Описание
ELSA-2008-0967: httpd security and bug fix update (MODERATE)
[2.2.3-11.0.1.el5_2.4]
- use oracle index page oracle_index.html
- update vstring and distro in specfile
[2.2.3-11.el5_2.4]
- add security fixes for CVE-2008-2364, CVE-2008-2939 (#468840)
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
httpd
2.2.3-11.0.1.el5_2.4
httpd-devel
2.2.3-11.0.1.el5_2.4
httpd-manual
2.2.3-11.0.1.el5_2.4
mod_ssl
2.2.3-11.0.1.el5_2.4
Oracle Linux i386
httpd
2.2.3-11.0.1.el5_2.4
httpd-devel
2.2.3-11.0.1.el5_2.4
httpd-manual
2.2.3-11.0.1.el5_2.4
mod_ssl
2.2.3-11.0.1.el5_2.4
Связанные CVE
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI.
Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI.
Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI.
Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_pro ...
The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses.