182 matches found
Debian DSA-4122-1 : squid3 - security update
Several vulnerabilities have been discovered in Squid3, a fully featured web proxy cache. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2018-1000024 Louis Dion-Marcil discovered that Squid does not properly handle processing of certain ESI responses. A...
[SECURITY] [DSA 4122-1] squid3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4122-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 23, 2018 https://www.debian.org/security/faq -...
Squid Proxy Cache Security Update Advisory (SQUID-2018:1) - Linux
Squid is vulnerable to denial of service attack when processing ESI responses. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
DuckieTV CMS 1.1.5 Local File Inclusion Vulnerability
Exploit for php platform in category web applications | | Exploit Title: DuckieTV CMS Local File Inclusion | Exploit Author: Ashiyane Digital security Team | Vendor Homepage: http://schizoduckie.github.io/DuckieTV/ | Software Link: https://github.com/SchizoDuckie/DuckieTV/archive/angular.zip |...
DuckieTV CMS 1.1.5 Local File Inclusion
| | Exploit Title: DuckieTV CMS Local File Inclusion | Exploit Author: Ashiyane Digital security Team | Vendor Homepage: http://schizoduckie.github.io/DuckieTV/ | Software Link: https://github.com/SchizoDuckie/DuckieTV/archive/angular.zip | Version: DuckieTV 1.1.5 | Date: 2017-10-14 | Category:...
Amazon Linux AMI : httpd24 (ALAS-2017-863)
apfindtoken buffer overread : A buffer over-read flaw was found in the httpd's apfindtoken function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. CVE-2017-7668 Apache HTTP Request Parsing Whitespace Defects : It was discovered...
Medium: httpd24
Issue Overview: apfindtoken buffer overread: A buffer over-read flaw was found in the httpd's apfindtoken function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. CVE-2017-7668 Apache HTTP Request Parsing Whitespace Defects: It wa...
The Nginx range filter plastic overflow vulnerability (CVE–2017–7529)early warning analysis-vulnerability warning-the black bar safety net
I. background description A security issue was identified in the nginx range filter. A specially crafted request might result in an integer overflow and incorrect processing of ranges, potentially resulting in sensitive information leak CVE-2017-7529. --...
CentOS 6 : httpd (CESA-2017:1721)
An update for httpd is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Virtuozzo 7 : httpd / httpd-devel / httpd-manual / httpd-tools / etc (VZLSA-2017-0906)
An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
httpd, mod_ssl security update
CentOS Errata and Security Advisory CESA-2017:1721 An update for httpd is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Scientific Linux Security Update : httpd on SL6.x i386/x86_64 (20170711)
Security Fixes : - It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. If httpd was used in conjunction with a proxy or backend server that interpreted those characters...
RedHat Update for httpd RHSA-2017:1721-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: httpd security and bug fix update
An update for httpd is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
httpd: Apache HTTP Request Parsing Whitespace Defects
It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. If httpd was used in conjunction with a proxy or backend server that interpreted those characters differently, a...
httpd: Apache HTTP Request Parsing Whitespace Defects
It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. If httpd was used in conjunction with a proxy or backend server that interpreted those characters differently, a...
EulerOS 2.0 SP1 : httpd (EulerOS-SA-2017-1085)
According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the modsessioncrypto module of httpd did not use any mechanisms to verify integrity of the encrypted session data stored i...
EulerOS 2.0 SP2 : httpd (EulerOS-SA-2017-1086)
According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the modsessioncrypto module of httpd did not use any mechanisms to verify integrity of the encrypted session data stored i...
httpd: Apache HTTP Request Parsing Whitespace Defects
It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. If httpd was used in conjunction with a proxy or backend server that interpreted those characters differently, a...
httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update
CentOS Errata and Security Advisory CESA-2017:0906 An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...