9 matches found
RHEL 5 / 6 : httpd (RHSA-2012:0542)
The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0542 advisory. The Apache HTTP Server httpd is the namesake project of The Apache Software Foundation. It was discovered that the Apache HTTP Server di...
CVE-2014-0226
Race condition in the modstatus module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service heap-based buffer overflow, or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard...
Race condition
Race condition in the modstatus module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service heap-based buffer overflow, or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard...
CVE-2014-0226
Race condition in the modstatus module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service heap-based buffer overflow, or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard...
CVE-2014-0226
Race condition in the modstatus module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service heap-based buffer overflow, or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard...
CVE-2014-0226
Race condition in the modstatus module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service heap-based buffer overflow, or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard...
Apache 2.4.7 httpd mod_status Heap Buffer Overflow Vulnerability
Exploit for linux platform in category dos / poc URL: http://svn.apache.org/r1610499 Log: Merge 1610491 from trunk: SECURITY CVE-2014-0226: Fix a race condition in scoreboard handling, which could lead to a heap buffer overflow. Thanks to Marek Kroemeke working with HP's Zero Day Initiative for...
UBUNTU-CVE-2014-0226
Race condition in the modstatus module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service heap-based buffer overflow, or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard...
FreeBSD : apache -- multiple vulnerabilities (4b7dbfab-4c6b-11e1-bc16-0023ae8e59f0)
CVE MITRE reports : An exposure was found when using modproxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from...