Download
| Alert*
|
oval:org.secpod.oval:def:400422
This update of apache2 fixes regressions and several security problems: bnc#728876, fix graceful reload bnc#741243, CVE-2012-0031: Fixed a scoreboard corruption by child causes crash of privileged parent during shutdown. bnc#743743, CVE-2012-0053: Fixed an issue in error responses that could expos ... oval:org.secpod.oval:def:1601337 It was discovered that the fix for CVE-2011-3368 did not completely address the problem. An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly accessible to the attacker by sending an HTTP version 0.9 request, or by using a specially-crafted URI. The h ... oval:org.secpod.oval:def:202238 The Apache HTTP Server is a popular web server. It was discovered that the fix for CVE-2011-3368 did not completely address the problem. An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly accessible to the attacker by sending an HTTP version 0.9 re ... oval:org.secpod.oval:def:600726 Several vulnerabilities have been found in the Apache HTTPD Server: CVE-2011-3607: An integer overflow in ap_pregsub could allow local attackers to execute arbitrary code at elevated privileges via crafted .htaccess files. CVE-2011-3368 CVE-2011-3639 CVE-2011-4317: The Apache HTTP Server did not pro ... oval:org.secpod.oval:def:1000379 The remote host is missing a patch 120544-28 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1000396 The remote host is missing a patch 120543-28 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:500713 The Apache HTTP Server is a popular web server. It was discovered that the fix for CVE-2011-3368 did not completely address the problem. An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly accessible to the attacker by sending an HTTP version 0.9 re ... oval:org.secpod.oval:def:1503775 Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availabl ... oval:org.secpod.oval:def:500745 The Apache HTTP Server is a popular web server. It was discovered that the fix for CVE-2011-3368 did not completely address the problem. An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly accessible to the attacker by sending an HTTP version 0.9 re ... oval:org.secpod.oval:def:10699 The host is installed with Mac OS X 10.6.8 or OS X Lion v10.7 to v10.7.4 and is prone to a denial of service vulnerability. A flaw is present in the application, due to an invalid call to the free function. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:4371 The host is installed with Apache HTTP Server 2.2.x and before 2.2.22 and is prone to a denial of service vulnerability. A flaw is present in the application, due to improper handling of httpd child process status information. Successful exploitation could allow attackers to bypass certain security ... oval:org.secpod.oval:def:103359 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:103433 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:302828 Multiple vulnerabilities has been found and corrected in apache : The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not properly handle a %{}C format string, which allows remote attackers to cau ... oval:org.secpod.oval:def:700773 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP Server. oval:org.secpod.oval:def:10725 The host is installed with Apple Mac OS X 10.6.8, 10.7 before 10.7.5 or 10.8 before 10.8.2 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. |
