Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseSUSE-SU-2012:0284-1
HistoryFeb 18, 2012 - 1:08 p.m.

Security update for Apache2 (important)

2012-02-1813:08:15
lists.opensuse.org
23

0.84 High

EPSS

Percentile

98.2%

JSON

This update of apache2 and libapr1 fixes regressions and
several security problems.

  • CVE-2012-0031: Fixed a scoreboard corruption (shared
    mem segment) by child causes crash of privileged parent
    (invalid free()) during shutdown.
  • CVE-2012-0053: Fixed an issue in error responses that
    could expose "httpOnly" cookies when no custom
    ErrorDocument is specified for status code 400".
  • CVE-2007-6750: The "mod_reqtimeout" module was
    backported from Apache 2.2.21 to help mitigate the
    "Slowloris" Denial of Service attack.

You need to enable the "mod_reqtimeout" module in your
existing apache configuration to make it effective, e.g.
in the APACHE_MODULES line in /etc/sysconfig/apache2. For
more detailed information, check also the README file.

Also the following bugs have been fixed:

  • Fixed init script action "check-reload" to avoid
    potential crashes. bnc#728876
  • An overlapping memcpy() was replaced by memmove() to
    make this work with newer glibcs. bnc#738067 bnc#741874
  • libapr1: reset errno to zero to not return previous
    value despite good status of new operation. bnc#739783
OSVersionArchitecturePackageVersionFilename
SUSE Linux Enterprise Server for VMware11.1i586apache2-worker< 2.2.12-1.30.1apache2-worker-2.2.12-1.30.1.i586.rpm
SUSE Linux Enterprise Server11.1ia64apache2< 2.2.12-1.30.1apache2-2.2.12-1.30.1.ia64.rpm
SUSE Linux Enterprise Server11.1i586libapr1< 1.3.3-11.18.19.1libapr1-1.3.3-11.18.19.1.i586.rpm
SUSE Linux Enterprise Software Development Kit11.1x86_64apache2< 2.2.12-1.30.1apache2-2.2.12-1.30.1.x86_64.rpm
SUSE Linux Enterprise Software Development Kit11.1ia64libapr1-devel< 1.3.3-11.18.19.1libapr1-devel-1.3.3-11.18.19.1.ia64.rpm
SUSE Linux Enterprise Server11.1ppc64apache2-example-pages< 2.2.12-1.30.1apache2-example-pages-2.2.12-1.30.1.ppc64.rpm
SUSE Linux Enterprise Server for VMware11.1x86_64apache2-doc< 2.2.12-1.30.1apache2-doc-2.2.12-1.30.1.x86_64.rpm
SUSE Linux Enterprise Server11.1i586apache2-prefork< 2.2.12-1.30.1apache2-prefork-2.2.12-1.30.1.i586.rpm
SUSE Linux Enterprise Server for VMware11.1i586apache2-utils< 2.2.12-1.30.1apache2-utils-2.2.12-1.30.1.i586.rpm
SUSE Linux Enterprise Software Development Kit11.1x86_64apache2-worker< 2.2.12-1.30.1apache2-worker-2.2.12-1.30.1.x86_64.rpm
Rows per page:
1-10 of 751

Related

nessus 41
openvas 42
suse 2
hackerone 2
ibm 5
prion 3
f5 6
cve 3
debiancve 3
fedora 2
oraclelinux 3
redhat 4
ubuntu 1
veracode 2
ubuntucve 3
seebug 2
httpd 4
zdt 1
checkpoint_advisories 2
securityvulns 7
packetstorm 1
debian 2
centos 1
osv 1
altlinux 3
freebsd 1
amazon 1
slackware 1
kaspersky 1
apple 2
nmap 1
gentoo 2
oracle 3
nessus
nessus
openSUSE Security Update : apache2-201202 (openSUSE-SU-2012:0314-1)
2014-06-13 00:00:00
SuSE 11.1 Security Update : Apache2 (SAT Patch Number 5760)
2012-02-20 00:00:00
SuSE 10 Security Update : Apache2 (ZYPP Patch Number 7972)
2012-02-29 00:00:00
openvas
openvas
SuSE Update for apache2 openSUSE-SU-2012:0314-1 (apache2)
2012-08-02 00:00:00
SUSE: Security Advisory (SUSE-SU-2012:0323-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2012:0284-1)
2021-06-09 00:00:00
suse
suse
Security update for Apache2 (important)
2012-03-06 21:08:42
apache2: fixed various security bugs (important)
2012-02-28 18:08:26
hackerone
hackerone
Tor: solving TOR vulnerability, in other to make bruteforce difficult
2017-09-14 14:11:07
U.S. Dept Of Defense: Out-of-date Version (Apache)
2016-11-24 15:09:27
ibm
ibm
Security Bulletin: IBM Security Network Intrusion Prevention System is affected by a vulnerability in Apache (CVE-2007-6750)
2022-02-23 19:48:26
Security Bulletin: Denial of service for accessing data using HTTP protocol on IBM SONAS (CVE-2007-6750)
2018-06-18 00:08:32
Security Bulletin: Denial of service for accessing data using HTTP protocol on IBM Storwize V7000 Unified (CVE-2007-6750)
2018-06-18 00:08:33
prion
prion
Code injection
2011-12-27 18:55:00
Design/Logic Flaw
2012-01-18 20:55:00
Design/Logic Flaw
2012-01-28 04:05:00
f5
f5
K12636 : Slowloris denial-of-service attack vulnerability CVE-2007-6750
2015-04-29 00:00:00
SOL12636 - Slowloris denial-of-service attack vulnerability CVE-2007-6750
2011-02-22 00:00:00
K15889 : Apache HTTP server vulnerabilities CVE-2011-3368, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, and CVE-2012-0053
2015-08-03 00:00:00
cve
cve
CVE-2007-6750
2011-12-27 18:55:00
CVE-2012-0031
2012-01-18 20:55:00
CVE-2012-0053
2012-01-28 04:05:00
debiancve
debiancve
CVE-2007-6750
2011-12-27 18:55:00
CVE-2012-0031
2012-01-18 20:55:00
CVE-2012-0053
2012-01-28 04:05:00
fedora
fedora
[SECURITY] Fedora 16 Update: httpd-2.2.22-1.fc16
2012-02-21 01:28:42
[SECURITY] Fedora 15 Update: httpd-2.2.22-1.fc15
2012-03-06 19:30:50
oraclelinux
oraclelinux
httpd security update
2012-02-28 00:00:00
httpd security update
2012-02-13 00:00:00
httpd security, bug fix, and enhancement update
2013-02-22 00:00:00
redhat
redhat
(RHSA-2012:0323) Moderate: httpd security update
2012-02-21 00:00:00
(RHSA-2012:0128) Moderate: httpd security update
2012-02-13 00:00:00
(RHSA-2012:0542) Moderate: httpd security and bug fix update
2012-05-07 00:00:00
ubuntu
ubuntu
Apache HTTP Server vulnerabilities
2012-02-16 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:10:16
Information Disclosure
2020-04-10 01:10:17
ubuntucve
ubuntucve
CVE-2012-0031
2012-01-18 00:00:00
CVE-2012-0053
2012-01-27 00:00:00
CVE-2007-6750
2011-12-27 00:00:00
seebug
seebug
Apache 2.2.x Scoreboard本地安全限制绕过漏洞
2012-01-17 00:00:00
Apache httpOnly Cookie Disclosure(CVE-2012-0053)
2012-02-01 00:00:00
httpd
httpd
Apache Httpd < 2.2.22 : scoreboard parent DoS
2011-12-30 00:00:00
Apache Httpd < 2.0.65 : scoreboard parent DoS
2011-12-30 00:00:00
Apache Httpd < 2.2.22 : error responses can expose cookies
2012-01-15 00:00:00
zdt
zdt
Apache 2.2 - Scoreboard Invalid Free On Shutdown Vulnerability
2017-03-29 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache HTTPD Error Code 400 httpOnly Cookie Handling Information Disclosure (CVE-2012-0053)
2012-05-14 00:00:00
Apache HTTPD Error Code 400 httpOnly Cookie Handling Information Disclosure - ver 2 (CVE-2012-0053)
2012-05-10 00:00:00
securityvulns
securityvulns
HP XP P9000 information leakage
2013-04-01 00:00:00
[security bulletin] HPSBST02848 SSRT101112 rev.1 - HP XP P9000 Command View Advanced Edition Suite Products, Remote Disclosure of Information
2013-04-01 00:00:00
[Announce] Apache HTTP Server 2.2.22 Released
2012-02-03 00:00:00
packetstorm
packetstorm
Apache protocol.c Cookie Disclosure
2012-01-31 00:00:00
debian
debian
[SECURITY] [DSA 2405-1] apache2 security update
2012-02-06 09:06:39
[SECURITY] [DSA 2405-1] apache2 security update
2012-02-06 09:06:39
centos
centos
httpd, mod_ssl security update
2012-02-14 11:13:29
osv
osv
apache2 - multiple issues
2012-02-06 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package apache2 version 2.2.22-alt1
2012-02-02 00:00:00
Security fix for the ALT Linux 10 package apache2 version 2.2.22-alt1
2012-02-02 00:00:00
Security fix for the ALT Linux 8 package apache2 version 2.2.22-alt1
2012-02-02 00:00:00
freebsd
freebsd
apache -- multiple vulnerabilities
2011-10-05 00:00:00
amazon
amazon
Medium: httpd
2012-02-16 10:48:00
slackware
slackware
[slackware-security] httpd
2012-02-10 17:43:57
kaspersky
kaspersky
KLA10065 Multiple vulnerabilities in Apache httpd
2013-07-22 00:00:00
apple
apple
About the security content of macOS Server 5.3
2017-03-27 00:00:00
About the security content of macOS Server 5.3 - Apple Support
2017-03-28 04:58:08
nmap
nmap
http-slowloris-check NSE Script
2012-08-24 09:19:30
gentoo
gentoo
Apache HTTP Server: Multiple vulnerabilities
2013-09-23 00:00:00
Apache HTTP Server: Multiple vulnerabilities
2012-06-24 00:00:00
oracle
oracle
Oracle Critical Patch Update - July 2012
2012-07-17 00:00:00
Oracle Critical Patch Update Advisory - January 2015
2015-03-10 00:00:00
Oracle Critical Patch Update - January 2018
2018-01-16 00:00:00

0.84 High

EPSS

Percentile

98.2%

JSON
Related for SUSE-SU-2012:0284-1
nessus41openvas42suse2hackerone2ibm5prion3f56cve3debiancve3fedora2oraclelinux3redhat4ubuntu1veracode2ubuntucve3seebug2httpd4zdt1checkpoint_advisories2securityvulns7packetstorm1debian2centos1osv1altlinux3freebsd1amazon1slackware1kaspersky1apple2nmap1gentoo2oracle3