnerable to many issues like DoS, XSS and Code Exec 1. DoS Refer: http://www.cvedetails.com/cve/CVE-2014-0231/ http://www.cvedetails.com/cve/CVE-2014-0098/ http://www.cvedetails.com/cve/CVE-2013-6438/...

SOL15900 - Apache HTTP server vulnerability CVE-2012-3499

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. To mitigate this...

openSUSE Security Update : apache2 (openSUSE-SU-2013:0629-1)

apache2 was updated to fix : - fix for cross site scripting vulnerability in modbalancer. This is CVE-2012-4558 bnc807152 - fixes for low profile cross site scripting vulnerabilities, known as CVE-2012-3499 bnc806458 - Escape filename for the case that uploads are allowed with untrusted user's...

RHEL 6 : Red Hat JBoss Enterprise Application Platform 6.1.1 update (Moderate) (RHSA-2013:1208)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:1208 advisory. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves...

Amazon Linux AMI : httpd24 (ALAS-2013-194)

Cross-site scripting XSS flaws were found in the modproxybalancer module's manager web interface. If a remote attacker could trick a user, who was logged into the manager web interface, into visiting a specially crafted URL, it would lead to arbitrary web script execution in the context of the...

Amazon Linux AMI : httpd (ALAS-2013-193)

Cross-site scripting XSS flaws were found in the modproxybalancer module's manager web interface. If a remote attacker could trick a user, who was logged into the manager web interface, into visiting a specially crafted URL, it would lead to arbitrary web script execution in the context of the...

Oracle Linux 5 / 6 : httpd (ELSA-2013-0815)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-0815 advisory. - modrewrite: add security fix for CVE-2013-1862 953729 Tenable has extracted the preceding description block directly from the Oracle Linux securi...

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 2.0.1 update

Red Hat JBoss Web Server 2.0.1, which fixes multiple security issues and several bugs, is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Medium: httpd

Issue Overview: Cross-site scripting XSS flaws were found in the modproxybalancer module's manager web interface. If a remote attacker could trick a user, who was logged into the manager web interface, into visiting a specially-crafted URL, it would lead to arbitrary web script execution in the...

CentOS Update for httpd CESA-2013:0815 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scripttagname:"affected", value:"htt...

CentOS 5 / 6 : httpd (CESA-2013:0815)

Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

RHEL 5 / 6 : httpd (RHSA-2013:0815)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:0815 advisory. The Apache HTTP Server is a popular web server. Cross-site scripting XSS flaws were found in the modproxybalancer module's manager web...

httpd security update

2.2.15-28.0.1.el64 - replace index.html with Oracle's index page oracleindex.html update vstring in specfile 2.2.15-28 - modrewrite: add security fix for CVE-2013-1862 953729 2.2.15-27 - add security fixes for CVE-2012-3499, CVE-2012-4558 915883, 915884...