Download
| Alert*
oval:org.secpod.oval:def:1600004
It was found that the mod_dav module did not correctly strip leading white space from certain elements in a parsed XML. In certain httpd configurations that use the mod_dav module , a remote attacker could send a specially crafted DAV request that would cause the httpd child process to crash or, pos ... oval:org.secpod.oval:def:501219 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. It was found that the mod_dav module did not correctly strip leading white space from certain elements in a parsed XML. In certain httpd configurations that use the mod_dav module , a remote attacker ... oval:org.secpod.oval:def:501221 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. It was found that the mod_dav module did not correctly strip leading white space from certain elements in a parsed XML. In certain httpd configurations that use the mod_dav module , a remote attacker ... oval:org.secpod.oval:def:109132 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:108487 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:108459 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:109370 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:1501134 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which htt ... oval:org.secpod.oval:def:203703 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which htt ... oval:org.secpod.oval:def:109306 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:501639 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which htt ... oval:org.secpod.oval:def:113556 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:114362 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:204571 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker ... oval:org.secpod.oval:def:204577 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker ... oval:org.secpod.oval:def:107228 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:113262 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:203359 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a thread ... oval:org.secpod.oval:def:1600109 A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module could send a specially crafted request that would cause the httpd child p ... oval:org.secpod.oval:def:501338 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a thread ... oval:org.secpod.oval:def:1502033 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502039 Several security issues were fixed in httpd. oval:org.secpod.oval:def:501339 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a thread ... oval:org.secpod.oval:def:1500652 Updated httpd packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avai ... oval:org.secpod.oval:def:1500655 Updated httpd packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avai ... oval:org.secpod.oval:def:204608 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * It was discovered that the httpd"s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote ... oval:org.secpod.oval:def:502150 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker ... oval:org.secpod.oval:def:502156 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker ... oval:org.secpod.oval:def:107376 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:1600771 A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. It was discovered that the use of http ... oval:org.secpod.oval:def:203371 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a thread ... oval:org.secpod.oval:def:203375 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a thread ... oval:org.secpod.oval:def:502126 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * It was discovered that the httpd"s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote ... oval:org.secpod.oval:def:204546 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * It was discovered that the httpd"s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote ... oval:org.secpod.oval:def:502127 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * It was discovered that the httpd"s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote ... oval:org.secpod.oval:def:1501962 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1500635 A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd ch ... oval:org.secpod.oval:def:1501963 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:26137 The host is installed with Apache HTTP Server 2.4.x before 2.4.14 and is prone to a security bypass vulnerability. A flaw is present in the ap_some_auth_required function in server/request.c, which does not consider that a Require directive may be associated with an authorization setting rather than ... oval:org.secpod.oval:def:34700 The host is installed with Apache HTTP Server 2.4.x before 2.4.10 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails when the default AcceptFilter is enabled. Successful exploitation could allow remote attackers to cause a denial of service (memory c ... oval:org.secpod.oval:def:34699 The host is installed with Apache HTTP Server 2.2.x through 2.2.27 or 2.4.x before 2.4.10 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a request to a CGI script that does not read from its stdin file descriptor. Successful exploitatio ... oval:org.secpod.oval:def:34697 The host is installed with Apache HTTP Server 2.2.x through 2.2.27 or 2.4.x before 2.4.10 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails when request body decompression is enabled. Successful exploitation could allow remote attackers to cause a d ... oval:org.secpod.oval:def:34698 The host is installed with Apache HTTP Server 2.2.x through 2.2.27 or 2.4.x before 2.4.10 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted request that triggers improper scoreboard handling within the status_handler function in ... oval:org.secpod.oval:def:34695 The host is installed with Apache HTTP Server 2.2.x through 2.2.26 or 2.4.x before 2.4.8 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted cookie during truncation. Successful exploitation could allow remote attackers to ... oval:org.secpod.oval:def:34696 The host is installed with Apache HTTP Server 2.4.x from 2.4.6 through 2.4.9 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails when a reverse proxy is enabled. Successful exploitation could allow remote attackers to cause a denial of service (child- ... oval:org.secpod.oval:def:34694 The host is installed with Apache HTTP Server 2.2.x through 2.2.26 or 2.4.x before 2.4.8 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly remove whitespace characters from CDATA sections. Successful exploitation could allow remote attac ... oval:org.secpod.oval:def:34692 The host is installed with Apache HTTP Server 2.4.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle enablement of caching forward proxy. Successful exploitation could allow remote HTTP servers to cause denial of service (NULL pointer der ... oval:org.secpod.oval:def:55064 The host is installed with Apache HTTP Server 2.4.x through 2.4.37 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle the mod_session expiry time check issue. Successful exploitation could allow attackers to ignore session expiry tim ... oval:org.secpod.oval:def:47260 The host is installed with Apache HTTP Server 2.2.x before 2.2.32 or 2.4.x before 2.4.24 and is prone to a CRLF Injection vulnerability. A flaw is present in the application, which fails to handle the Location or other outbound header key or value. Successful exploitation could allow remote attacker ... oval:org.secpod.oval:def:41600 The host is installed with Apache HTTP Server 2.2.x before 2.2.34 and 2.4.x before 2.4.27 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle mod_mime. Successful exploitation could allow remote attackers to leak confidential informati ... |