MDVA-2010:011 : apache-conf

This is a maintenance and bugfix release of apache-conf that mainly fixes so that the httpd service is handled more gracefully when reloading the apache server 56857. Other fixes where appliable: - fix 53887 obsolete favicon.ico file in Apache default www pages - workaround 47992 apache does not...

CentOS 5 : apr (CESA-2009:1204)

Updated apr and apr-util packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache Portable Runtime APR is a portability library used by the...

CentOS 5 : httpd (CESA-2009:1075)

Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular and freely-available Web server. A flaw was found in the...

CentOS 5 : httpd (CESA-2008:0008)

Updated Apache httpd packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A flaw was found in the modimagemap...

CentOS 5 : httpd (CESA-2009:1148)

Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A denial of service flaw was found in the...

CentOS 5 : php (CESA-2009:0338)

Updated php packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A...

Fedora Core 12 FEDORA-2009-12606 (httpd)

The remote host is missing an update to Apache HTTP Server announced via advisory FEDORA-2009-12606. OpenVAS Vulnerability Test $Id: fcore200912606.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-12606 httpd Authors: Thomas Reinke Copyright: Copyrig...

Apache Httpd < 1.3.42 : mod_proxy overflow on 64-bit systems

An incorrect conversion between numeric types flaw was found in the modproxy module which affects some 64-bit architecture systems. A malicious HTTP server to which requests are being proxied could use this flaw to trigger a heap buffer overflow in an httpd child process via a carefully crafted...

Fedora 12 : httpd-2.2.14-1.fc12 (2009-12606)

This update contains the latest stable release of Apache httpd. Three security fixes are included, along with several minor bug fixes. A flaw was found in the way the TLS/SSL Transport Layer Security/Secure Sockets Layer protocols handle session renegotiation. A man-in-the-middle attacker could u...

Apache Httpd < 2.0.64 : expat DoS

A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document for example through moddav may be able to cause a crash. This crash would only be a denial of service if using the worker MPM...

Apache Httpd < 2.2.17 : expat DoS

A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document for example through moddav may be able to cause a crash. This crash would only be a denial of service if using the worker MPM...

Monkey HTTPd improper input validation vulnerability

census ID: census-2009-0004 URL: http://census-labs.com/news/2009/12/14/monkey-httpd/ CVE ID: Pending Affected Products: Monkey web server versions ? 0.9.2. Class: Improper Input Validation CWE-20, Incorrect Calculation CWE-682 Remote: Yes Discovered by: Patroklos Argyroudis We have discovered a...

Fedora Core 10 FEDORA-2009-12604 (httpd)

The remote host is missing an update to httpd announced via advisory FEDORA-2009-12604. OpenVAS Vulnerability Test $Id: fcore200912604.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-12604 httpd Authors: Thomas Reinke Copyright: Copyright c 2009...

Fedora Core 10 FEDORA-2009-12604 (httpd)

The remote host is missing an update to httpd announced via advisory FEDORA-2009-12604. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Fedora 10 : httpd-2.2.14-1.fc10 (2009-12604)

This update contains the latest stable release of Apache httpd. Three security fixes are included, along with several minor bug fixes. A flaw was found in the way the TLS/SSL Transport Layer Security/Secure Sockets Layer protocols handle session renegotiation. A man-in-the-middle attacker could u...

Apache Httpd < 2.2.15 : Subrequest handling of request headers (mod_headers)

A flaw in the core subrequest process code was fixed, to always provide a shallow copy of the headersin array to the subrequest, instead of a pointer to the parent request's array as it had for requests without request bodies. This meant all modules such as modheaders which may manipulate the inp...

Apache Httpd < 2.0.64 : Subrequest handling of request headers (mod_headers)

A flaw in the core subrequest process code was fixed, to always provide a shallow copy of the headersin array to the subrequest, instead of a pointer to the parent request's array as it had for requests without request bodies. This meant all modules such as modheaders which may manipulate the inp...

Apache Win32 Chunked Encoding

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Apache Win32...

CentOS Security Advisory CESA-2009:1579 (httpd)

The remote host is missing updates to httpd announced in advisory CESA-2009:1579. CESA-2009:1579 66274 4 $Id: ovcesa20091579.nasl 6650 2017-07-10 11:43:12Z cfischer $ Description: Auto-generated from advisory CESA-2009:1579 httpd Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

CentOS Security Advisory CESA-2009:1580 (httpd)

The remote host is missing updates to httpd announced in advisory CESA-2009:1580. CESA-2009:1580 66275 2 $Id: ovcesa20091580.nasl 6650 2017-07-10 11:43:12Z cfischer $ Description: Auto-generated from advisory CESA-2009:1580 httpd Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...