MiracleLinux 3 : httpd-2.2.3-87.0.1.AXS3 (AXSA:2014-466:02)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-466:02 advisory. Description : The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2014-0118 The...

MiracleLinux 3 : httpd-2.2.3-22.2.1AXS3 (AXSA:2009-77:02)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-77:02 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Fixed bugs: CVE-2009-1890 The streamreqbodycl function in modproxyhttp.c i...

MiracleLinux 3 : httpd-2.2.3-43.3.0.1.AXS3 (AXSA:2010-433:03)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2010-433:03 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release; CVE-2010-1452 The 1 modcache and...

IBM HTTP Server 8.5.0.0 <= 8.5.5.2 / 8.0.0.0 <= 8.0.0.9 / 7.0.0.0 <= 7.0.0.33 / 6.1.0.0. <= 6.1.0.47 / 6.0.2.0 <= 6.0.2.43 Multiple Vulnerabilities (509275)

The version of IBM HTTP Server running on the remote host is affected by multiple vulnerabilities, as follows: - Race condition in the modstatus module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service heap-based buffer overflow, or possibly obtain...

Denial Of Service (DoS)

httpd is vulnerable to denial of service. A denial of service flaw was found in the Apache moddeflate module. This module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would...

Denial Of Service (DoS)

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the modstatus httpd module. A remote attacker able to access a status page served by modstatus on a server using a...

Denial Of Service (DoS)

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the modstatus httpd module. A remote attacker able to access a status page served by modstatus on a server using a...

Denial Of Service (DoS)

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the modstatus httpd module. A remote attacker able to access a status page served by modstatus on a server using a...

Denial Of Service (DoS)

httpd is vulnerable to denial of service DoS attacks. The vulnerability exists as the deflateinfilter function in moddeflate.c in the moddeflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service resourc...

Apache 2.4.x < 2.4.10 Multiple Vulnerabilities

According to its banner, the version of Apache 2.4.x running on the remote host is prior to 2.4.10. It is, therefore, affected by the following vulnerabilities : - A flaw exists in the 'modproxy' module that may allow an attacker to send a specially crafted request to a server configured as a...

Security Bulletin: Apache denial of service vulnerability in QRadar (CVE-2014-0118)

Summary Open source Apache HTTP Server is vulnerable to a denial of service, caused by an error in the moddeflate module as used in IBM QRadar 7.1 MR2 and IBM QRadar 7.2.3 Vulnerability Details CVE-ID: CVE-2014-0118 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service, caused by a...

httpd24-httpd security and bug fix update

2.4.6-22.0.1.el6 - remove enable-tlsv1x-thunks to fit openssl 1.x api - replace index.html with Oracle's index page oracleindex.html - update vstring in specfile 2.4.6-22 - Remove modproxyfcgi fix for heap-based buffer overflow, httpd-2.4.6 is not affected CVE-2014-3583 2.4.6-21 - modproxywstunne...

Amazon Linux: Security Advisory (ALAS-2014-388)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2014-389)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : httpd on SL6.x i386/x86_64 (20150722)

A flaw was found in the way httpd handled HTTP Trailer headers when processing requests using chunked encoding. A malicious client could use Trailer headers to set additional HTTP headers after header processing was performed by other modules. This could, for example, lead to a bypass of header...

httpd security, bug fix, and enhancement update

2.2.15-45.0.1 - replace index.html with Oracle's index page oracleindex.html - update vstring in specfile 2.2.15-45 - modproxybalancer: add support for 'drain mode' N 767130 2.2.15-44 - set SSLCipherSuite to DEFAULT:!EXP:!SSLv2:!DES:!IDEA:!SEED:+3DES 1086771 2.2.15-43 - revert DirectoryMatch patc...

httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2015:1249 Updated httpd packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scori...

RedHat Update for httpd RHSA-2015:1249-02

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

HP System Management Homepage 7.3.x / 7.4.x < 7.5.0 Multiple Vulnerabilities (FREAK)

According to the web server's banner, the version of HP System Management Homepage SMH hosted on the remote web server is prior to 7.5.0. It is, therefore, affected by multiple vulnerabilities : - A flaw exists within the 'moddeflate' module when handling highly compressed bodies. A remote attack...

Low: Red Hat Security Advisory: httpd security, bug fix, and enhancement update

Updated httpd packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...