Download
| Alert*
|
oval:org.secpod.oval:def:202238
The Apache HTTP Server is a popular web server. It was discovered that the fix for CVE-2011-3368 did not completely address the problem. An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly accessible to the attacker by sending an HTTP version 0.9 re ... oval:org.secpod.oval:def:4368 The host is installed with Apache HTTP Server before 2.2.21 and is prone to denial of service vulnerability. A flaw is present in the application, which is caused by an error in mod_proxy_ajp when used together with mod_proxy_balancer. Successful exploitation allows remote attackers to send speciall ... oval:org.secpod.oval:def:105756 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:6411 The host is installed with Apache 2.4.x before 2.4.2 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a zero-length directory name in the LD_LIBRARY_PATH. Successful exploitation could allow remote attackers to search the current directory ... oval:org.secpod.oval:def:34691 The host is installed with Apache HTTP Server before 2.4.5 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails by proceeding with save operations for a session without considering the dirty flag. Successful exploitation could allow remote attackers to an u ... oval:org.secpod.oval:def:1500110 Updated httpd packages that fix two security issues, several bugs, and addvarious enhancements are now available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having lowsecurity impact. Common Vulnerability Scoring System base scores,which give detailed ... oval:org.secpod.oval:def:500208 The Apache HTTP Server is a popular web server. It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, ... oval:org.secpod.oval:def:1600004 It was found that the mod_dav module did not correctly strip leading white space from certain elements in a parsed XML. In certain httpd configurations that use the mod_dav module , a remote attacker could send a specially crafted DAV request that would cause the httpd child process to crash or, pos ... oval:org.secpod.oval:def:501221 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. It was found that the mod_dav module did not correctly strip leading white space from certain elements in a parsed XML. In certain httpd configurations that use the mod_dav module , a remote attacker ... oval:org.secpod.oval:def:500713 The Apache HTTP Server is a popular web server. It was discovered that the fix for CVE-2011-3368 did not completely address the problem. An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly accessible to the attacker by sending an HTTP version 0.9 re ... oval:org.secpod.oval:def:34695 The host is installed with Apache HTTP Server 2.2.x through 2.2.26 or 2.4.x before 2.4.8 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted cookie during truncation. Successful exploitation could allow remote attackers to ... oval:org.secpod.oval:def:34694 The host is installed with Apache HTTP Server 2.2.x through 2.2.26 or 2.4.x before 2.4.8 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly remove whitespace characters from CDATA sections. Successful exploitation could allow remote attac ... oval:org.secpod.oval:def:500745 The Apache HTTP Server is a popular web server. It was discovered that the fix for CVE-2011-3368 did not completely address the problem. An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly accessible to the attacker by sending an HTTP version 0.9 re ... oval:org.secpod.oval:def:501219 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. It was found that the mod_dav module did not correctly strip leading white space from certain elements in a parsed XML. In certain httpd configurations that use the mod_dav module , a remote attacker ... oval:org.secpod.oval:def:4371 The host is installed with Apache HTTP Server 2.2.x and before 2.2.22 and is prone to a denial of service vulnerability. A flaw is present in the application, due to improper handling of httpd child process status information. Successful exploitation could allow attackers to bypass certain security ... oval:org.secpod.oval:def:202155 The Apache HTTP Server is a popular Web server. A denial of service flaw was found in the Apache mod_proxy module when it was used as a reverse proxy. A remote attacker could use this flaw to force a proxy process to consume large amounts of CPU time. A denial of service flaw was found in the Apach ... oval:org.secpod.oval:def:202112 The Apache HTTP Server is a popular Web server. A denial of service flaw was found in the Apache mod_proxy module when it was used as a reverse proxy. A remote attacker could use this flaw to force a proxy process to consume large amounts of CPU time. A denial of service flaw was found in the Apach ... oval:org.secpod.oval:def:202198 The Apache HTTP Server is a popular Web server. A flaw was found in the way the TLS/SSL protocols handle session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client"s session . This could force the server to process an attacker"s request as if ... oval:org.secpod.oval:def:500531 The Apache HTTP Server is a popular Web server. A denial of service flaw was found in the Apache mod_proxy module when it was used as a reverse proxy. A remote attacker could use this flaw to force a proxy process to consume large amounts of CPU time. A denial of service flaw was found in the Apach ... oval:org.secpod.oval:def:500675 The Apache HTTP Server is a popular Web server. A flaw was found in the way the TLS/SSL protocols handle session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client"s session . This could force the server to process an attacker"s request as if ... oval:org.secpod.oval:def:202179 The Apache HTTP Server is a popular Web server. A flaw was found in the way the TLS/SSL protocols handle session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client"s session . This could force the server to process an attacker"s request as if ... oval:org.mitre.oval:def:8632 The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption). oval:org.mitre.oval:def:8616 The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service ... |
