Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2012-0128

Опубликовано: 13 фев. 2012
Источник: oracle-oval
Платформа: Oracle Linux 6

Описание

ELSA-2012-0128: httpd security update (MODERATE)

[2.2.15-15.0.1.el6_2.1]

  • replace index.html with Oracle's index page oracle_index.html update vstring in specfile

[2.2.15-15.1]

  • add security fixes for CVE-2011-4317, CVE-2012-0053, CVE-2012-0031, CVE-2011-3607 (#787598)
  • obviates fix for CVE-2011-3638, patch removed

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

httpd

2.2.15-15.0.1.el6_2.1

httpd-devel

2.2.15-15.0.1.el6_2.1

httpd-manual

2.2.15-15.0.1.el6_2.1

httpd-tools

2.2.15-15.0.1.el6_2.1

mod_ssl

2.2.15-15.0.1.el6_2.1

Oracle Linux i686

httpd

2.2.15-15.0.1.el6_2.1

httpd-devel

2.2.15-15.0.1.el6_2.1

httpd-manual

2.2.15-15.0.1.el6_2.1

httpd-tools

2.2.15-15.0.1.el6_2.1

mod_ssl

2.2.15-15.0.1.el6_2.1

Связанные CVE

CVE-2011-3639
CVE-2012-0053
CVE-2011-4317
CVE-2011-3607
CVE-2012-0031

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2012-0323

oracle-oval
больше 13 лет назад

ELSA-2012-0323: httpd security update (MODERATE)

ubuntu логотип

CVE-2011-3639

ubuntu
больше 13 лет назад

The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers by using the HTTP/0.9 protocol with a malformed URI containing an initial @ (at sign) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.

redhat логотип

CVE-2011-3639

redhat
почти 14 лет назад

The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers by using the HTTP/0.9 protocol with a malformed URI containing an initial @ (at sign) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.

nvd логотип

CVE-2011-3639

nvd
больше 13 лет назад

The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers by using the HTTP/0.9 protocol with a malformed URI containing an initial @ (at sign) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.

debian логотип

CVE-2011-3639

debian
больше 13 лет назад

The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 an ...