[Forgot Password]
Login  Register Subscribe

24547

 
 

132176

 
 

122448

 
 

909

 
 

100878

 
 

148

 
 
Paid content will be excluded from the download.

Filter
Matches : 3678 Download | Alert*

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote ...

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote ...

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote ...

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * It was discovered that the mod_session_crypto module of httpd did not use any mechanisms to verify integrity of the encrypted session data stored in the user"s browser. A remote attacker could use this flaw to decrypt and modify session data using a padding oracle attack. * It was ...

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. If httpd was used in conjunction with a proxy or backend server that interpreted those characters diff ...

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * It was discovered that the httpd"s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd ...

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * It was discovered that the httpd"s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd ...

The libssh2 packages provide a library that implements the SSHv2 protocol. A type confusion issue was found in the way libssh2 generated ephemeral secrets for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. This would cause an SSHv2 Diffie-Hellman handshake to use significantly less secure random parameters. Red Hat would like to thank Aris Adamantiadis for reporting th ...

The libssh2 packages provide a library that implements the SSHv2 protocol. A type confusion issue was found in the way libssh2 generated ephemeral secrets for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. This would cause an SSHv2 Diffie-Hellman handshake to use significantly less secure random parameters. Red Hat would like to thank Aris Adamantiadis for reporting th ...

The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fix: * corosync: Integer overflow in exec/totemcrypto.c:authenticate_nss_2_3 function For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Red Hat would like to ...


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   367

© SecPod Technologies