Download
| Alert*
oval:org.secpod.oval:def:1200039
Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP requ ... oval:org.secpod.oval:def:109306 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:602202 The security update from DSA-3325-1 caused a regression for the oldstable distribution . In some configurations, apache2 would fail to start with a spurious error message about the certificate chain. This update fixes this problem. For reference, the text of the original advisory follows: Several vu ... oval:org.secpod.oval:def:504787 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which htt ... oval:org.secpod.oval:def:89045415 Apache was updated to fix one security vulnerability and two bugs. Following security issue was fixed. - Fix the chunked transfer coding implementation in the Apache Bugs fixed: - add SSLSessionTickets directive - hardcode modules %files - only enable the port 443 for TCP protocol, not UDP oval:org.secpod.oval:def:203694 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which htt ... oval:org.secpod.oval:def:26138 The host is installed with Apache HTTP Server 2.2.x or 2.4.x before 2.4.14 and is prone to HTTP request smuggling attack vulnerabilities. The flaws are present in the chunked transfer coding implementation, which does not properly parse chunk headers. Successful exploitation will allow remote attack ... oval:org.secpod.oval:def:26611 The host is installed with Apple Mac OS X or Server 10.9.5 or 10.10.x through 10.10.4 and is prone to a HTTP request smuggling vulnerability. A flaw is present in the application, which fails to handle a crafted request. Successful exploitation allows attackers to conduct HTTP request smuggling atta ... oval:org.secpod.oval:def:1501121 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which htt ... oval:org.secpod.oval:def:52535 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP server. oval:org.secpod.oval:def:1501364 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:25765 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP server. oval:org.secpod.oval:def:109370 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:89045472 Apache was updated to fix one security vulnerability and two bugs. Following security issue was fixed. - Fix the chunked transfer coding implementation in the Apache Bugs fixed: - add SSLSessionTickets directive - hardcode modules %files - only enable the port 443 for TCP protocol, not UDP oval:org.secpod.oval:def:203703 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which htt ... oval:org.secpod.oval:def:501639 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which htt ... oval:org.secpod.oval:def:1501134 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which htt ... oval:org.secpod.oval:def:501638 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which htt ... oval:org.secpod.oval:def:702675 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP server. oval:org.secpod.oval:def:1200130 It was discovered that in httpd 2.4, the internal API function ap_some_auth_required could incorrectly indicate that a request was authenticated even when no authentication was used. An httpd module using this API function could consequently allow access that should have been denied. Multiple flaws ... oval:org.secpod.oval:def:602182 Several vulnerabilities have been found in the Apache HTTPD server. CVE-2015-3183 An HTTP request smuggling attack was possible due to a bug in parsing of chunked requests. A malicious client could force the server to misinterpret the request length, allowing cache poisoning or credential hijacking ... oval:org.secpod.oval:def:26707 The host is missing a security update according to Apple advisory, APPLE-SA-2015-08-13-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a crafted vectors. Successful exploitation may lead to an unexpected application terminati ... |