Vulnerability Name:

CVE-2008-2364 (CCN-42987)

Assigned:2008-06-10
Published:2008-06-10
Updated:2023-02-13
Summary:The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2008-2364

Source: CCN
Type: HP Security Bulletin HPSBUX02401 SSRT090005 rev.1
HP-UX Running Apache Web Server Suite, Remote Denial of Service (DoS), Cross-site Scripting (XSS), Execution of Arbitrary Code, Cross-Site Request Forgery (CSRF)

Source: CCN
Type: HP Security Bulletin HPSBUX02365 SSRT080118 rev.1
HP-UX Running Apache, Remote Cross Site Scripting (XSS) or Denial of Service (DoS)

Source: secalert@redhat.com
Type: Broken Link
secalert@redhat.com

Source: CCN
Type: HP Security Bulletin HPSBMA02442 SSRT090108
HP Business Availability Center Running Apache, Remote Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Denial of Service (DoS)

Source: CCN
Type: Apache Web site
Welcome! - The Apache HTTP Server Project

Source: secalert@redhat.com
Type: Broken Link, Mailing List
secalert@redhat.com

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Issue Tracking, Mailing List, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Issue Tracking, Mailing List, Third Party Advisory
secalert@redhat.com

Source: CCN
Type: RHSA-2008-0966
Moderate: Red Hat Application Stack v2.2 security and enhancement update

Source: CCN
Type: RHSA-2008-0967
Moderate: httpd security and bug fix update

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: CCN
Type: RHSA-2010-0602
Moderate: Red Hat Certificate System 7.3 security update

Source: CCN
Type: SA30621
Apache mod_proxy Interim Responses Denial of Service

Source: CCN
Type: SA31904
IBM HTTP Server mod_proxy Interim Responses Denial of Service

Source: CCN
Type: SA32222
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: CCN
Type: SA33156
Sun Solaris Apache "mod_proxy_http" and "mod_proxy_ftp" Vulnerabilities

Source: CCN
Type: SA37104
IBM OS/400 HTTP Server mod_proxy Denial of Service

Source: CCN
Type: SA39781
IBM HTTP Server Multiple Vulnerabilities

Source: CCN
Type: SA39944
HP Business Availability Center Multiple Vulnerabilities

Source: CCN
Type: SA46041
Blue Coat Director Multiple Vulnerabilities

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: CCN
Type: SECTRACK ID: 1020267
Apache mod_proxy Interim Response Process Bug Lets Remote Users Deny Service

Source: secalert@redhat.com
Type: Broken Link
secalert@redhat.com

Source: CCN
Type: Sun Alert ID: 247666
Security Vulnerabilities in the Apache 2.0 "mod_proxy_http" and "mod_proxy_ftp" Modules may Lead to Denial of Service (DoS) or Cross Site Scripting (XSS)

Source: CCN
Type: Apple Web site
About Security Update 2008-007

Source: secalert@redhat.com
Type: Broken Link
secalert@redhat.com

Source: CCN
Type: ASA-2008-468
Red Hat Application Stack v2.2 security and enhancement update (RHSA-2008-0966)

Source: CCN
Type: ASA-2008-472
httpd security and bug fix update (RHSA-2008-0967)

Source: CCN
Type: Apache-SVN Repository
Diff of /httpd/httpd/trunk/modules/proxy/mod_proxy_http.c

Source: secalert@redhat.com
Type: Patch, Vendor Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Broken Link
secalert@redhat.com

Source: CCN
Type: IBM APAR SE39219
HTTPSVR - Patch Apache Vulnerability CVE 2008 2364

Source: CCN
Type: IBM APAR PM10658
IBM HTTP SERVER 2.0.47 CUMULATIVE INTERIM FIX

Source: CCN
Type: IBM Support & downloads
Fix list for IBM WebSphere Application Server version 6.1

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: CCN
Type: GLSA-200807-06
Apache: Denial of Service

Source: secalert@redhat.com
Type: Broken Link
secalert@redhat.com

Source: secalert@redhat.com
Type: Broken Link
secalert@redhat.com

Source: CCN
Type: Oracle Web Site
Oracle Critical Patch Update - July 2013

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory, VDB Entry
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory, VDB Entry
secalert@redhat.com

Source: CCN
Type: BID-29653
Apache 'mod_proxy_http' Interim Response Denial of Service Vulnerability

Source: secalert@redhat.com
Type: Patch, Third Party Advisory, VDB Entry
secalert@redhat.com

Source: CCN
Type: BID-31681
RETIRED: Apple Mac OS X 2008-007 Multiple Security Vulnerabilities

Source: secalert@redhat.com
Type: Third Party Advisory, VDB Entry
secalert@redhat.com

Source: secalert@redhat.com
Type: Broken Link, Third Party Advisory, VDB Entry
secalert@redhat.com

Source: CCN
Type: TLSA-2008-24
Three vulnerabilities discovered in httpd

Source: CCN
Type: USN-731-1
Apache vulnerabilities

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Permissions Required
secalert@redhat.com

Source: secalert@redhat.com
Type: Permissions Required
secalert@redhat.com

Source: secalert@redhat.com
Type: Permissions Required
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory, VDB Entry
secalert@redhat.com

Source: XF
Type: UNKNOWN
apache-modproxy-module-dos(42987)

Source: CCN
Type: Bluecoat Web site
Security Advisories

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: SUSE
Type: SUSE-SR:2009:006
SUSE Security Summary Report

Source: SUSE
Type: SUSE-SR:2009:007
SUSE Security Summary Report

Vulnerable Configuration:Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*
  • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*
  • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*
  • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:ibm:websphere_application_server:6.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:6.1:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:certificate_system:7.3:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.63:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.2.8:*:*:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:b.11.11:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/a:ibm:http_server:2.0.47:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10:*:sparc:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10:*:x86:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06:*:lts:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:personal:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:multimedia:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:x86-64:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:7.10:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:x86-64:*:*:*:*:*
  • OR cpe:/a:redhat:rhel_application_stack:2:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:os_400:5.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:8.04:*:lts:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:hp:business_availability_center:8.01:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:http_server:*:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20082364
    V
    CVE-2008-2364
    2022-06-30
    oval:org.opensuse.security:def:42270
    P
    Security update for permissions (Moderate)
    2022-01-20
    oval:org.opensuse.security:def:111948
    P
    apache2-2.4.49-1.1 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:31330
    P
    Security update for xorg-x11-server (Important)
    2021-12-14
    oval:org.opensuse.security:def:33045
    P
    Security update for postgresql96 (Important)
    2021-11-22
    oval:org.opensuse.security:def:31705
    P
    Security update for postgresql, postgresql13, postgresql14 (Important)
    2021-11-20
    oval:org.opensuse.security:def:31300
    P
    Security update for MozillaFirefox (Important)
    2021-11-17
    oval:org.opensuse.security:def:32214
    P
    Security update for pcre (Moderate)
    2021-11-10
    oval:org.opensuse.security:def:31697
    P
    Security update for opensc (Important)
    2021-10-29
    oval:org.opensuse.security:def:26145
    P
    Security update for the Linux Kernel (Important)
    2021-10-12
    oval:org.opensuse.security:def:105514
    P
    apache2-2.4.49-1.1 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:26131
    P
    Security update for xen (Moderate)
    2021-09-21
    oval:org.opensuse.security:def:33006
    P
    Security update for openssl (Low)
    2021-09-20
    oval:org.opensuse.security:def:26123
    P
    Security update for openssl-1_0_0 (Low)
    2021-09-09
    oval:org.opensuse.security:def:32158
    P
    Security update for dbus-1 (Important)
    2021-08-02
    oval:org.opensuse.security:def:32150
    P
    Security update for the Linux Kernel (Important)
    2021-07-22
    oval:org.opensuse.security:def:31656
    P
    Security update for systemd (Important)
    2021-07-21
    oval:org.opensuse.security:def:26092
    P
    Security update for the Linux Kernel (Important)
    2021-07-20
    oval:org.opensuse.security:def:31221
    P
    Security update for MozillaFirefox (Important)
    2021-07-16
    oval:org.opensuse.security:def:31208
    P
    Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)
    2021-06-18
    oval:org.opensuse.security:def:31640
    P
    Security update for java-1_8_0-openjdk (Moderate)
    2021-06-15
    oval:org.opensuse.security:def:31634
    P
    Security update for qemu (Important)
    2021-06-08
    oval:org.opensuse.security:def:36082
    P
    apache2-2.2.12-1.51.52.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:36370
    P
    apache2-2.2.12-1.51.52.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:42489
    P
    apache2-2.2.12-1.51.52.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:32106
    P
    Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)
    2021-06-04
    oval:org.opensuse.security:def:26057
    P
    Security update for libX11 (Moderate)
    2021-05-26
    oval:org.opensuse.security:def:42074
    P
    Security update for libxml2 (Important)
    2021-05-19
    oval:org.opensuse.security:def:26043
    P
    Security update for bind (Important)
    2021-05-04
    oval:org.opensuse.security:def:32084
    P
    Security update for gdm (Important)
    2021-04-28
    oval:org.opensuse.security:def:31147
    P
    Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)
    2021-04-07
    oval:org.opensuse.security:def:31745
    P
    Security update for glib2 (Important)
    2021-03-16
    oval:org.opensuse.security:def:31353
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:26208
    P
    Security update for git (Important)
    2021-03-09
    oval:org.opensuse.security:def:26204
    P
    Security update for freeradius-server (Low)
    2021-03-04
    oval:org.opensuse.security:def:32263
    P
    Security update for java-1_8_0-ibm (Important)
    2021-02-26
    oval:org.opensuse.security:def:31342
    P
    Security update for screen (Important)
    2021-02-17
    oval:org.opensuse.security:def:31331
    P
    Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)
    2021-02-10
    oval:org.opensuse.security:def:26189
    P
    Security update for subversion (Important)
    2021-02-10
    oval:org.opensuse.security:def:31744
    P
    Security update for MozillaFirefox (Important)
    2021-01-12
    oval:org.opensuse.security:def:31357
    P
    Security update for MozillaFirefox (Important)
    2021-01-12
    oval:org.opensuse.security:def:25973
    P
    Security update for the Linux Kernel (Important)
    2020-12-09
    oval:org.opensuse.security:def:31560
    P
    Security update for python-cryptography (Moderate)
    2020-12-04
    oval:org.opensuse.security:def:32002
    P
    Security update for gdm (Important)
    2020-12-03
    oval:org.opensuse.security:def:35863
    P
    apache2-2.2.12-1.38.2 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35522
    P
    apache2-2.2.10-2.24.5 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35667
    P
    apache2-2.2.12-1.28.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:41929
    P
    apache2-2.2.10-2.24.5 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:25920
    P
    Security update for gstreamer-plugins-base (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25503
    P
    Security update for apache2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:26363
    P
    Security update for libgit2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31135
    P
    Security update for kvm (Important)
    2020-12-01
    oval:org.opensuse.security:def:25617
    P
    Security update for jasper (Low)
    2020-12-01
    oval:org.opensuse.security:def:26862
    P
    apache2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25995
    P
    Security update for mariadb (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25644
    P
    Security update for taglib (Low)
    2020-12-01
    oval:org.opensuse.security:def:32045
    P
    Security update for krb5 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27333
    P
    xorg-x11-libXrender-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25752
    P
    Security update for libreoffice (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31955
    P
    Security update for gstreamer-0_10-plugins-good (Important)
    2020-12-01
    oval:org.opensuse.security:def:31549
    P
    Security update for screen (Low)
    2020-12-01
    oval:org.opensuse.security:def:25848
    P
    Security update for flex, at, bogofilter, cyrus-imapd, kdelibs4, libQtWebKit4, libbonobo, mdbtools, netpbm, openslp, sgmltool, virtuoso, libqt5-qtwebkit (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32324
    P
    Security update for samba (Important)
    2020-12-01
    oval:org.opensuse.security:def:25219
    P
    Security update for java-1_8_0-ibm (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25805
    P
    Security update for flash-player (Important)
    2020-12-01
    oval:org.opensuse.security:def:32632
    P
    apache2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25631
    P
    Security update for tar (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31444
    P
    Security update for poppler (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25294
    P
    Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:26598
    P
    libpulse-browse0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26632
    P
    puppet on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25643
    P
    Security update for hunspell (Low)
    2020-12-01
    oval:org.opensuse.security:def:25415
    P
    Security update for openldap2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:31801
    P
    security update for xen (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26407
    P
    Security update for libmad (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30991
    P
    Security update for jakarta-commons-fileupload (Important)
    2020-12-01
    oval:org.opensuse.security:def:25698
    P
    Security update for dpdk (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31940
    P
    Recommended update for glibc (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26651
    P
    xen on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25835
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25650
    P
    Security update for SDL (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31889
    P
    Security update for evince (Important)
    2020-12-01
    oval:org.opensuse.security:def:27080
    P
    apache2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25073
    P
    Security update for sqlite3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:31076
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25839
    P
    Security update for gimp (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32448
    P
    Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:26261
    P
    Security update for python (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25897
    P
    Security update for mariadb (Important)
    2020-12-01
    oval:org.opensuse.security:def:25085
    P
    Security update for permissions (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31445
    P
    Security update for poppler (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25849
    P
    Security update for mariadb (Important)
    2020-12-01
    oval:org.opensuse.security:def:25414
    P
    Security update for java-1_7_0-openjdk (Important)
    2020-12-01
    oval:org.opensuse.security:def:31766
    P
    Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:26496
    P
    Security update for tmux (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25950
    P
    Security update for evince (Important)
    2020-12-01
    oval:org.opensuse.security:def:32827
    P
    apache2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25919
    P
    Security update for libplist (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25277
    P
    Security update for git (Important)
    2020-12-01
    oval:org.opensuse.security:def:31589
    P
    Security update for tiff (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26349
    P
    Security update for redis (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26522
    P
    apache2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25489
    P
    Security update for pam_radius (Important)
    2020-12-01
    oval:org.opensuse.security:def:31915
    P
    Security update for gd (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26827
    P
    sysstat on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25931
    P
    Security update for libcares2 (Low)
    2020-12-01
    oval:org.opensuse.security:def:25560
    P
    Security update for openldap2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:31996
    P
    Security update for java-1_7_1-ibm (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26695
    P
    fetchmail on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31136
    P
    Security update for kvm (Important)
    2020-12-01
    oval:org.opensuse.security:def:25916
    P
    Security update for flash-player (Important)
    2020-12-01
    oval:org.opensuse.security:def:31911
    P
    Security update for gcc43 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31548
    P
    Security update for sblim-sfcb (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25795
    P
    Security update for kernel-source (Important)
    2020-12-01
    oval:org.opensuse.security:def:27368
    P
    apache2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25218
    P
    Security update for samba (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25791
    P
    Security update for kernel-source (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32593
    P
    perl-HTML-Parser on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32368
    P
    Security update for tar (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25230
    P
    Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:26549
    P
    ft2demos on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25994
    P
    Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25632
    P
    Security update for aspell (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25358
    P
    Security update for tomcat (Important)
    2020-12-01
    oval:org.opensuse.security:def:31600
    P
    Security update for tightvnc (Important)
    2020-12-01
    oval:org.opensuse.security:def:30990
    P
    Security update for jakarta-commons-fileupload
    2020-12-01
    oval:org.opensuse.security:def:25422
    P
    Security update for postgresql10 (Important)
    2020-12-01
    oval:org.opensuse.security:def:31784
    P
    Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:26637
    P
    ruby on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26667
    P
    apache2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25707
    P
    Security update for java-1_7_1-ibm (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25499
    P
    Security update for openldap2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:31850
    P
    Security update for clamav (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27045
    P
    tgt on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31002
    P
    Security update for java-1_6_0-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:25755
    P
    Security update for libreoffice (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31810
    P
    Security update for apache2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25703
    P
    Security update for squid (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25074
    P
    Security update for cups (Important)
    2020-12-01
    oval:org.opensuse.security:def:25990
    P
    Security update for libvpx (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32302
    P
    Security update for python (Important)
    2020-12-01
    oval:org.opensuse.security:def:32487
    P
    apache2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25413
    P
    Security update for ucode-intel (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31416
    P
    Security update for php53 (Important)
    2020-12-01
    oval:org.opensuse.security:def:26345
    P
    Security update for libgit2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25936
    P
    Security update for libreoffice (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32788
    P
    star on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25149
    P
    Security update for openssl-1_1 (Important)
    2020-12-01
    oval:org.opensuse.security:def:31502
    P
    Security update for python27 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26310
    P
    Security update for Cloud Compute 12 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26487
    P
    Security update for redis (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25425
    P
    Security update for bluez (Important)
    2020-12-01
    oval:org.opensuse.security:def:31858
    P
    Security update for cups (Important)
    2020-12-01
    oval:org.mitre.oval:def:29289
    P
    RHSA-2008:0967 -- httpd security and bug fix update (Moderate)
    2015-08-17
    oval:org.mitre.oval:def:6084
    V
    HP-UX Running Apache, Remote Cross Site Scripting (XSS) or Denial of Service (DoS)
    2015-04-20
    oval:org.mitre.oval:def:11713
    V
    Apache 'mod_proxy_http' Interim Response Denial of Service Vulnerability
    2014-07-14
    oval:org.mitre.oval:def:13835
    P
    USN-731-1 -- apache2 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:21751
    P
    ELSA-2008:0967: httpd security and bug fix update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:9577
    V
    The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses.
    2013-04-29
    oval:com.redhat.rhsa:def:20080967
    P
    RHSA-2008:0967: httpd security and bug fix update (Moderate)
    2008-11-11
    BACK
    ibm websphere application server 6.0.2
    ibm websphere application server 6.1
    redhat certificate system 7.3
    apache http server 2.0.63
    apache http server 2.2.8
    gentoo linux *
    hp hp-ux b.11.11
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    ibm http server 2.0.47
    redhat enterprise linux 3
    hp hp-ux b.11.23
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    mandrakesoft mandrake multi network firewall 2.0
    sun solaris 10
    sun solaris 10
    canonical ubuntu 6.06
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 3.0
    turbolinux turbolinux fuji
    turbolinux turbolinux personal *
    turbolinux turbolinux multimedia *
    redhat enterprise linux 5
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2007.1
    mandrakesoft mandrake linux 2008.0
    hp hp-ux b.11.31
    redhat enterprise linux 5
    canonical ubuntu 7.10
    mandrakesoft mandrake linux 2008.0
    mandrakesoft mandrake linux 2008.1 x86_64
    mandrakesoft mandrake linux 2007.1
    redhat rhel application stack 2
    ibm os 400 5.2
    mandrakesoft mandrake linux 2008.1
    canonical ubuntu 8.04
    apple mac os x 10.5.5
    apple mac os x server 10.5.5
    hp business availability center 8.01
    oracle http server *