Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2014-0920

Опубликовано: 23 июл. 2014
Источник: oracle-oval
Платформа: Oracle Linux 6
Платформа: Oracle Linux 5

Описание

ELSA-2014-0920: httpd security update (IMPORTANT)

[2.2.15-31.0.1.el6_5]

  • replace index.html with Oracle's index page oracle_index.html
  • update vstring in specfile

[2.2.15-31]

  • mod_cgid: add security fix for CVE-2014-0231
  • mod_deflate: add security fix for CVE-2014-0118
  • mod_status: add security fix for CVE-2014-0226

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

httpd

2.2.15-31.0.1.el6_5

httpd-devel

2.2.15-31.0.1.el6_5

httpd-manual

2.2.15-31.0.1.el6_5

httpd-tools

2.2.15-31.0.1.el6_5

mod_ssl

2.2.15-31.0.1.el6_5

Oracle Linux i686

httpd

2.2.15-31.0.1.el6_5

httpd-devel

2.2.15-31.0.1.el6_5

httpd-manual

2.2.15-31.0.1.el6_5

httpd-tools

2.2.15-31.0.1.el6_5

mod_ssl

2.2.15-31.0.1.el6_5

Oracle Linux 5

Oracle Linux ia64

httpd

2.2.3-87.0.1.el5_10

httpd-devel

2.2.3-87.0.1.el5_10

httpd-manual

2.2.3-87.0.1.el5_10

mod_ssl

2.2.3-87.0.1.el5_10

Oracle Linux x86_64

httpd

2.2.3-87.0.1.el5_10

httpd-devel

2.2.3-87.0.1.el5_10

httpd-manual

2.2.3-87.0.1.el5_10

mod_ssl

2.2.3-87.0.1.el5_10

Oracle Linux i386

httpd

2.2.3-87.0.1.el5_10

httpd-devel

2.2.3-87.0.1.el5_10

httpd-manual

2.2.3-87.0.1.el5_10

mod_ssl

2.2.3-87.0.1.el5_10

Связанные CVE

CVE-2014-0226
CVE-2014-0118
CVE-2014-0231

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2014-0921

oracle-oval
около 11 лет назад

ELSA-2014-0921: httpd security update (IMPORTANT)

ubuntu логотип

CVE-2014-0226

ubuntu
около 11 лет назад

Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c.

redhat логотип

CVE-2014-0226

redhat
около 11 лет назад

Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c.

nvd логотип

CVE-2014-0226

nvd
около 11 лет назад

Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c.

debian логотип

CVE-2014-0226

debian
около 11 лет назад

Race condition in the mod_status module in the Apache HTTP Server befo ...