Mandrake Linux Security Advisory : mod_perl (MDKSA-2000:046)

The configuration file, /etc/httpd/conf/addon-modules/modperl.conf contained an Options directive that was not entirely secure and allowed people to browse the /perl/ directory. This update adds the '-Indexes' directive to the Options command, thus making the directory non- browseable...

RedHat Security Advisory RHSA-2009:1156

The remote host is missing updates announced in advisory RHSA-2009:1156. The Apache HTTP Server is a popular Web server. A denial of service flaw was found in the Apache modproxy module when it was used as a reverse proxy. A remote attacker could use this flaw to force a proxy process to consume...

CVE-2009-1195

The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring 1 Options Includes, 2 Options +Includes, or 3 Options +IncludesNOEXEC in a .htaccess file, and then...

CVE-2009-1195

The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring 1 Options Includes, 2 Options +Includes, or 3 Options +IncludesNOEXEC in a .htaccess file, and then...

Apache Httpd < 2.2.12 : AllowOverride Options handling bypass

A flaw was found in the handling of the "Options" and "AllowOverride" directives. In configurations using the "AllowOverride" directive with certain "Options=" arguments, local users were not restricted from executing commands from a Server-Side-Include script as intended...

Apache < 2.2.9 Multiple Vulnerabilities

Binary data 4579.prm...