Mandrake Security Advisory MDVSA-2009:138 (tomcat5)

The remote host is missing an update to tomcat5 announced via advisory MDVSA-2009:138. OpenVAS Vulnerability Test $Id: mdksa2009138.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:138 tomcat5 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

Mandrake Security Advisory MDVSA-2009:136 (tomcat5)

The remote host is missing an update to tomcat5 announced via advisory MDVSA-2009:136. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Mandrake Security Advisory MDVSA-2009:138 (tomcat5)

The remote host is missing an update to tomcat5 announced via advisory MDVSA-2009:138. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

RedHat Security Advisory RHSA-2009:1107

The remote host is missing updates announced in advisory RHSA-2009:1107. apr-util is a utility library used with the Apache Portable Runtime APR. It aims to provide a free library of C data structures and routines. This library contains additional utility interfaces for APR. Including support for...

Mandriva Linux Security Advisory : tomcat5 (MDVSA-2009:138)

Multiple security vulnerabilities has been identified and fixed in tomcat5 : Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, whic...

Ubuntu: Security Advisory (USN-788-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mandriva Linux Security Advisory : tomcat5 (MDVSA-2009:136)

Multiple security vulnerabilities has been identified and fixed in tomcat5 : When Tomcat's WebDAV servlet is configured for use with a context and has been enabled for write, some WebDAV requests that specify an entity with a SYSTEM tag can result in the contents of arbitary files being returned ...

apr security update

CentOS Errata and Security Advisory CESA-2009:1107 Updated apr-util packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. apr-util is a utility library...

CentOS 3 : httpd (CESA-2009:1108)

Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. The httpd package shipped with Red Hat...

httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2009:1108 Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular We...

RHEL 3 : httpd (RHSA-2009:1108)

Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. The httpd package shipped with Red Hat...

Moderate: Red Hat Security Advisory: apr-util security update

Updated apr-util packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. apr-util is a utility library used with the Apache Portable Runtime APR. It aims...

USN-788-1: Tomcat vulnerabilities

Iida Minehiko discovered that Tomcat did not properly normalise paths. A remote attacker could send specially crafted requests to the server and bypass security restrictions, gaining access to sensitive content. CVE-2008-5515 Yoshihito Fukuyama discovered that Tomcat did not properly handle error...

Ubuntu 8.04 LTS / 8.10 / 9.04 : apr-util vulnerabilities (USN-786-1)

Matthew Palmer discovered an underflow flaw in apr-util. An attacker could cause a denial of service via application crash in Apache using a crafted SVNMasterURI directive, .htaccess file, or when using modapreq2. Applications using libapreq2 are also affected. CVE-2009-0023 It was discovered tha...

USN-786-1: apr-util vulnerabilities

Matthew Palmer discovered an underflow flaw in apr-util. An attacker could cause a denial of service via application crash in Apache using a crafted SVNMasterURI directive, .htaccess file, or when using modapreq2. Applications using libapreq2 are also affected. CVE-2009-0023 It was discovered tha...

FreeBSD Ports: apr

The remote host is missing an update to the system as announced in the referenced advisory. VID eb9212f7-526b-11de-bbf2-001b77d09812 OpenVAS Vulnerability Test $ Description: Auto generated from VID eb9212f7-526b-11de-bbf2-001b77d09812 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

Mandrake Security Advisory MDVSA-2009:131-1 (apr-util)

The remote host is missing an update to apr-util announced via advisory MDVSA-2009:131-1. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

CVE-2009-1955

The expat XML parser in the aprxml interface in xml/aprxml.c in Apache APR-util before 1.3.7, as used in the moddav and moddavsvn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service memory consumption via a crafted XML document containing a large number of nest...

CVE-2009-1955

The expat XML parser in the aprxml interface in xml/aprxml.c in Apache APR-util before 1.3.7, as used in the moddav and moddavsvn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service memory consumption via a crafted XML document containing a large number of nest...

Fixed in Apache Tomcat 4.1.40

Important: Information Disclosure CVE-2008-5515 When using a RequestDispatcher obtained from the Request, the target path was normalised before the query string was removed. A request that included a specially crafted request parameter could be used to access content that would otherwise be...