Download
| Alert*
oval:org.secpod.oval:def:201680
The Apache HTTP Server is a popular web server. It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, ... oval:org.secpod.oval:def:201687 The Apache HTTP Server is a popular web server. It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, ... oval:org.secpod.oval:def:400337 This update fixes several security issues in the Apache webserver. The patch for the ByteRange remote denial of service attack was refined and the configuration options used by upstream were added. Introduce new config option: Allow MaxRanges Number of ranges requested, if exceeded, the complete co ... oval:org.secpod.oval:def:201458 The Apache HTTP Server is a popular web server. It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, ... oval:org.secpod.oval:def:103024 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:600610 The apache2 Upgrade from DSA-2298-1 has caused a regression that prevented some video players from seeking in video files served by Apache HTTPD. This update fixes this bug. The text of the original advisory is reproduced for reference: Two issues have been found in the Apache HTTPD web server: CVE- ... oval:org.secpod.oval:def:600613 Two issues have been found in the Apache HTTPD web server: CVE-2011-3192 A vulnerability has been found in the way the multiple overlapping ranges are handled by the Apache HTTPD server. This vulnerability allows an attacker to cause Apache HTTPD to use an excessive amount of memory, causing a denia ... oval:org.secpod.oval:def:1601230 The Apache HTTP Server is a popular web server.A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. All httpd user ... oval:org.secpod.oval:def:700584 apache2: Apache HTTP server A remote attacker could send crafted input to Apache and cause it to crash. oval:org.secpod.oval:def:2368 The host is installed with Apache HTTP Server 1.3.x or 2.0.x through 2.0.64 or 2.2.x through 2.2.19 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to prevent creation of multiple number of threads that use multiple range headers. Successful explo ... oval:org.secpod.oval:def:201688 The Apache HTTP Server is a popular web server. A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. All httpd us ... oval:org.secpod.oval:def:400303 This update fixes a remote denial of service bug in the Apache 2 HTTP server, that could be triggered by remote attackers using multiple overlapping Request Ranges oval:org.secpod.oval:def:500192 The Apache HTTP Server is a popular web server. A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. All httpd us ... oval:org.secpod.oval:def:1503195 Updated httpd packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is a ... oval:org.secpod.oval:def:200435 The Apache HTTP Server is a popular web server. A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. All httpd us ... oval:org.secpod.oval:def:301059 Multiple vulnerabilities has been discovered and corrected in apache: The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service via a Range header that expresses multiple overlapping ranges, as exploited ... oval:org.secpod.oval:def:3108 The host is installed with Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle multiple overlapping ranges. Successful exploitation could allow attackers to crash the s ... oval:org.secpod.oval:def:500263 The Apache HTTP Server is a popular web server. A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. All httpd us ... oval:org.secpod.oval:def:500067 The Apache HTTP Server is a popular web server. A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. All httpd us ... oval:org.secpod.oval:def:500117 The Apache HTTP Server is a popular web server. It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, ... oval:org.secpod.oval:def:200224 The Apache HTTP Server is a popular web server. It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, ... |