Oval Definition:oval:org.mitre.oval:def:23801
Revision Date:2014-05-26Version:16
Title:ELSA-2013:1156: httpd security update (Moderate)
Description:mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2013-1896
ELSA-2013:1156-01
Platform(s):Oracle Linux 5
Oracle Linux 6
Product(s):httpd
Definition Synopsis
  • rpm test
  • Oracle Linux 6.x
  • AND rpm test
  • mod_ssl is earlier than 1:2.2.15-29.el6_4
  • OR httpd-tools is earlier than 0:2.2.15-29.el6_4
  • OR httpd is earlier than 0:2.2.15-29.el6_4
  • OR httpd-manual is earlier than 0:2.2.15-29.el6_4
  • OR httpd-devel is earlier than 0:2.2.15-29.el6_4
  • OR rpm test
  • Oracle Linux 5.x
  • AND rpm test
  • mod_ssl is earlier than 1:2.2.3-82.el5_9
  • OR httpd is earlier than 0:2.2.3-82.el5_9
  • OR httpd-manual is earlier than 0:2.2.3-82.el5_9
  • OR httpd-devel is earlier than 0:2.2.3-82.el5_9
    • BACK