Vulnerability & Exploit Database

Displaying entries 1 - 10 of 22 in total

Results for: CVE-2009-1891 Back to search

RHSA-2009:1580: httpd security update Vulnerability

  • Severity: 8
  • Published: September 08, 2009

The Apache HTTP Server is a popular Web server.A flaw was found in the way the TLS/SSL (Transport Layer Security/SecureSockets Layer) protocols handle session renegotiation. A man-in-the-middleattacker could use this flaw to prefix arbitrary plain text to a client'ssession (for example, an HTTPS connection to a website). This could force...

SUSE Linux Security Advisory: SUSE-SA:2009:050 Vulnerability

  • Severity: 10
  • Published: August 06, 2009

Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc funct...

Sun Patch: SunOS 5.10_x86: Apache 2 Patch Vulnerability

  • Severity: 10
  • Published: August 06, 2009

modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecifi...

Sun Patch: SunOS 5.10: Apache 2 Patch Vulnerability

  • Severity: 10
  • Published: August 06, 2009

modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecifi...

RHSA-2010:0602: Red Hat Certificate System 7.3 security update Vulnerability

  • Severity: 10
  • Published: August 06, 2009

Updated packages that fix multiple security issues and rebase various components are now available for Red Hat Certificate System 7.3. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available fo...

RHSA-2009:1205: httpd security and bug fix update Vulnerability

  • Severity: 10
  • Published: August 06, 2009

Updated httpd packages that fix multiple security issues and a bug are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

The Apache HTTP Server is a popular Web server. The httpd package shipped with Red Hat Enterprise Linux 3 contai...

USN-802-1: Apache vulnerabilities Vulnerability

  • Severity: 7
  • Published: July 10, 2009

The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).

SUSE Linux Security Vulnerability: CVE-2009-1891 Vulnerability

  • Severity: 7
  • Published: July 10, 2009

The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).

RHSA-2009:1156: httpd security update Vulnerability

  • Severity: 7
  • Published: July 10, 2009

Updated httpd packages that fix multiple security issues are now available for Red Hat Application Stack v2. This update has been rated as having important security impact by the Red Hat Security Response Team.

The Apache HTTP Server is a popular Web server. A denial of service flaw was found in the Apache mod_proxy module when...

RHSA-2009:1155: httpd security update Vulnerability

  • Severity: 7
  • Published: July 10, 2009

Updated httpd packages that fix multiple security issues are now available for JBoss Enterprise Web Server 1.0.0 for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team.

The Apache HTTP Server is a popular Web server. A denial of service flaw was found...