251 matches found
Scientific Linux Security Update : httpd on SL6.x i386/x86_64 (20140403)
It was found that the moddav module did not correctly strip leading white space from certain elements in a parsed XML. In certain httpd configurations that use the moddav module for example when using the moddavsvn module, a remote attacker could send a specially crafted DAV request that would...
Scientific Linux Security Update : httpd on SL5.x i386/x86_64 (20140403)
It was found that the moddav module did not correctly strip leading white space from certain elements in a parsed XML. In certain httpd configurations that use the moddav module for example when using the moddavsvn module, a remote attacker could send a specially crafted DAV request that would...
httpd, mod_ssl security update
CentOS Errata and Security Advisory CESA-2014:0369 Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base score...
httpd, mod_ssl security update
CentOS Errata and Security Advisory CESA-2014:0370 Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base score...
CentOS 5 : httpd (CESA-2014:0369)
Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Oracle Linux 6 : httpd (ELSA-2014-0370)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0370 advisory. - moddav: add security fix for CVE-2013-6438 1078174 Tenable has extracted the preceding description block directly from the Oracle Linux security...
RHEL 5 : httpd (RHSA-2014:0369)
Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
CentOS 6 : httpd (CESA-2014:0370)
Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
RHEL 6 : httpd (RHSA-2014:0370)
Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
httpd: mod_dav denial of service via crafted DAV WRITE request
The davxmlgetcdata function in main/util.c in the moddav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service daemon crash via a crafted DAV WRITE request...
Moderate: Red Hat Security Advisory: httpd security update
Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Moderate: Red Hat Security Advisory: httpd security update
Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
httpd: mod_dav denial of service via crafted DAV WRITE request
The davxmlgetcdata function in main/util.c in the moddav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service daemon crash via a crafted DAV WRITE request...
httpd security update
2.2.15-30.0.1.el65 - replace index.html with Oracle's index page oracleindex.html update vstring in specfile 2.2.15-30 - moddav: add security fix for CVE-2013-6438 1078174 - modlogconfig: add security fix for CVE-2014-0098 1078174...
httpd security update
2.2.3-85.0.1.el510 - fix modssl always performing full renegotiation Joe Jin orabug 12423387 - replace index.html with Oracle's index page oracleindex.html - update vstring and distro in specfile 2.2.3-85 - modlogconfig: add security fix for CVE-2014-0098 1078176 2.2.3-84 - moddav: add security f...
Ubuntu Update for apache2 USN-2152-1
Check for the Version of apache2 OpenVAS Vulnerability Test $Id: gbubuntuUSN21521.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for apache2 USN-2152-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software...
Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 : apache2 vulnerabilities (USN-2152-1)
Ning Zhang & Amin Tora discovered that the moddav module incorrectly handled whitespace characters in CDATA sections. A remote attacker could use this issue to cause the server to stop responding, resulting in a denial of service. CVE-2013-6438 Rainer M Canavan discovered that the modlogconfig...
Ubuntu: Security Advisory (USN-2152-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2152-1: Apache HTTP Server vulnerabilities
Ning Zhang & Amin Tora discovered that the moddav module incorrectly handled whitespace characters in CDATA sections. A remote attacker could use this issue to cause the server to stop responding, resulting in a denial of service. CVE-2013-6438 Rainer M Canavan discovered that the modlogconfig...
Apache security vulnerabilities
modlogconfig DoS, moddav buffer overflow...