Oval Definition:	oval:org.mitre.oval:tst:30628
Comment: httpd is earlier than 0:2.0.46-32.ent.3 Type: rpminfo_test Namespace: linux Check_Existence: at_least_one_exists Check: at least one State Operator: AND References Object: oval:org.mitre.oval:obj:14173 State: oval:org.mitre.oval:ste:9434 Referencing Definitions Definition ID Class Title Last Modified oval:org.mitre.oval:def:10605 V The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters. 2013-04-29 oval:org.mitre.oval:def:11458 V Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN. 2013-04-29
BACK