Oval Definition:oval:org.mitre.oval:def:21205
Revision Date:2014-02-17Version:12
Title:RHSA-2013:1156: httpd security update (Moderate)
Description:mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2013:1156
CVE-2013-1896
RHSA-2013:1156-01
Platform(s):CentOS Linux 5
CentOS Linux 6
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Product(s):httpd
Definition Synopsis
  • Redhat 6 section
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • AND Packages section
  • mod_ssl is earlier than 1:2.2.15-29.el6_4
  • OR httpd-tools is earlier than 0:2.2.15-29.el6_4
  • OR httpd is earlier than 0:2.2.15-29.el6_4
  • OR httpd-manual is earlier than 0:2.2.15-29.el6_4
  • OR httpd-devel is earlier than 0:2.2.15-29.el6_4
  • OR Centos 6 section
  • The operating system installed on the system is CentOS Linux 6.x
  • AND Packages section
  • mod_ssl is earlier than 1:2.2.15-29.el6.centos
  • OR httpd-tools is earlier than 0:2.2.15-29.el6.centos
  • OR httpd is earlier than 0:2.2.15-29.el6.centos
  • OR httpd-manual is earlier than 0:2.2.15-29.el6.centos
  • OR httpd-devel is earlier than 0:2.2.15-29.el6.centos
  • OR Redhat 5 section
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • AND Packages section
  • mod_ssl is earlier than 1:2.2.3-82.el5_9
  • OR httpd is earlier than 0:2.2.3-82.el5_9
  • OR httpd-manual is earlier than 0:2.2.3-82.el5_9
  • OR httpd-devel is earlier than 0:2.2.3-82.el5_9
  • OR Centos 5 section
  • The operating system installed on the system is CentOS Linux 5.x
  • AND Packages section
  • mod_ssl is earlier than 1:2.2.3-82.el5.centos
  • OR httpd is earlier than 0:2.2.3-82.el5.centos
  • OR httpd-manual is earlier than 0:2.2.3-82.el5.centos
  • OR httpd-devel is earlier than 0:2.2.3-82.el5.centos
    • BACK