httpd: mod_dav denial of service via crafted DAV WRITE request

The davxmlgetcdata function in main/util.c in the moddav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service daemon crash via a crafted DAV WRITE request...

Apache Httpd < 2.2.29 : mod_cgid denial of service

A flaw was found in modcgid. If a server using modcgid hosted CGI scripts which did not consume standard input, a remote attacker could cause child processes to hang indefinitely, leading to denial of service...

Apache Httpd < 2.4.10 : mod_cgid denial of service

A flaw was found in modcgid. If a server using modcgid hosted CGI scripts which did not consume standard input, a remote attacker could cause child processes to hang indefinitely, leading to denial of service...

openSUSE Security Update : apache2 (openSUSE-SU-2013:0245-1)

httpd-2.2.x-bnc798733-SNIignorecase.diff: ignore case when checking against SNI server names. bnc798733 - httpd-2.2.x-bnc777260-CVE-2012-2687-modnegotiationfilenamexss.diff Escape filename for the case that uploads are allowed with untrusted user's control over filenames and modnegotiation...

openSUSE Security Update : libsvn_auth_gnome_keyring-1-0 (openSUSE-SU-2011:0693-1)

CVE-2011-1752: The moddavsvn Apache HTTPD server module can be crashed though when asked to deliver baselined WebDAV resources. - CVE-2011-1783: The moddavsvn Apache HTTPD server module can trigger a loop which consumes all available memory on the system. - CVE-2011-1921: The moddavsvn Apache...

openSUSE Security Update : libsvn_auth_gnome_keyring-1-0 (openSUSE-SU-2011:0695-1)

Subversion was updated to version 1.6.17 to fix several security issues : - CVE-2011-1752: The moddavsvn Apache HTTPD server module can be crashed though when asked to deliver baselined WebDAV resources. - CVE-2011-1783: The moddavsvn Apache HTTPD server module can trigger a loop which consumes a...

Important: Red Hat Security Advisory: openssl098e security update

Updated openssl098e packages that fix one security issue are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

RedHat Update for openssl RHSA-2014:0624-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openssl security update

CentOS Errata and Security Advisory CESA-2014:0624 Updated openssl packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base...

CentOS 5 / 6 : openssl097a / openssl098e (CESA-2014:0626)

Updated openssl097a and openssl098e packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which...

Scientific Linux Security Update : openssl097a and openssl098e on SL5.x, SL6.x i386/x86_64 (20140605)

It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. CVE-2014-0224 Note: In order to...

Important: Red Hat Security Advisory: openssl security update

Updated openssl packages that fix one security issue are now available for Red Hat Enterprise Linux 4 Extended Life Cycle Support, Red Hat Enterprise Linux 5.6 Long Life, Red Hat Enterprise Linux 5.9 Extended Update Support, Red Hat Enterprise Linux 6.2 Advanced Update Support, and Red Hat...

Important: Red Hat Security Advisory: openssl097a and openssl098e security update

Updated openssl097a and openssl098e packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which...

Apache Httpd < 2.2.29 : mod_status buffer overflow

A race condition was found in modstatus. An attacker able to access a public server status page on a server using a threaded MPM could send a carefully crafted request which could lead to a heap buffer overflow. Note that it is not a default or recommended configuration to have a public accessibl...

Apache Httpd < 2.4.10 : mod_status buffer overflow

A race condition was found in modstatus. An attacker able to access a public server status page on a server using a threaded MPM could send a carefully crafted request which could lead to a heap buffer overflow. Note that it is not a default or recommended configuration to have a public accessibl...

Fedora Update for httpd FEDORA-2014-5004

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for httpd FEDORA-2014-5004

Check for the Version of httpd OpenVAS Vulnerability Test Fedora Update for httpd FEDORA-2014-5004 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Moderate: Red Hat Security Advisory: Django security update

Updated Django packages that fix three security issues are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Moderate: Red Hat Security Advisory: Django security update

Updated Django packages that fix three security issues are now available for Red Hat Enterprise Linux OpenStack Platform 3.0. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Medium: httpd

Issue Overview: It was found that the moddav module did not correctly strip leading white space from certain elements in a parsed XML. In certain httpd configurations that use the moddav module for example when using the moddavsvn module, a remote attacker could send a specially crafted DAV reque...