Apache Httpd < 1.3-never : mod_proxy reverse proxy exposure

An exposure was found when using modproxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web servers no...

Apache Httpd < 2.0.65 : mod_proxy reverse proxy exposure

An exposure was found when using modproxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web servers no...

Apache Httpd < 2.2.22 : mod_proxy reverse proxy exposure

An exposure was found when using modproxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web servers no...

CentOS Update for httpd CESA-2009:1148 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

SuSE 10 Security Update : Apache 2 (ZYPP Patch Number 6572)

This update of the Apache webserver fixes various security issues : - the option IncludesNOEXEC could be bypassed via .htaccess. CVE-2009-1195 - modproxy could run into an infinite loop when used as reverse proxy. CVE-2009-1890 - moddeflate continued to compress large files even after a network...

RedHat Update for httpd RHSA-2010:0659-01

Check for the Version of httpd OpenVAS Vulnerability Test RedHat Update for httpd RHSA-2010:0659-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

RedHat Update for httpd RHSA-2010:0659-01

Check for the Version of httpd OpenVAS Vulnerability Test RedHat Update for httpd RHSA-2010:0659-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2010:0659 Updated httpd packages that fix two security issues and multiple bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring Syst...

RHEL 5 : httpd (RHSA-2010:0659)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0659 advisory. The Apache HTTP Server is a popular web server. A flaw was discovered in the way the modproxy module of the Apache HTTP Server handled the...

Moderate: Red Hat Security Advisory: httpd security and bug fix update

Updated httpd packages that fix two security issues and multiple bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Mandriva Update for apache MDVSA-2010:153 (apache)

Check for the Version of apache OpenVAS Vulnerability Test Mandriva Update for apache MDVSA-2010:153 apache Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Mandriva Update for apache MDVSA-2010:153 (apache)

Check for the Version of apache OpenVAS Vulnerability Test Mandriva Update for apache MDVSA-2010:153 apache Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

[ MDVSA-2010:153 ] apache

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:153 http://www.mandriva.com/security/ Package : apache Date : August 16, 2010 Affected: 2009.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been found and corrected in apache: The...

Mandriva Linux Security Advisory : apache (MDVSA-2010:153)

Multiple vulnerabilities has been found and corrected in apache : The modcache and moddav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service process crash via a request that lacks a path CVE-2010-1452. modproxy in httpd in Apache HTTP Server...

CVE-2010-2791

modproxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in...

CVE-2010-2791

modproxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in...

CVE-2010-2791

The CVE-2010-2791 issue affects Apache HTTP Server 2.2.x on Unix, where mod_proxy in httpd can fail to close the backend connection after a timeout while reading from a persistent connection. This can allow a remote attacker to obtain a potentially sensitive response intended for another client u...

CVE-2010-2791

modproxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in...

CVE-2010-2791

modproxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in...

Moderate: Red Hat Security Advisory: httpd and httpd22 security and enhancement update

Updated httpd and httpd22 packages that fix two security issues and add one enhancement are now available for JBoss Enterprise Web Server 1.0.1 for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability...