what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 100 RSS Feed

Files

httpd-2.0.43.tar.gz
Posted Oct 4, 2002
Site apache.org

Apache v2.0.43 - Apache is the most popular webserver on the Internet, and ranks well in terms of security, functionality, efficiency, and speed. Changelog available here.

Changes: Fixes a cross-site scripting vulnerability in the default error page of Apache 2.0 before 2.0.43 when UseCanonicalName is "Off" and support for wildcard DNS is present which allows remote attackers to execute html and java script as other web page visitors via the Host: header.
systems | unix
SHA-256 | 340e0f3ddc87e1dd13973c52b1bc99ec86ac5b5ef5cc105cda34cc7ff32d0d93

Related Files

Red Hat Security Advisory 2012-0040-01
Posted Jan 18, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0040-01 - Part of the Native components for JBoss Enterprise Web Platform is mod_cluster, an Apache HTTP Server based load balancer. Like mod_jk, it uses a communication channel to forward requests from httpd to an application server node. It was found that mod_cluster allowed worker nodes to register on any virtual host, regardless of the security constraints applied to other vhosts. In a typical environment, there will be one vhost configured internally for worker nodes, and another configured externally for serving content. A remote attacker could use this flaw to register an attacker-controlled worker node via an external vhost that is not configured to apply security constraints, then use that worker node to serve malicious content, intercept credentials, and hijack user sessions.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2011-4608
SHA-256 | e6fd1ec0b530f75a6b6daecd23446724c8c8a60c299a2a0342c8b22d15a706d5
Red Hat Security Advisory 2012-0039-01
Posted Jan 18, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0039-01 - mod_cluster-native provides a native build of mod_cluster for the Apache HTTP Server. mod_cluster is an httpd-based load balancer. Like mod_jk, it uses a communication channel to forward requests from httpd to an application server node. It was found that mod_cluster allowed worker nodes to register on any virtual host, regardless of the security constraints applied to other vhosts. In a typical environment, there will be one vhost configured internally for worker nodes, and another configured externally for serving content. A remote attacker could use this flaw to register an attacker-controlled worker node via an external vhost that is not configured to apply security constraints, then use that worker node to serve malicious content, intercept credentials, and hijack user sessions.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2011-4608
SHA-256 | 5e261361ed3cac0f341af90a4aa8354e37eeb5003e9d83b9b039bd4ac37413dc
Red Hat Security Advisory 2012-0038-01
Posted Jan 18, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0038-01 - Part of the Native components for JBoss Enterprise Application Platform is mod_cluster, an Apache HTTP Server based load balancer. Like mod_jk, it uses a communication channel to forward requests from httpd to an application server node. It was found that mod_cluster allowed worker nodes to register on any virtual host, regardless of the security constraints applied to other vhosts. In a typical environment, there will be one vhost configured internally for worker nodes, and another configured externally for serving content. A remote attacker could use this flaw to register an attacker-controlled worker node via an external vhost that is not configured to apply security constraints, then use that worker node to serve malicious content, intercept credentials, and hijack user sessions.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2011-4608
SHA-256 | 352ae078c379313c63ebf26b9ead6063c5b8d06b03bc8fc08b62faeadd3ee32e
Red Hat Security Advisory 2012-0037-01
Posted Jan 18, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0037-01 - mod_cluster-native provides a native build of mod_cluster for the Apache HTTP Server. mod_cluster is an httpd-based load balancer. Like mod_jk, it uses a communication channel to forward requests from httpd to an application server node. It was found that mod_cluster allowed worker nodes to register on any virtual host, regardless of the security constraints applied to other vhosts. In a typical environment, there will be one vhost configured internally for worker nodes, and another configured externally for serving content. A remote attacker could use this flaw to register an attacker-controlled worker node via an external vhost that is not configured to apply security constraints, then use that worker node to serve malicious content, intercept credentials, and hijack user sessions.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2011-4608
SHA-256 | 99e5c11ada5aaf5714419e60bf6f6775c4d6e7229d8a7a3c30580734ff9f9641
Red Hat Security Advisory 2012-0036-01
Posted Jan 18, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0036-01 - The mod_cluster native component provides a native build of mod_cluster for the Apache HTTP Server. mod_cluster is an httpd-based load balancer. Like mod_jk, it uses a communication channel to forward requests from httpd to an application server node. It was found that mod_cluster allowed worker nodes to register on any virtual host, regardless of the security constraints applied to other vhosts. In a typical environment, there will be one vhost configured internally for worker nodes, and another configured externally for serving content. A remote attacker could use this flaw to register an attacker-controlled worker node via an external vhost that is not configured to apply security constraints, then use that worker node to serve malicious content, intercept credentials, and hijack user sessions.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2011-4608
SHA-256 | 2650ae52c3e34a3a7a3098090b937e54eb9c4cd8948b9b0ba0513ff5be2d368a
Red Hat Security Advisory 2012-0035-01
Posted Jan 18, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0035-01 - mod_cluster-native provides a native build of mod_cluster for the Apache HTTP Server. mod_cluster is an httpd-based load balancer. Like mod_jk, it uses a communication channel to forward requests from httpd to an application server node. It was found that mod_cluster allowed worker nodes to register on any virtual host, regardless of the security constraints applied to other vhosts. In a typical environment, there will be one vhost configured internally for worker nodes, and another configured externally for serving content. A remote attacker could use this flaw to register an attacker-controlled worker node via an external vhost that is not configured to apply security constraints, then use that worker node to serve malicious content, intercept credentials, and hijack user sessions.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2011-4608
SHA-256 | 5c6c43763222231357bc6b057d04c8b5bf0987107d56c8eae81db0dc2bdf2ed4
Lighttpd 1.4.30 / 1.5 Denial Of Service
Posted Dec 26, 2011
Authored by Adam Zabrocki

Lighttpd versions before 1.4.30 and 1.5 before SVN revision 2806 out-of-bounds read segmentation fault denial of service exploit.

tags | exploit, denial of service
advisories | CVE-2011-4362
SHA-256 | a78ebddef1ff446f752bc857193d5fc6a7bb8cdaa8a66f37a2fd64a80504bfe7
Debian Security Advisory 2368-1
Posted Dec 21, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2368-1 - Several vulnerabilities have been discovered in lighttpd, a small and fast webserver with minimal memory footprint.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-4362, CVE-2011-3389
SHA-256 | f07a24700e2eeea7198aeaf2eec0970239a3a34b71aaa8f180afb3e0a6490a33
Secunia Security Advisory 47260
Posted Dec 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for lighttpd. This fixes a weakness and a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information, hijack a user's session, or cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, debian
SHA-256 | c9b4726d92c95daa7def95f51eb6c9d6f1ee633d8e42b7d2675903353db616d5
Secunia Security Advisory 46847
Posted Dec 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in lighttpd, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 3fcbcd4af3e2fdf1cfd3ddcfb22f04172afb79f86f02a5e6d0183a7e0737eed4
FleaHttpd Denial Of Service
Posted Nov 16, 2011
Authored by condis

FleaHttpd suffers from a remote denial of service vulnerability.

tags | exploit, remote, denial of service
SHA-256 | 9badb22c64d9e1ded045b4b9fcd6838c15cccff2dbc9548993ded78aba438330
Mandriva Linux Security Advisory 2011-168
Posted Nov 9, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-168 - The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary error state in the backend server) via a malformed HTTP request. The fix for CVE-2011-3192 provided by the MDVSA-2011:130 advisory introduced regressions in the way httpd handled certain Range HTTP header values. The updated packages have been patched to correct these issues.

tags | advisory, remote, web, denial of service
systems | linux, mandriva
advisories | CVE-2011-3348, CVE-2011-3192
SHA-256 | 5845916851f0b3755bcd79bb959415df4c03565cfb80d7815ae350490adc18fb
Secunia Security Advisory 46125
Posted Nov 6, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for httpd and httpd22. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, redhat
SHA-256 | 00cfe8b24fe640fe7edb00dee80e87e2266f09468a44a4aa38e06be9e321d5f2
Secunia Security Advisory 46542
Posted Oct 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for httpd. This fixes two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, redhat
SHA-256 | 0a0b2cf997dd5ba5e3530a4b0014bf8b14e8a2cc4c3982f12f8e278c2f715d51
Slackware Security Advisory - httpd Updates
Posted Oct 17, 2011
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New httpd packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2011-3348, CVE-2011-3192
SHA-256 | a70e4675d43ff217a15c5bd0fc1cb4a7f7389f9a4f764dc36f60527a83d3e971
Red Hat Security Advisory 2011-1369-01
Posted Oct 14, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1369-01 - The Apache HTTP Server is a popular web server. A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. All httpd users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2011-3192
SHA-256 | f9744937ca728dde6c061d9b423e536392bde93fd90da8b2c7901931451c0fc4
Red Hat Security Advisory 2011-1329-01
Posted Sep 22, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1329-01 - The Apache HTTP Server is a popular web server. A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause the Apache HTTP Server to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. All users of JBoss Enterprise Web Server 1.0.2 should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, Red Hat Enterprise Linux 4 users must restart the httpd22 service, and Red Hat Enterprise Linux 5 and 6 users must restart the httpd service, for the update to take effect.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2011-3192
SHA-256 | 09a25924843b91f3f50dabe88e350b2457e7ea33b36285fc79174f374c87f60d
Red Hat Security Advisory 2011-1300-01
Posted Sep 15, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1300-01 - The Apache HTTP Server is a popular web server. A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. All httpd users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2011-3192
SHA-256 | bbf257d16d4b33fe3a4b4620ca33a870becb160a5669a9ac0f80792b0132cf8d
Red Hat Security Advisory 2011-1294-01
Posted Sep 14, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1294-01 - The Apache HTTP Server is a popular web server. A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. All httpd users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2011-3192
SHA-256 | 885c8c3c438c350bb0f165e6909adfe5a91dc78ba252740e6d9b5d1b28208eda
Slackware Security Advisory - httpd Updates
Posted Sep 10, 2011
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - Not long ago, httpd package updates were issued to clamp down on a denial of service bug that's seen some action in the wild. New packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current.

tags | advisory, denial of service
systems | linux, slackware
advisories | CVE-2011-3192
SHA-256 | 1f1ce82ceb66b111afebe5f586855aa490986543c2728a348726ad7c10c880fc
Debian Security Advisory 2298-2
Posted Sep 7, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2298-2 - The apache2 upgrade from DSA-2298-1 has caused a regression that prevented some video players from seeking in video files served by Apache HTTPD. This update fixes this bug.

tags | advisory
systems | linux, debian
advisories | CVE-2010-1452, CVE-2011-3192
SHA-256 | 51b6b4eee4d7a7cda38072d288735549753afffbc83cb18032cb72174b97cf1c
Secunia Security Advisory 45822
Posted Sep 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for httpd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, redhat
SHA-256 | eae99d5e21132437034b4f215ad3452772fc1042e12b1c67b28b93b849cb5655
Red Hat Security Advisory 2011-1245-01
Posted Sep 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1245-01 - The Apache HTTP Server is a popular web server. A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. All httpd users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2011-3192
SHA-256 | 9d358eee0137bcb55329f07523ac5c813ec3f38675b434ed0acc12412b497c7e
Cisco Security Advisory 20110830-apache
Posted Aug 31, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Apache HTTPd server contains a denial of service vulnerability when it handles multiple, overlapping ranges. Multiple Cisco products may be affected by this vulnerability. Mitigations that can be deployed on Cisco devices within the network are available in the Cisco Applied Intelligence companion document listed in this advisory.

tags | advisory, denial of service
systems | cisco
advisories | CVE-2011-3192
SHA-256 | e3f873ef74fc9699c6df741f380df175d71fa69b431831e573d3f294b6c86326
Debian Security Advisory 2298-1
Posted Aug 30, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2298-1 - Two issues have been found in the Apache HTTPD web server.

tags | advisory, web
systems | linux, debian
advisories | CVE-2010-1452, CVE-2011-3192
SHA-256 | 6e9061b65381e052868f049909e87b71f3eed7d315e49b4ef1507f8c11074dbc
Page 2 of 4
Back1234Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close