HP Security Bulletin HPSBMU02753 SSRT100782 - Potential security vulnerabilities have been identified with HP Business Availability Center (BAC) running Apache. The vulnerabilities could be remotely exploited to allow execution of arbitrary commands or to create a Denial of Service (DoS). Revision 1 of this advisory.
b55a989f31c2419d9a2795806e8f45c94e4360a46ec5e834af0bbc413ee64bbbHP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS) or unauthorized access. Apache-based Web Server is contained in the Apache Web Server Suite.
e61c4c47ea35e2d55864412f5203f99d8a7b3341bdcde1891b49d16f6e840b6bHP Security Bulletin - Multiple security vulnerabilities have been identified with the HP Secure Web Server for OpenVMS (based on Apache) CSWS. The vulnerabilities could be remotely exploited resulting in a Denial of Service (DoS), unauthorized disclosure of information, or unauthorized modification of information.
2a35e1c43d465a3b7fd34dc18a20f0d68c9898dc3bdb7f19c71a2c0edbdc8a20Mandriva Linux Security Advisory 2009-323 - Multiple vulnerabilities has been found and corrected in apache. Packages for 2008.0 are being provided due to extended support for Corporate products. This update provides a solution to these vulnerabilities.
e56a54d6bdc82b29375d1213af66206fb4ca08275ca3ccd4eb0ad21e18bffd71Ubuntu Security Notice 860-1 - Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session.
36419a2d0978a20b0643789ec59775c195f24212f20fba323782b6fddb302e47Debian Linux Security Advisory 1934-1 - A design flaw has been found in the TLS and SSL protocol that allows an attacker to inject arbitrary content at the beginning of a TLS/SSL connection. The attack is related to the way how TLS and SSL handle session renegotiations. CVE-2009-3555 has been assigned to this vulnerability.
6409dd2b27e3773afb6cdd3372de85e981de22305a7cd297954a8af170e4460dMandriva Linux Security Advisory 2009-240 - The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. This update provides a solution to these vulnerabilities.
0b99eeb4e7b9d6cf93ee6299bc687952ecf00f5bed79960082460b9c5160e084
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed