Download
| Alert*
oval:org.secpod.oval:def:1500930
The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header. oval:org.secpod.oval:def:204199 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A flaw was found in the way httpd handled HTTP Trailer headers when processing requests using chunked encoding. A malicious client could use Trailer headers to set additional HTTP headers after heade ... oval:org.secpod.oval:def:24397 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle a header in the trailer portion of data sent with chunked transfer coding. Successful ex ... oval:org.secpod.oval:def:25790 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP Server. oval:org.secpod.oval:def:25791 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP Server. oval:org.secpod.oval:def:702464 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP Server. oval:org.secpod.oval:def:204206 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A flaw was found in the way httpd handled HTTP Trailer headers when processing requests using chunked encoding. A malicious client could use Trailer headers to set additional HTTP headers after heade ... oval:org.secpod.oval:def:1600021 The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such." oval:org.secpod.oval:def:52151 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP Server. oval:org.secpod.oval:def:109132 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:1504528 [2.2.15-45.0.1] - replace index.html with Oracle"s index page oracle_index.html - update vstring in specfile [2.2.15-45] - mod_proxy_balancer: add support for "drain mode" [2.2.15-44] - set SSLCipherSuite to DEFAULT:!EXP:!SSLv2:!DES:!IDEA:!SEED:+3DES [2.2.15-43] - revert DirectoryMatch patch from ... oval:org.secpod.oval:def:108487 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:501771 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A flaw was found in the way httpd handled HTTP Trailer headers when processing requests using chunked encoding. A malicious client could use Trailer headers to set additional HTTP headers after heade ... oval:org.secpod.oval:def:501613 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A flaw was found in the way httpd handled HTTP Trailer headers when processing requests using chunked encoding. A malicious client could use Trailer headers to set additional HTTP headers after heade ... oval:org.secpod.oval:def:1200166 mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intended access restrictio ... oval:org.secpod.oval:def:108459 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:34693 The host is installed with Apache HTTP Server 2.2.x through 2.2.27 or 2.4.x through 2.4.10 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle a crafted data. Successful exploitation could allow remote attackers to bypass "RequestHead ... oval:org.secpod.oval:def:1501369 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:109370 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:24460 The host is missing a security update according to Apple advisory, APPLE-SA-2015-04-08-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to execute arbitrary code or crash ... |