Gentoo Linux Security Advisory 201405-24 - Memory consumption errors in Apache Portable Runtime and APR Utility Library could result in Denial of Service. Versions less than 1.4.8-r1 are affected.
d9222b06fe4084a9196c4106e29e02ec8051b6ed75b924156e34d9b342dbb8a5HP Security Bulletin HPSBOV02822 SSRT100966 - Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, or unauthorized disclosure of information. Revision 1 of this advisory.
21c104d295b4ae2e63eb3ca4f8927d747e86151bd3754aa34134f75312b342b7HP Security Bulletin HPSBMU02764 SSRT100827 2 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely and locally resulting in cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, and other vulnerabilities. Revision 2 of this advisory.
309e442bfe4de81d1da4a903beb9bb3ce130e05b0ec3c99ada2e50debacf94afHP Security Bulletin HPSBMU02764 SSRT100827 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely and locally resulting in cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, and other vulnerabilities. Revision 1 of this advisory.
ef4dc6d5c693e4d1488186aa6471a0d6ae5ab0b725cd9a055f4101f928dcf379HP Security Bulletin HPSBMU02704 SSRT100619 - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM) running Apache. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
7999f71fbcd8709c32f927c331d72a48a33196832c69bf214321a6a0024ddec9HP Security Bulletin HPSBUX02707 SSRT100626 2 - A potential security vulnerability has been identified with HP-UX Apache Web Server. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 2 of this advisory.
2bc580cebeaede10bf326b7f8b67beb2822682b19ca788d5dc123a8023251ae1HP Security Bulletin HPSBUX02702 SSRT100606 5 - Potential security vulnerabilities have been identified with HP-UX Apache Web Server. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS). Revision 5 of this advisory.
a34907b555a172f5345fd6f023fcaedbb9208697f80f7db3d6a74714556b4712Apple Security Advisory 2011-10-12-3 - OS X Lion has a security update available that addresses findings in Apache, a format string vulnerability in the Application Firewall, an arbitrary code execution vulnerability when viewing a malicious font via ATS, and 60+ other issues.
4d539896720bca2e48b218929a6c10484c83d72ac4b634adbd7f33f680f59edeHP Security Bulletin HPSBUX02707 SSRT100626 - A potential security vulnerability has been identified with HP-UX Apache Web Server. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
8c8491ffbdea51197735b916bafae7e01bedf7e73d74f78a14d32b3f74aa0016HP Security Bulletin HPSBUX02702 SSRT100606 4 - Potential security vulnerabilities have been identified with HP-UX Apache Web Server. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS). Revision 4 of this advisory.
f84390edda2d8182da2df382e01d723deffb2e8beb3db4539121121bcbc2bcf0HP Security Bulletin HPSBUX02702 SSRT100606 2 - Potential security vulnerabilities have been identified with HP-UX Apache Web Server. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS). Revision 2 of this advisory.
5d1c5a8b3181e25ea29570e76ce93e1bf7ddcce44664736210e2e52ed2f4d002HP Security Bulletin HPSBUX02702 SSRT100606 - A potential security vulnerability has been identified with HP-UX Apache Web Server. These vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
56ce56453dcdcdf048753152dd2165359229dd31558d0c9f6b820c059512d8e0Red Hat Security Advisory 2011-0897-01 - JBoss Enterprise Web Server has been updated to mitigate multiple vulnerabilities such as cross site scripting, information leaks, and more.
7aecf3731e5d7ec16a49db4e8573debf3eeae784616883cd4920d2dccde550deRed Hat Security Advisory 2011-0896-01 - JBoss Enterprise Web Server has been updated to mitigate multiple vulnerabilities such as cross site scripting, information leaks, and more.
afb754e948ecb997661a2640f0ff3042c01bce970a3e081cc14ecea1dd6901bcUbuntu Security Notice 1134-1 - Maksymilian Arciemowicz reported that a flaw in the fnmatch() implementation in the Apache Portable Runtime (APR) library could allow an attacker to cause a denial of service. This can be demonstrated in a remote denial of service attack against mod_autoindex in the Apache web server. Is was discovered that the fix for CVE-2011-0419 introduced a different flaw in the fnmatch() implementation that could also result in a denial of service.
33d0bcbf01e80fbf4f6e0b746d2ea03df29467c9bd9d72f3c02f2b79dfede4f4Mandriva Linux Security Advisory 2011-095 - It was discovered that the fix for CVE-2011-0419 under certain conditions could cause a denial-of-service attack in APR.
aee7c9b916aac108d9dc237d107aef2724cb3ece79267c7664d931b1efbc8e0aDebian Linux Security Advisory 2237-2 - The recent APR update DSA-2237-1 introduced a regression that could lead to an endless loop in the apr_fnmatch() function, causing a denial of service. This update fixes this problem.
97bfb438e9f3f407d67eb339b80dd535ae1ed70117a635b5bd62445a4be06344Debian Linux Security Advisory 2237-1 - A flaw was found in the APR library, which could be exploited through Apache HTTPD's mod_autoindex. If a directory indexed by mod_autoindex contained files with sufficiently long names, a remote attacker could send a carefully crafted request which would cause excessive CPU usage. This could be used in a denial of service attack.
c23f7d122bf00732fd57c168870b2d9b88cfca00ec85f779d9841ab56b4fcd1fMandriva Linux Security Advisory 2011-084 - It was discovered that the apr_fnmatch() function used an unconstrained recursion when processing patterns with the '*' wildcard. An attacker could use this flaw to cause an application using this function, which also accepted untrusted input as a pattern for matching (such as an httpd server using the mod_autoindex module), to exhaust all stack memory or use an excessive amount of CPU time when performing matching.
45271e52457dd5e159581d09ef78f8d9ecb63ab04f93a3fbb88d31810af7cf0dMultiple vendors libc/fnmatch(3) suffer from a denial of service vulnerability. Affected software includes Apache 2.2.17, NetBSD 5.1, OpenBSD 4.8, FreeBSD, Mac OS X 10.6, and Sun Solaris 10. Apache proof of concept is included.
2c1ae950fb3bfed82e98d5621bda7e64d189490f5059fd8d12ecb495733b1b59
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed