Security Bulletin: IBM HTTP Server CPU utilization (CVE-2014-0963)

Summary IBM HTTP Server is affected by a problem related to the SSL implementation which, under very specific conditions, can cause CPU utilization to rapidly increase. Vulnerability Details CVE ID: CVE-2014-0963 DESCRIPTION: IBM HTTP Server is affected by a problem with the handling of certain S...

SUSE: Security Advisory (SUSE-SU-2012:0323-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2013:0469-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerabilities in RequisitePro GSKit Component (CVE-2014-0963)

Summary A vulnerability in IBM Rational RequisitePro in relation to TLS Record Processing has been discovered related to TLS 1.0 and later which can result in high CPU utilization that requires a system reboot to resolve. Vulnerability Details | Subscribe to My Notifications to be notified of...

Debian DSA-3796-1 : apache2 - security update

Several vulnerabilities were discovered in the Apache2 HTTP server. - CVE-2016-0736 RedTeam Pentesting GmbH discovered that modsessioncrypto was vulnerable to padding oracle attacks, which could allow an attacker to guess the session cookie. - CVE-2016-2161 Maksim Malyutin discovered that malicio...

[SECURITY] [DSA 3796-1] apache2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3796-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 26, 2017 https://www.debian.org/security/faq -...

openSUSE Security Update : apache2 (openSUSE-2012-132)

httpd-2.2.x-bnc743743-CVE-2012-0053-serverprotocolc-cookieexposure.diff addresses CVE-2012-0053: error responses can expose cookies when no custom 400 error code ErrorDocument is configured. bnc743743 - httpd-2.2.x-bnc741243-CVE-2012-0031-scoreboardhandling.diff: scoreboard corruption shared mem...

openSUSE Security Update : apache2-201202 (openSUSE-SU-2012:0314-1)

This update of apache2 fixes regressions and several security problems : bnc728876, fix graceful reload bnc741243, CVE-2012-0031: Fixed a scoreboard corruption shared mem segment by child causes crash of privileged parent invalid free during shutdown. bnc743743, CVE-2012-0053: Fixed an issue in...

SuSE Update for apache2 openSUSE-SU-2012:0314-1 (apache2)

Check for the Version of apache2 OpenVAS Vulnerability Test $Id: gbsuse201203141.nasl 8253 2017-12-28 06:29:51Z teissa $ SuSE Update for apache2 openSUSE-SU-2012:0314-1 apache2 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This progr...

apache2: fixed various security bugs (important)

This update of apache2 fixes regressions and several security problems: bnc728876, fix graceful reload bnc741243, CVE-2012-0031: Fixed a scoreboard corruption shared mem segment by child causes crash of privileged parent invalid free during shutdown. bnc743743, CVE-2012-0053: Fixed an issue in...

SuSE 11.1 Security Update : Apache2 (SAT Patch Number 5760)

This update of apache2 and libapr1 fixes regressions and several security problems. - Fixed a scoreboard corruption shared mem segment by child causes crash of privileged parent invalid free during shutdown. CVE-2012-0031 - Fixed an issue in error responses that could expose 'httpOnly' cookies wh...

DEBIAN-CVE-2007-6750

The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service daemon outage via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the modreqtimeout module in versions before 2.2.15...

CVE-2007-6750

The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service daemon outage via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the modreqtimeout module in versions before 2.2.15...

CVE-2007-6750

CVE-2007-6750 affects Apache HTTP Server 1.x and 2.x. The vulnerability arises from handling partial HTTP requests (Slowloris), related to absence of the mod_reqtimeout protection in versions before 2.2.15, enabling remote DoS (daemon outage). Public details in connected docs confirm PoCs/exploit...

CVE-2007-6750

The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service daemon outage via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the modreqtimeout module in versions before 2.2.15...

Design/Logic Flaw

Memory leak in the aprbrigadesplitline function in buckets/aprbrigade.c in the Apache Portable Runtime Utility library aka APR-util before 1.3.10, as used in the modreqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service memory...

CVE-2010-1623

Memory leak in the aprbrigadesplitline function in buckets/aprbrigade.c in the Apache Portable Runtime Utility library aka APR-util before 1.3.10, as used in the modreqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service memory...

CVE-2010-1623

The CVE-2010-1623 issue affects the APR-util library (apr_brigade_split_line in buckets/apr_brigade.c) prior to version 1.3.10, where a memory leak can allow remote attackers to cause denial of service through memory consumption related to APR bucket destruction. Affected products commonly includ...

CVE-2010-1623

Memory leak in the aprbrigadesplitline function in buckets/aprbrigade.c in the Apache Portable Runtime Utility library aka APR-util before 1.3.10, as used in the modreqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service memory...

Apache 2.2.x < 2.2.16 Multiple Vulnerabilities

According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.16. It is, therefore, potentially affected by multiple vulnerabilities : - A denial of service vulnerability in modcache and moddav. CVE-2010-1452 - An information disclosure vulnerability in...