RHEL 5 : httpd (RHSA-2009:1148)

Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A denial of service flaw was found in the...

httpd: mod_proxy reverse proxy DoS (infinite loop)

The streamreqbodycl function in modproxyhttp.c in the modproxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service C...

httpd security update

2.2.3-22.0.1.el53.2 - Replace index.html with Oracle's index page oracleindex.html - Update vstring and distro in specfile 2.2.3-22.el53.2 - add security fixes for CVE-2009-1890, CVE-2009-1891 509782...

Apache Httpd < 2.0.64 : mod_deflate DoS

A denial of service flaw was found in the moddeflate module. This module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause moddeflate to consume large amounts of CPU...

Apache Httpd < 2.2.12 : mod_deflate DoS

A denial of service flaw was found in the moddeflate module. This module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause moddeflate to consume large amounts of CPU...

CentOS Security Advisory CESA-2009:1108 (httpd)

The remote host is missing updates to httpd announced in advisory CESA-2009:1108. CESA-2009:1108 64269 2 $Id: ovcesa20091108.nasl 6650 2017-07-10 11:43:12Z cfischer $ Description: Auto-generated from advisory CESA-2009:1108 httpd Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

CentOS Security Advisory CESA-2009:1108 (httpd)

The remote host is missing updates to httpd announced in advisory CESA-2009:1108. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-onl...

CentOS 3 : httpd (CESA-2009:1108)

Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. The httpd package shipped with Red Hat...

httpd security update

2.0.46-73.0.1.ent - use oracle index page oracleindex.html - remove logos in poweredby.gif and poweredbyrh.png - add apr-configure.patch 2.0.46-73.ent - forcibly disable SCTP support in APR 2.0.46-72.ent - add security fixes for CVE-2009-0023, CVE-2009-1955, and CVE-2009-1956 apr-util 504562...

RHEL 3 : httpd (RHSA-2009:1108)

Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. The httpd package shipped with Red Hat...

Moderate: Red Hat Security Advisory: apr-util security update

Updated apr-util packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. apr-util is a utility library used with the Apache Portable Runtime APR. It aims...

Apache Httpd < 2.2.12 : APR-util XML DoS

A denial of service flaw was found in the bundled copy of the APR-util library Extensible Markup Language XML parser. A remote attacker could create a specially-crafted XML document that would cause excessive memory consumption when processed by the XML decoding engine...

RedHat Security Advisory RHSA-2009:1075

The remote host is missing updates announced in advisory RHSA-2009:1075. The Apache HTTP Server is a popular and freely-available Web server. A flaw was found in the handling of compression structures between modssl and OpenSSL. If too many connections were opened in a short period of time, all...

CentOS Security Advisory CESA-2009:1075 (httpd)

The remote host is missing updates to httpd announced in advisory CESA-2009:1075. CESA-2009:1075 64124 2 $Id: ovcesa20091075.nasl 6650 2017-07-10 11:43:12Z cfischer $ Description: Auto-generated from advisory CESA-2009:1075 httpd Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

CentOS Security Advisory CESA-2009:1075 (httpd)

The remote host is missing updates to httpd announced in advisory CESA-2009:1075. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-onl...

RedHat Security Advisory RHSA-2009:1067

The remote host is missing updates announced in advisory RHSA-2009:1067. Red Hat Application Stack v2.3 is an integrated open source application stack, that includes Red Hat Enterprise Linux 5 and JBoss Enterprise Application Platform EAP. JBoss EAP is provided through the JBoss EAP channels on t...

RedHat Security Advisory RHSA-2009:1067

The remote host is missing updates announced in advisory RHSA-2009:1067. Red Hat Application Stack v2.3 is an integrated open source application stack, that includes Red Hat Enterprise Linux 5 and JBoss Enterprise Application Platform EAP. JBoss EAP is provided through the JBoss EAP channels on t...

Design/Logic Flaw

The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service Apache httpd crash via a request for a PDF file that does not use the GET method...

CVE-2009-1903

The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service Apache httpd crash via a request for a PDF file that does not use the GET method...

CVE-2009-1903

The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service Apache httpd crash via a request for a PDF file that does not use the GET method...