Denial Of Service (DoS)

httpd is vulnerable to denial of service DoS. The vulnerability exists as a bug was found in the Apache HTTP Server modcache module. On sites where caching is enabled, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash...

Denial Of Service (DoS)

httpd is vulnerable to denial of service. A flaw was found in the Apache HTTP Server modproxy module. On sites where a reverse proxy is configured, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. On sites where a...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-1419)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ALPINE-CVE-2019-0211

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually roo...

Amazon Linux AMI : httpd24 (ALAS-2014-389)

A race condition flaw, leading to heap-based buffer overflows, was found in the modstatus httpd module. A remote attacker able to access a status page served by modstatus on a server using a threaded Multi-Processing Module MPM could send a specially crafted request that would cause the httpd chi...

httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update

CentOS Errata and Security Advisory CESA-2014:0921 Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base...

Ubuntu Update for apache2 USN-1259-1

Ubuntu Update for Linux kernel vulnerabilities USN-1259-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12591.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for apache2 USN-1259-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...

Mandriva Linux Security Advisory : apache (MDVSA-2011:057)

The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module apache-mpm-itk for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by...

CVE-2011-1176

The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileg...

DEBIAN-CVE-2007-6422

The balancerhandler function in modproxybalancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service child process crash via an invalid bb variable...

Apache Httpd < 2.2.8 : mod_proxy_balancer DoS

A flaw was found in the modproxybalancer module. On sites where modproxybalancer is enabled, an authorized user could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded...

httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2007:0533 Updated Apache httpd packages that correct two security issues and two bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP...

Apache Httpd < 2.0.61 : mod_cache proxy DoS

A bug was found in the modcache module. On sites where caching is enabled, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module...

CVE-2002-1593

moddav in Apache before 2.0.42 does not properly handle versioning hooks, which may allow remote attackers to kill a child process via a null dereference and cause a denial of service CPU consumption in a preforked multi-processing module...