HP Security Bulletin HPSBMU02753 SSRT100782 - Potential security vulnerabilities have been identified with HP Business Availability Center (BAC) running Apache. The vulnerabilities could be remotely exploited to allow execution of arbitrary commands or to create a Denial of Service (DoS). Revision 1 of this advisory.
b55a989f31c2419d9a2795806e8f45c94e4360a46ec5e834af0bbc413ee64bbb
HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS) or unauthorized access. Apache-based Web Server is contained in the Apache Web Server Suite.
e61c4c47ea35e2d55864412f5203f99d8a7b3341bdcde1891b49d16f6e840b6b
HP Security Bulletin - Multiple security vulnerabilities have been identified with the HP Secure Web Server for OpenVMS (based on Apache) CSWS. The vulnerabilities could be remotely exploited resulting in a Denial of Service (DoS), unauthorized disclosure of information, or unauthorized modification of information.
2a35e1c43d465a3b7fd34dc18a20f0d68c9898dc3bdb7f19c71a2c0edbdc8a20
Mandriva Linux Security Advisory 2009-323 - Multiple vulnerabilities has been found and corrected in apache. Packages for 2008.0 are being provided due to extended support for Corporate products. This update provides a solution to these vulnerabilities.
e56a54d6bdc82b29375d1213af66206fb4ca08275ca3ccd4eb0ad21e18bffd71
Ubuntu Security Notice 860-1 - Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session.
36419a2d0978a20b0643789ec59775c195f24212f20fba323782b6fddb302e47
Debian Linux Security Advisory 1934-1 - A design flaw has been found in the TLS and SSL protocol that allows an attacker to inject arbitrary content at the beginning of a TLS/SSL connection. The attack is related to the way how TLS and SSL handle session renegotiations. CVE-2009-3555 has been assigned to this vulnerability.
6409dd2b27e3773afb6cdd3372de85e981de22305a7cd297954a8af170e4460d
Mandriva Linux Security Advisory 2009-240 - The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. This update provides a solution to these vulnerabilities.
0b99eeb4e7b9d6cf93ee6299bc687952ecf00f5bed79960082460b9c5160e084