Download
| Alert*
|
oval:org.secpod.oval:def:105756
The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:1600004 It was found that the mod_dav module did not correctly strip leading white space from certain elements in a parsed XML. In certain httpd configurations that use the mod_dav module , a remote attacker could send a specially crafted DAV request that would cause the httpd child process to crash or, pos ... oval:org.secpod.oval:def:501221 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. It was found that the mod_dav module did not correctly strip leading white space from certain elements in a parsed XML. In certain httpd configurations that use the mod_dav module , a remote attacker ... oval:org.secpod.oval:def:501219 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. It was found that the mod_dav module did not correctly strip leading white space from certain elements in a parsed XML. In certain httpd configurations that use the mod_dav module , a remote attacker ... oval:org.secpod.oval:def:1600771 A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. It was discovered that the use of http ... oval:org.secpod.oval:def:502126 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * It was discovered that the httpd"s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote ... oval:org.secpod.oval:def:204546 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * It was discovered that the httpd"s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote ... oval:org.secpod.oval:def:502127 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * It was discovered that the httpd"s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote ... oval:org.secpod.oval:def:1600109 A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module could send a specially crafted request that would cause the httpd child p ... oval:org.secpod.oval:def:1501962 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501963 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:204608 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * It was discovered that the httpd"s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote ... oval:org.secpod.oval:def:503200 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: Weak Digest auth nonce generation in mod_auth_digest For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related informat ... oval:org.secpod.oval:def:34699 The host is installed with Apache HTTP Server 2.2.x through 2.2.27 or 2.4.x before 2.4.10 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a request to a CGI script that does not read from its stdin file descriptor. Successful exploitatio ... oval:org.secpod.oval:def:34695 The host is installed with Apache HTTP Server 2.2.x through 2.2.26 or 2.4.x before 2.4.8 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted cookie during truncation. Successful exploitation could allow remote attackers to ... oval:org.secpod.oval:def:34694 The host is installed with Apache HTTP Server 2.2.x through 2.2.26 or 2.4.x before 2.4.8 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly remove whitespace characters from CDATA sections. Successful exploitation could allow remote attac ... oval:org.secpod.oval:def:34691 The host is installed with Apache HTTP Server before 2.4.5 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails by proceeding with save operations for a session without considering the dirty flag. Successful exploitation could allow remote attackers to an u ... oval:org.secpod.oval:def:41596 The host is installed with Apache HTTP Server 2.2.x through 2.2.33 or 2.4.x before 2.4.26 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase. Success ... oval:org.secpod.oval:def:47260 The host is installed with Apache HTTP Server 2.2.x before 2.2.32 or 2.4.x before 2.4.24 and is prone to a CRLF Injection vulnerability. A flaw is present in the application, which fails to handle the Location or other outbound header key or value. Successful exploitation could allow remote attacker ... |
