httpd security update

2.2.3-22.0.1.el53.2 - Replace index.html with Oracle's index page oracleindex.html - Update vstring and distro in specfile 2.2.3-22.el53.2 - add security fixes for CVE-2009-1890, CVE-2009-1891 509782...

Apache Httpd < 2.0.64 : mod_deflate DoS

A denial of service flaw was found in the moddeflate module. This module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause moddeflate to consume large amounts of CPU...

Apache Httpd < 2.2.12 : mod_deflate DoS

A denial of service flaw was found in the moddeflate module. This module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause moddeflate to consume large amounts of CPU...

CentOS Security Advisory CESA-2009:1108 (httpd)

The remote host is missing updates to httpd announced in advisory CESA-2009:1108. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-onl...

CentOS Security Advisory CESA-2009:1108 (httpd)

The remote host is missing updates to httpd announced in advisory CESA-2009:1108. CESA-2009:1108 64269 2 $Id: ovcesa20091108.nasl 6650 2017-07-10 11:43:12Z cfischer $ Description: Auto-generated from advisory CESA-2009:1108 httpd Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

CentOS 3 : httpd (CESA-2009:1108)

Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. The httpd package shipped with Red Hat...

RHEL 3 : httpd (RHSA-2009:1108)

Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. The httpd package shipped with Red Hat...

httpd security update

2.0.46-73.0.1.ent - use oracle index page oracleindex.html - remove logos in poweredby.gif and poweredbyrh.png - add apr-configure.patch 2.0.46-73.ent - forcibly disable SCTP support in APR 2.0.46-72.ent - add security fixes for CVE-2009-0023, CVE-2009-1955, and CVE-2009-1956 apr-util 504562...

Moderate: Red Hat Security Advisory: apr-util security update

Updated apr-util packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. apr-util is a utility library used with the Apache Portable Runtime APR. It aims...

Apache Httpd < 2.2.12 : APR-util XML DoS

A denial of service flaw was found in the bundled copy of the APR-util library Extensible Markup Language XML parser. A remote attacker could create a specially-crafted XML document that would cause excessive memory consumption when processed by the XML decoding engine...

RedHat Security Advisory RHSA-2009:1067

The remote host is missing updates announced in advisory RHSA-2009:1067. Red Hat Application Stack v2.3 is an integrated open source application stack, that includes Red Hat Enterprise Linux 5 and JBoss Enterprise Application Platform EAP. JBoss EAP is provided through the JBoss EAP channels on t...

RedHat Security Advisory RHSA-2009:1075

The remote host is missing updates announced in advisory RHSA-2009:1075. The Apache HTTP Server is a popular and freely-available Web server. A flaw was found in the handling of compression structures between modssl and OpenSSL. If too many connections were opened in a short period of time, all...

CentOS Security Advisory CESA-2009:1075 (httpd)

The remote host is missing updates to httpd announced in advisory CESA-2009:1075. CESA-2009:1075 64124 2 $Id: ovcesa20091075.nasl 6650 2017-07-10 11:43:12Z cfischer $ Description: Auto-generated from advisory CESA-2009:1075 httpd Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

RedHat Security Advisory RHSA-2009:1067

The remote host is missing updates announced in advisory RHSA-2009:1067. Red Hat Application Stack v2.3 is an integrated open source application stack, that includes Red Hat Enterprise Linux 5 and JBoss Enterprise Application Platform EAP. JBoss EAP is provided through the JBoss EAP channels on t...

CentOS Security Advisory CESA-2009:1075 (httpd)

The remote host is missing updates to httpd announced in advisory CESA-2009:1075. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-onl...

Design/Logic Flaw

The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service Apache httpd crash via a request for a PDF file that does not use the GET method...

CVE-2009-1903

The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service Apache httpd crash via a request for a PDF file that does not use the GET method...

CVE-2009-1903

The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service Apache httpd crash via a request for a PDF file that does not use the GET method...

CVE-2009-1903

The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service Apache httpd crash via a request for a PDF file that does not use the GET method...

CVE-2009-1903

ModSecurity (Apache module) prior to version 2.5.9 is affected by two CVEs; CVE-2009-1902 (NULL pointer dereference when processing multipart requests without a part header name) and CVE-2009-1903 (PDF XSS protection failing for PDF requests not using GET), leading to possible denial of service (...