EUVD-2009-0440

Malware in sbrugna...

IBM HTTP Server mod_ibm_ssl模块远程拒绝服务漏洞

CVE ID: CVE-2010-2327 IBM HTTP Server是基于Apache HTTP Server的WEB服务器。 IBM HTTP Server所使用的modibmssl模块没有正确地处理通过SSL所上传的超大HTTP请求体，如果上传大于2G的话就会导致服务器失效。 IBM HTTP Server 7.0 IBM HTTP Server 6.1 IBM HTTP Server 6.0 厂商补丁： IBM --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

CVE-2010-2327

modibmssl in IBM HTTP Server 6.0 before 6.0.2.43, 6.1 before 6.1.0.33, and 7.0 before 7.0.0.11, as used in IBM WebSphere Application Server WAS on z/OS, does not properly handle a large HTTP request body in uploading over SSL, which might allow remote attackers to cause a denial of service daemon...

Code injection

The 1 modibmssl and 2 modcgid modules in IBM HTTP Server 6.0.x before 6.0.2.31 and 6.1.x before 6.1.0.19, as used in WebSphere Application Server WAS, set incorrect permissions for AFUNIX sockets, which has unknown impact and local attack vectors...

CVE-2009-0436

CVE-2009-0436 affects IBM HTTP Server integrated with WebSphere (was 6.0.x prior to 6.0.2.31; 6.1.x prior to 6.1.0.19). The mod_ibm_ssl and mod_cgid modules set incorrect permissions on AF_UNIX sockets. Impact is described as unknown and local access vectors are indicated; no public exploit detai...

CVE-2009-0436

The 1 modibmssl and 2 modcgid modules in IBM HTTP Server 6.0.x before 6.0.2.31 and 6.1.x before 6.1.0.19, as used in WebSphere Application Server WAS, set incorrect permissions for AFUNIX sockets, which has unknown impact and local attack vectors...