Vulnerability & Exploit Database

Displaying entries 1 - 10 of 17 in total

Results for: CVE-2010-0434 Back to search

RHSA-2011:0434: security update for Red Hat Network Satellite Vulnerability

  • Severity: 6
  • Published: April 18, 2011

Updated packages that fix two security issues are now available for Red Hat Network Satellite 5.3 and 5.4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from th...

RHSA-2010:0440: rhev-hypervisor security and bug fix update Vulnerability

  • Severity: 10
  • Published: May 25, 2010

An updated rhev-hypervisor package that fixes two security issues and several bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE...

SUSE Linux Security Advisory: SUSE-SR:2010:010 Vulnerability

  • Severity: 10
  • Published: April 08, 2010

ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities.

USN-908-1: Apache vulnerabilities Vulnerability

  • Severity: 5
  • Published: March 05, 2010

The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service (backend server outage) via a crafted request, related to use of a 500 error co...

SUSE Linux Security Vulnerability: CVE-2010-0434 Vulnerability

  • Severity: 4
  • Published: March 05, 2010

The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request th...

RHSA-2010:0396: httpd and httpd22 security and enhancement update Vulnerability

  • Severity: 5
  • Published: March 05, 2010

Updated httpd and httpd22 packages that fix two security issues and add one enhancement are now available for JBoss Enterprise Web Server 1.0.1 for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which g...

RHSA-2010:0175: httpd security, bug fix, and enhancement update Vulnerability

  • Severity: 4
  • Published: March 05, 2010

The Apache HTTP Server is a popular web server.A use-after-free flaw was discovered in the way the Apache HTTP Serverhandled request headers in subrequests. In configurations where subrequestsare used, a multithreaded MPM (Multi-Processing Module) could possibly leakinformation from other requests in request replies. (CVE-2010-0434)This ...

RHSA-2010:0168: httpd security and enhancement update Vulnerability

  • Severity: 5
  • Published: March 05, 2010

The Apache HTTP Server is a popular web server.It was discovered that mod_proxy_ajp incorrectly returned an "InternalServer Error" response when processing certain malformed requests, whichcaused the back-end server to be marked as failed in configurations wheremod_proxy is used in load balancer mode. A remote attacker could causemod_pro...

ELSA-2010-0175 Low: Enterprise Linux httpd security, bug fix, and enhancement update Vulnerability

  • Severity: 4
  • Published: March 05, 2010

The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request th...

ELSA-2010-0168 Moderate: Enterprise Linux httpd security and enhancement update Vulnerability

  • Severity: 5
  • Published: March 05, 2010

The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service (backend server outage) via a crafted request, related to use of a 500 error co...