Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseSUSE-SU-2011:1229-1
HistoryNov 09, 2011 - 7:08 p.m.

Security update for apache2 (important)

2011-11-0919:08:34
lists.opensuse.org
14

0.974 High

EPSS

Percentile

99.9%

JSON

This update fixes several security issues in the Apache2
webserver.

The severe ByteRange remote denial of service attack
(CVE-2011-3192) was fixed, configuration options used by
upstream were added.

Introduce new config option: Allow MaxRanges Number
of ranges requested, if exceeded, the complete content is
served. default: 200 0|unlimited: unlimited none: Range
headers are ignored. This option is a backport from 2.2.21.

CVE-2011-0419,CVE-2011-1928: Two fnmatch denial of
service attacks were fixed that could exhaust the servers
memory.

CVE-2010-1623: Another memoryleak was fixed that
could exhaust httpd server memory via unspecified methods.

CVE-2011-3368: This update also includes fixes a fix
for a mod_proxy reverse exposure via RewriteRule or
ProxyPassMatch directives.

OSVersionArchitecturePackageVersionFilename
SUSE Linux Enterprise Server10.3s390xapache2<ย 2.2.3-16.32.37.1apache2-2.2.3-16.32.37.1.s390x.rpm
SUSE Linux Enterprise Server10.3i586apache2-devel<ย 2.2.3-16.32.37.1apache2-devel-2.2.3-16.32.37.1.i586.rpm
SUSE Linux Enterprise Server10.3s390xapache2-example-pages<ย 2.2.3-16.32.37.1apache2-example-pages-2.2.3-16.32.37.1.s390x.rpm
SUSE Linux Enterprise Server10.3x86_64apache2-worker<ย 2.2.3-16.32.37.1apache2-worker-2.2.3-16.32.37.1.x86_64.rpm
SUSE Linux Enterprise Server10.3s390xapache2-doc<ย 2.2.3-16.32.37.1apache2-doc-2.2.3-16.32.37.1.s390x.rpm
SUSE Linux Enterprise Server10.3i586apache2-prefork<ย 2.2.3-16.32.37.1apache2-prefork-2.2.3-16.32.37.1.i586.rpm
SUSE Linux Enterprise Server10.3i586apache2<ย 2.2.3-16.32.37.1apache2-2.2.3-16.32.37.1.i586.rpm
SUSE Linux Enterprise Server10.3i586apache2-doc<ย 2.2.3-16.32.37.1apache2-doc-2.2.3-16.32.37.1.i586.rpm
SUSE Linux Enterprise Server10.3s390xapache2-prefork<ย 2.2.3-16.32.37.1apache2-prefork-2.2.3-16.32.37.1.s390x.rpm
SUSE Linux Enterprise Server10.3s390xapache2-worker<ย 2.2.3-16.32.37.1apache2-worker-2.2.3-16.32.37.1.s390x.rpm
Rows per page:
1-10 of 181

Related

nessus 45
openvas 72
gentoo 1
redhat 5
centos 3
fedora 8
debian 4
debiancve 3
ubuntu 2
ubuntucve 3
securityvulns 3
f5 5
prion 3
cve 3
veracode 4
freebsd 2
suse 3
kaspersky 1
oraclelinux 4
slackware 2
packetstorm 2
seebug 3
httpd 5
altlinux 5
checkpoint_advisories 3
threatpost 2
exploitpack 1
amazon 1
cisa 1
nessus
nessus
SuSE 11.1 Security Update : libapr (SAT Patch Number 4845)
2011-07-12 00:00:00
openSUSE Security Update : apache2 (openSUSE-SU-2011:0859-1)
2014-06-13 00:00:00
SuSE 11.1 Security Update : libapr (SAT Patch Number 4845)
2011-07-12 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201405-24
2015-09-29 00:00:00
CentOS Update for httpd CESA-2011:1392 centos4 i386
2011-11-11 00:00:00
RedHat Update for httpd RHSA-2011:1392-01
2011-10-21 00:00:00
gentoo
gentoo
Apache Portable Runtime, APR Utility Library: Denial of service
2014-05-18 00:00:00
redhat
redhat
(RHSA-2011:1392) Moderate: httpd security and bug fix update
2011-10-20 00:00:00
(RHSA-2011:0844) Low: apr security update
2011-05-31 00:00:00
(RHSA-2011:1391) Moderate: httpd security and bug fix update
2011-10-20 00:00:00
centos
centos
httpd, mod_ssl security update
2011-10-20 21:19:56
apr security update
2011-05-31 16:57:35
apr security update
2011-01-27 08:46:39
fedora
fedora
[SECURITY] Fedora 15 Update: apr-1.4.5-1.fc15
2011-06-02 10:55:41
[SECURITY] Fedora 14 Update: apr-1.4.5-1.fc14
2011-06-04 03:01:11
[SECURITY] Fedora 13 Update: apr-1.4.5-1.fc13
2011-06-04 03:02:07
debian
debian
[SECURITY] [DSA 2237-2] apr security update
2011-05-21 08:01:12
[SECURITY] [DSA 2237-2] apr security update
2011-05-21 08:01:12
[SECURITY] [DSA-2117-1] New apr-util packages fix denial of service
2010-10-04 21:35:18
debiancve
debiancve
CVE-2011-1928
2011-05-24 23:55:00
CVE-2010-1623
2010-10-04 21:00:00
CVE-2011-3368
2011-10-05 22:55:00
ubuntu
ubuntu
APR vulnerabilities
2011-05-24 00:00:00
APR-util vulnerability
2010-11-25 00:00:00
ubuntucve
ubuntucve
CVE-2011-1928
2011-05-24 00:00:00
CVE-2010-1623
2010-10-04 00:00:00
CVE-2011-3368
2011-10-05 00:00:00
securityvulns
securityvulns
apr / Apache mod_autoindex DoS
2011-05-21 00:00:00
[ MDVSA-2011:095 ] apr
2011-05-21 00:00:00
[ MDVSA-2011:144 ] apache
2011-10-12 00:00:00
f5
f5
SOL16879 - Apache Portable Runtime vulnerability CVE-2011-1928
2015-07-02 00:00:00
K16879 : Apache Portable Runtime vulnerability CVE-2011-1928
2015-07-02 00:00:00
K15902 : Apache vulnerability CVE-2010-1623
2015-09-16 00:00:00
prion
prion
Code injection
2011-05-24 23:55:00
Design/Logic Flaw
2010-10-04 21:00:00
Design/Logic Flaw
2011-10-05 22:55:00
cve
cve
CVE-2011-1928
2011-05-24 23:55:00
CVE-2011-3368
2011-10-05 22:55:00
CVE-2010-1623
2010-10-04 21:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:02:57
Denial Of Service (DoS)
2020-04-10 00:51:33
Information Disclosure
2020-04-10 01:03:06
freebsd
freebsd
Apache APR -- DoS vulnerabilities
2011-05-19 00:00:00
Apache 1.3 -- mod_proxy reverse proxy exposure
2011-10-05 00:00:00
suse
suse
Security update for Apache2 (important)
2011-11-04 09:08:25
apache2: Fixed several security issues (important)
2011-11-04 09:08:34
Security update for Apache (important)
2011-09-06 18:08:19
kaspersky
kaspersky
KLA10065 Multiple vulnerabilities in Apache httpd
2013-07-22 00:00:00
oraclelinux
oraclelinux
httpd security and bug fix update
2011-10-20 00:00:00
apr-util security update
2010-12-07 00:00:00
httpd security and bug fix update
2011-10-20 00:00:00
slackware
slackware
[slackware-security] apr-util
2011-02-11 01:16:50
[slackware-security] apr/apr-util
2011-05-25 23:18:28
packetstorm
packetstorm
Apache Reverse Proxy Bypass
2011-10-06 00:00:00
Apache mod_proxy Proof Of Concept
2011-10-11 00:00:00
seebug
seebug
Apache HTTP Server 'mod_proxy'ๅๅ‘ไปฃ็†ไฟกๆฏๆณ„้œฒๆผๆดž
2011-10-08 00:00:00
Apache mod_proxy Reverse Proxy Exposure Vulnerability PoC
2011-10-12 00:00:00
Apache mod_proxy Reverse Proxy Exposure
2011-10-06 00:00:00
httpd
httpd
Apache Httpd < 2.0.64 : apr_bridage_split_line DoS
2010-03-03 00:00:00
Apache Httpd < 2.2.17 : apr_bridage_split_line DoS
2010-03-03 00:00:00
Apache Httpd < 1.3-never : mod_proxy reverse proxy exposure
2011-09-16 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package apache2 version 2.2.21-alt2
2011-11-19 00:00:00
Security fix for the ALT Linux 10 package apache2 version 2.2.21-alt2
2011-11-19 00:00:00
Security fix for the ALT Linux 7 package apr1 version 1.4.6-alt1
2012-11-16 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache HTTPD mod_proxy Security Bypass (CVE-2011-3368)
2012-03-05 00:00:00
Apache HTTPD mod_proxy Information Disclosure (CVE-2011-3368)
2011-11-01 00:00:00
Apache HTTPD Ranges Header Field Denial of Service (CVE-2011-3192)
2011-09-14 00:00:00
threatpost
threatpost
New Apache Reverse Proxy Issue Uncovered
2011-11-26 23:41:49
Apache Fixes Range Header DoS Flaw
2011-08-31 10:30:00
exploitpack
exploitpack
Apache mod_proxy - Reverse Proxy Exposure
2011-10-11 00:00:00
amazon
amazon
Medium: httpd
2011-09-27 22:46:00
cisa
cisa
Oracle Releases Security Alert for Oracle HTTP Server Products
2011-09-19 00:00:00

0.974 High

EPSS

Percentile

99.9%

JSON
Related for SUSE-SU-2011:1229-1
nessus45openvas72gentoo1redhat5centos3fedora8debian4debiancve3ubuntu2ubuntucve3securityvulns3f55prion3cve3veracode4freebsd2suse3kaspersky1oraclelinux4slackware2packetstorm2seebug3httpd5altlinux5checkpoint_advisories3threatpost2exploitpack1amazon1cisa1