apache: multiple vulnerabilities
| Package(s): | apache |
CVE #(s): | CVE-2008-1678
CVE-2008-2364
CVE-2007-6420
|
| Created: | July 10, 2008 |
Updated: | March 2, 2010 |
| Description: |
The Apache has three vulnerabilities.
From the Gentoo alert:
Dustin Kirkland reported that the mod_ssl module can leak memory
when the client reports support for a compression algorithm (CVE-2008-1678).
Ryujiro Shibuya reported that the ap_proxy_http_process_response()
function in the mod_proxy module does not limit the number of
forwarded interim responses (CVE-2008-2364).
sp3x of SecurityReason reported a Cross-Site Request Forgery
vulnerability in the balancer-manager in the mod_proxy_balancer
module (CVE-2007-6420). |
| Alerts: |
| Mandriva |
MDVSA-2010:022 |
openssl |
2010-01-21 |
| Mandriva |
MDVSA-2009:323 |
apache |
2009-12-07 |
| Slackware |
SSA:2010-060-02 |
openssl |
2010-03-02 |
| Mandriva |
MDVSA-2009:124-1 |
apache |
2009-07-08 |
| Mandriva |
MDVSA-2009:124 |
apache |
2009-05-31 |
| CentOS |
CESA-2009:1075 |
httpd |
2009-05-28 |
| Red Hat |
RHSA-2009:1075-01 |
httpd |
2009-05-27 |
| SuSE |
SUSE-SR:2009:007 |
vim, gvim, apache2, opera, multipath tools, java-1_6_0-openjdk, imp, horde, lcms, moodle, ghostscript |
2009-03-24 |
| Ubuntu |
USN-731-1 |
apache2 |
2009-03-10 |
| Red Hat |
RHSA-2008:0966-02 |
Red Hat Application Stack |
2008-12-04 |
| Mandriva |
MDVSA-2008:237 |
apache2 |
2008-12-04 |
| rPath |
rPSA-2008-0328-1 |
httpd |
2008-11-22 |
| CentOS |
CESA-2008:0967 |
httpd |
2008-11-11 |
| Red Hat |
RHSA-2008:0967-01 |
httpd |
2008-11-11 |
| SuSE |
SUSE-SR:2008:024 |
yelp, apache2, enscript, libcdaudio |
2008-11-07 |
| Mandriva |
MDVSA-2008:195 |
apache |
2007-09-13 |
| Fedora |
FEDORA-2008-6393 |
httpd |
2008-08-07 |
| Fedora |
FEDORA-2008-6314 |
httpd |
2008-08-07 |
| rPath |
rPSA-2008-0236-1 |
httpd |
2008-07-28 |
| Gentoo |
200807-06 |
apache |
2008-07-09 |
|
