Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2011-3192 (GCVE-0-2011-3192)
Vulnerability from cvelistv5 – Published: 2011-08-29 15:00 – Updated: 2024-08-06 23:29
VLAI?
EPSS
Summary
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:55.461Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45606"
},
{
"name": "RHSA-2011:1369",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1369.html"
},
{
"name": "RHSA-2011:1329",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1329.html"
},
{
"name": "HPSBUX02707",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"name": "SUSE-SU-2011:1010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00011.html"
},
{
"name": "SSRT100966",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"name": "openSUSE-SU-2011:0993",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.gossamer-threads.com/lists/apache/dev/401638"
},
{
"name": "1025960",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025960"
},
{
"name": "[dev] 20110823 Re: DoS with mod_deflate \u0026 range requests",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3cCAAPSnn2PO-d-C4nQt_TES2RRWiZr7urefhTKPWBC1b+K1Dqc7g%40mail.gmail.com%3e"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html"
},
{
"name": "SSRT100624",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133477473521382\u0026w=2"
},
{
"name": "17696",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/17696"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=51714"
},
{
"name": "HPSBUX02702",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"name": "46000",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46000"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blogs.oracle.com/security/entry/security_alert_for_cve_2011"
},
{
"name": "HPSBOV02822",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"name": "SSRT100619",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"name": "20110830 Apache HTTPd Range Header Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b90d73.shtml"
},
{
"name": "USN-1199-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1199-1"
},
{
"name": "MDVSA-2011:130",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:130"
},
{
"name": "49303",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49303"
},
{
"name": "74721",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/74721"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "20110824 Re: Apache Killer",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0285.html"
},
{
"name": "APPLE-SA-2011-10-12-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"name": "oval:org.mitre.oval:def:14824",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14824"
},
{
"name": "[announce] 20110824 Advisory: Range header DoS vulnerability Apache HTTPD 1.3/2.x \\(CVE-2011-3192\\)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122D387DD%40minotaur.apache.org%3e"
},
{
"name": "RHSA-2011:1330",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1330.html"
},
{
"name": "apache-http-byterange-dos(69396)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69396"
},
{
"name": "46126",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46126"
},
{
"name": "RHSA-2011:1245",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1245.html"
},
{
"name": "oval:org.mitre.oval:def:18827",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18827"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.apache.org/dist/httpd/Announcement2.2.html"
},
{
"name": "SSRT100626",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"name": "46125",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46125"
},
{
"name": "HPSBMU02766",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133477473521382\u0026w=2"
},
{
"name": "VU#405811",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/405811"
},
{
"name": "20110820 Apache Killer",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2011/Aug/175"
},
{
"name": "SSRT100852",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5002"
},
{
"name": "SUSE-SU-2011:1216",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html"
},
{
"name": "oval:org.mitre.oval:def:14762",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14762"
},
{
"name": "SUSE-SU-2011:1007",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00010.html"
},
{
"name": "HPSBMU02776",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
},
{
"name": "SUSE-SU-2011:1000",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html"
},
{
"name": "RHSA-2011:1294",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1294.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "SUSE-SU-2011:1229",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html"
},
{
"name": "HPSBMU02704",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"name": "RHSA-2011:1300",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1300.html"
},
{
"name": "SSRT100606",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"name": "45937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45937"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [7/13] - /httpd/site/trunk/content/security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-08-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-06T10:09:46",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "45606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45606"
},
{
"name": "RHSA-2011:1369",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1369.html"
},
{
"name": "RHSA-2011:1329",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1329.html"
},
{
"name": "HPSBUX02707",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"name": "SUSE-SU-2011:1010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00011.html"
},
{
"name": "SSRT100966",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"name": "openSUSE-SU-2011:0993",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.gossamer-threads.com/lists/apache/dev/401638"
},
{
"name": "1025960",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025960"
},
{
"name": "[dev] 20110823 Re: DoS with mod_deflate \u0026 range requests",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3cCAAPSnn2PO-d-C4nQt_TES2RRWiZr7urefhTKPWBC1b+K1Dqc7g%40mail.gmail.com%3e"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html"
},
{
"name": "SSRT100624",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133477473521382\u0026w=2"
},
{
"name": "17696",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/17696"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=51714"
},
{
"name": "HPSBUX02702",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"name": "46000",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46000"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blogs.oracle.com/security/entry/security_alert_for_cve_2011"
},
{
"name": "HPSBOV02822",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"name": "SSRT100619",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"name": "20110830 Apache HTTPd Range Header Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b90d73.shtml"
},
{
"name": "USN-1199-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1199-1"
},
{
"name": "MDVSA-2011:130",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:130"
},
{
"name": "49303",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49303"
},
{
"name": "74721",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/74721"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "20110824 Re: Apache Killer",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0285.html"
},
{
"name": "APPLE-SA-2011-10-12-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"name": "oval:org.mitre.oval:def:14824",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14824"
},
{
"name": "[announce] 20110824 Advisory: Range header DoS vulnerability Apache HTTPD 1.3/2.x \\(CVE-2011-3192\\)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122D387DD%40minotaur.apache.org%3e"
},
{
"name": "RHSA-2011:1330",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1330.html"
},
{
"name": "apache-http-byterange-dos(69396)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69396"
},
{
"name": "46126",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46126"
},
{
"name": "RHSA-2011:1245",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1245.html"
},
{
"name": "oval:org.mitre.oval:def:18827",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18827"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.apache.org/dist/httpd/Announcement2.2.html"
},
{
"name": "SSRT100626",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"name": "46125",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46125"
},
{
"name": "HPSBMU02766",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133477473521382\u0026w=2"
},
{
"name": "VU#405811",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/405811"
},
{
"name": "20110820 Apache Killer",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2011/Aug/175"
},
{
"name": "SSRT100852",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5002"
},
{
"name": "SUSE-SU-2011:1216",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html"
},
{
"name": "oval:org.mitre.oval:def:14762",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14762"
},
{
"name": "SUSE-SU-2011:1007",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00010.html"
},
{
"name": "HPSBMU02776",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
},
{
"name": "SUSE-SU-2011:1000",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html"
},
{
"name": "RHSA-2011:1294",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1294.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "SUSE-SU-2011:1229",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html"
},
{
"name": "HPSBMU02704",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"name": "RHSA-2011:1300",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1300.html"
},
{
"name": "SSRT100606",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"name": "45937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45937"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [7/13] - /httpd/site/trunk/content/security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3192",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45606",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45606"
},
{
"name": "RHSA-2011:1369",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1369.html"
},
{
"name": "RHSA-2011:1329",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1329.html"
},
{
"name": "HPSBUX02707",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"name": "SUSE-SU-2011:1010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00011.html"
},
{
"name": "SSRT100966",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"name": "openSUSE-SU-2011:0993",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00006.html"
},
{
"name": "http://www.gossamer-threads.com/lists/apache/dev/401638",
"refsource": "CONFIRM",
"url": "http://www.gossamer-threads.com/lists/apache/dev/401638"
},
{
"name": "1025960",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025960"
},
{
"name": "[dev] 20110823 Re: DoS with mod_deflate \u0026 range requests",
"refsource": "MLIST",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3cCAAPSnn2PO-d-C4nQt_TES2RRWiZr7urefhTKPWBC1b+K1Dqc7g@mail.gmail.com%3e"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=732928",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html"
},
{
"name": "SSRT100624",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=133477473521382\u0026w=2"
},
{
"name": "17696",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/17696"
},
{
"name": "https://issues.apache.org/bugzilla/show_bug.cgi?id=51714",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=51714"
},
{
"name": "HPSBUX02702",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"name": "46000",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46000"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html"
},
{
"name": "http://blogs.oracle.com/security/entry/security_alert_for_cve_2011",
"refsource": "CONFIRM",
"url": "http://blogs.oracle.com/security/entry/security_alert_for_cve_2011"
},
{
"name": "HPSBOV02822",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"name": "SSRT100619",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"name": "20110830 Apache HTTPd Range Header Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b90d73.shtml"
},
{
"name": "USN-1199-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1199-1"
},
{
"name": "MDVSA-2011:130",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:130"
},
{
"name": "49303",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/49303"
},
{
"name": "74721",
"refsource": "OSVDB",
"url": "http://osvdb.org/74721"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "20110824 Re: Apache Killer",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0285.html"
},
{
"name": "APPLE-SA-2011-10-12-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"name": "oval:org.mitre.oval:def:14824",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14824"
},
{
"name": "[announce] 20110824 Advisory: Range header DoS vulnerability Apache HTTPD 1.3/2.x \\(CVE-2011-3192\\)",
"refsource": "MLIST",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122D387DD@minotaur.apache.org%3e"
},
{
"name": "RHSA-2011:1330",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1330.html"
},
{
"name": "apache-http-byterange-dos(69396)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69396"
},
{
"name": "46126",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46126"
},
{
"name": "RHSA-2011:1245",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1245.html"
},
{
"name": "oval:org.mitre.oval:def:18827",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18827"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html"
},
{
"name": "http://www.apache.org/dist/httpd/Announcement2.2.html",
"refsource": "CONFIRM",
"url": "http://www.apache.org/dist/httpd/Announcement2.2.html"
},
{
"name": "SSRT100626",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"name": "46125",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46125"
},
{
"name": "HPSBMU02766",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=133477473521382\u0026w=2"
},
{
"name": "VU#405811",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/405811"
},
{
"name": "20110820 Apache Killer",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2011/Aug/175"
},
{
"name": "SSRT100852",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
},
{
"name": "http://support.apple.com/kb/HT5002",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5002"
},
{
"name": "SUSE-SU-2011:1216",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html"
},
{
"name": "oval:org.mitre.oval:def:14762",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14762"
},
{
"name": "SUSE-SU-2011:1007",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00010.html"
},
{
"name": "HPSBMU02776",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
},
{
"name": "SUSE-SU-2011:1000",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html"
},
{
"name": "RHSA-2011:1294",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1294.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "SUSE-SU-2011:1229",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html"
},
{
"name": "HPSBMU02704",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"name": "RHSA-2011:1300",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1300.html"
},
{
"name": "SSRT100606",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"name": "45937",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45937"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [7/13] - /httpd/site/trunk/content/security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-3192",
"datePublished": "2011-08-29T15:00:00",
"dateReserved": "2011-08-19T00:00:00",
"dateUpdated": "2024-08-06T23:29:55.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2011-3192\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2011-08-29T15:55:02.017\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.\"},{\"lang\":\"es\",\"value\":\"El filtro byterange en el Servidor Apache HTTP v1.3.x, v2.0.x hasta v2.0.64, y v2.2.x hasta v2.2.19 permite a tacantes remotos provocar una denegaci\u00f3n de servicio (consumo de memoria y CPU) a trav\u00e9s de una cabecera Range que expresa m\u00faltiple rangos de solapamiento, como se explot\u00f3 en Agosto 2011, una vulnerabilidad diferente que CVE-2007-0086.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0.35\",\"versionEndExcluding\":\"2.0.65\",\"matchCriteriaId\":\"E8032B39-37CC-4B9F-8D09-A0171E66BE47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.2.0\",\"versionEndExcluding\":\"2.2.20\",\"matchCriteriaId\":\"43A849EE-9D31-4289-84AF-E6831294297F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5646FDE9-CF21-46A9-B89D-F5BBDB4249AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE554781-1EB9-446E-911F-6C11970C47F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:-:*:*:*\",\"matchCriteriaId\":\"105187A7-2AFE-46F9-B0A9-F09C7E10BFBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:*\",\"matchCriteriaId\":\"79A35457-EAA3-4BF9-A4DA-B2E414A75A02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*\",\"matchCriteriaId\":\"D1D7B467-58DD-45F1-9F1F-632620DF072A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:-:*:*\",\"matchCriteriaId\":\"A44C3422-0D42-473E-ABB4-279D7494EE2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:vmware:*:*\",\"matchCriteriaId\":\"A6B7CDCA-6F39-4113-B5D3-3AA9D7F3D809\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DB8A616-865B-4E70-BA2E-BE5F0BA7A351\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"436EF2ED-FDBB-4B64-8EC4-33C3E4253F06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8C91701-DF37-4F7B-AB9A-B1BFDB4991F8\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"7EBFE35C-E243-43D1-883D-4398D71763CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"01EDA41C-6B2E-49AF-B503-EB3882265C11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87614B58-24AB-49FB-9C84-E8DDBA16353B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF49D26F-142E-468B-87C1-BABEA445255C\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0285.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://blogs.oracle.com/security/entry/security_alert_for_cve_2011\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00006.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00010.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00011.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122D387DD%40minotaur.apache.org%3e\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3cCAAPSnn2PO-d-C4nQt_TES2RRWiZr7urefhTKPWBC1b+K1Dqc7g%40mail.gmail.com%3e\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=133477473521382\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Mailing List\"]},{\"url\":\"http://osvdb.org/74721\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://seclists.org/fulldisclosure/2011/Aug/175\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/45606\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Not Applicable\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/45937\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/46000\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/46125\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/46126\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://securitytracker.com/id?1025960\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://support.apple.com/kb/HT5002\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.apache.org/dist/httpd/Announcement2.2.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b90d73.shtml\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.exploit-db.com/exploits/17696\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.gossamer-threads.com/lists/apache/dev/401638\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/405811\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:130\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-1245.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-1294.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-1300.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-1329.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-1330.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-1369.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/49303\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1199-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=732928\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/69396\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://issues.apache.org/bugzilla/show_bug.cgi?id=51714\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14762\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14824\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18827\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0285.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://blogs.oracle.com/security/entry/security_alert_for_cve_2011\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00011.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122D387DD%40minotaur.apache.org%3e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3cCAAPSnn2PO-d-C4nQt_TES2RRWiZr7urefhTKPWBC1b+K1Dqc7g%40mail.gmail.com%3e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=133477473521382\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mailing List\"]},{\"url\":\"http://osvdb.org/74721\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://seclists.org/fulldisclosure/2011/Aug/175\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/45606\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/45937\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/46000\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/46125\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/46126\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://securitytracker.com/id?1025960\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://support.apple.com/kb/HT5002\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.apache.org/dist/httpd/Announcement2.2.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b90d73.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.exploit-db.com/exploits/17696\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.gossamer-threads.com/lists/apache/dev/401638\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/405811\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:130\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-1245.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-1294.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-1300.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-1329.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-1330.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-1369.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/49303\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1199-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=732928\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/69396\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://issues.apache.org/bugzilla/show_bug.cgi?id=51714\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14762\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14824\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18827\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
RHSA-2011:1294
Vulnerability from csaf_redhat - Published: 2011-09-14 18:59 - Updated: 2025-11-21 17:38Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
Updated httpd packages that fix one security issue are now available for
Red Hat Enterprise Linux 5.3 Long Life, 5.6 Extended Update Support, and
6.0 Extended Update Support.
The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.
Details
The Apache HTTP Server is a popular web server.
A flaw was found in the way the Apache HTTP Server handled Range HTTP
headers. A remote attacker could use this flaw to cause httpd to use an
excessive amount of memory and CPU time via HTTP requests with a
specially-crafted Range header. (CVE-2011-3192)
All httpd users should upgrade to these updated packages, which contain a
backported patch to correct this issue. After installing the updated
packages, the httpd daemon must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated httpd packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5.3 Long Life, 5.6 Extended Update Support, and\n6.0 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from the\nCVE link in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Apache HTTP Server is a popular web server.\n\nA flaw was found in the way the Apache HTTP Server handled Range HTTP\nheaders. A remote attacker could use this flaw to cause httpd to use an\nexcessive amount of memory and CPU time via HTTP requests with a\nspecially-crafted Range header. (CVE-2011-3192)\n\nAll httpd users should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2011:1294",
"url": "https://access.redhat.com/errata/RHSA-2011:1294"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "732928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_1294.json"
}
],
"title": "Red Hat Security Advisory: httpd security update",
"tracking": {
"current_release_date": "2025-11-21T17:38:52+00:00",
"generator": {
"date": "2025-11-21T17:38:52+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2011:1294",
"initial_release_date": "2011-09-14T18:59:00+00:00",
"revision_history": [
{
"date": "2011-09-14T18:59:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2011-09-14T15:01:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:38:52+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5.6.z server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Long Life (v. 5.3 server)",
"product": {
"name": "Red Hat Enterprise Linux Long Life (v. 5.3 server)",
"product_id": "5Server-5.3.LL",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_mission_critical:5.3"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product": {
"name": "Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:6.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.2.3-45.el5_6.2.ia64",
"product": {
"name": "httpd-manual-0:2.2.3-45.el5_6.2.ia64",
"product_id": "httpd-manual-0:2.2.3-45.el5_6.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.3-45.el5_6.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.3-45.el5_6.2.ia64",
"product": {
"name": "httpd-debuginfo-0:2.2.3-45.el5_6.2.ia64",
"product_id": "httpd-debuginfo-0:2.2.3-45.el5_6.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-45.el5_6.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.3-45.el5_6.2.ia64",
"product": {
"name": "mod_ssl-1:2.2.3-45.el5_6.2.ia64",
"product_id": "mod_ssl-1:2.2.3-45.el5_6.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.3-45.el5_6.2?arch=ia64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.3-45.el5_6.2.ia64",
"product": {
"name": "httpd-0:2.2.3-45.el5_6.2.ia64",
"product_id": "httpd-0:2.2.3-45.el5_6.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.3-45.el5_6.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.3-45.el5_6.2.ia64",
"product": {
"name": "httpd-devel-0:2.2.3-45.el5_6.2.ia64",
"product_id": "httpd-devel-0:2.2.3-45.el5_6.2.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.3-45.el5_6.2?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.3-22.el5_3.3.ia64",
"product": {
"name": "httpd-debuginfo-0:2.2.3-22.el5_3.3.ia64",
"product_id": "httpd-debuginfo-0:2.2.3-22.el5_3.3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-22.el5_3.3?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.2.3-22.el5_3.3.ia64",
"product": {
"name": "httpd-manual-0:2.2.3-22.el5_3.3.ia64",
"product_id": "httpd-manual-0:2.2.3-22.el5_3.3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.3-22.el5_3.3?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.3-22.el5_3.3.ia64",
"product": {
"name": "httpd-devel-0:2.2.3-22.el5_3.3.ia64",
"product_id": "httpd-devel-0:2.2.3-22.el5_3.3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.3-22.el5_3.3?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.3-22.el5_3.3.ia64",
"product": {
"name": "mod_ssl-1:2.2.3-22.el5_3.3.ia64",
"product_id": "mod_ssl-1:2.2.3-22.el5_3.3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.3-22.el5_3.3?arch=ia64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.3-22.el5_3.3.ia64",
"product": {
"name": "httpd-0:2.2.3-22.el5_3.3.ia64",
"product_id": "httpd-0:2.2.3-22.el5_3.3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.3-22.el5_3.3?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.2.3-45.el5_6.2.ppc",
"product": {
"name": "httpd-manual-0:2.2.3-45.el5_6.2.ppc",
"product_id": "httpd-manual-0:2.2.3-45.el5_6.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.3-45.el5_6.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.3-45.el5_6.2.ppc",
"product": {
"name": "httpd-debuginfo-0:2.2.3-45.el5_6.2.ppc",
"product_id": "httpd-debuginfo-0:2.2.3-45.el5_6.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-45.el5_6.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.3-45.el5_6.2.ppc",
"product": {
"name": "mod_ssl-1:2.2.3-45.el5_6.2.ppc",
"product_id": "mod_ssl-1:2.2.3-45.el5_6.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.3-45.el5_6.2?arch=ppc\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.3-45.el5_6.2.ppc",
"product": {
"name": "httpd-0:2.2.3-45.el5_6.2.ppc",
"product_id": "httpd-0:2.2.3-45.el5_6.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.3-45.el5_6.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.3-45.el5_6.2.ppc",
"product": {
"name": "httpd-devel-0:2.2.3-45.el5_6.2.ppc",
"product_id": "httpd-devel-0:2.2.3-45.el5_6.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.3-45.el5_6.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-5.el6_0.1.ppc",
"product": {
"name": "httpd-debuginfo-0:2.2.15-5.el6_0.1.ppc",
"product_id": "httpd-debuginfo-0:2.2.15-5.el6_0.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-5.el6_0.1?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-5.el6_0.1.ppc",
"product": {
"name": "httpd-devel-0:2.2.15-5.el6_0.1.ppc",
"product_id": "httpd-devel-0:2.2.15-5.el6_0.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-5.el6_0.1?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.3-45.el5_6.2.ppc64",
"product": {
"name": "httpd-debuginfo-0:2.2.3-45.el5_6.2.ppc64",
"product_id": "httpd-debuginfo-0:2.2.3-45.el5_6.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-45.el5_6.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.3-45.el5_6.2.ppc64",
"product": {
"name": "httpd-devel-0:2.2.3-45.el5_6.2.ppc64",
"product_id": "httpd-devel-0:2.2.3-45.el5_6.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.3-45.el5_6.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-5.el6_0.1.ppc64",
"product": {
"name": "httpd-debuginfo-0:2.2.15-5.el6_0.1.ppc64",
"product_id": "httpd-debuginfo-0:2.2.15-5.el6_0.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-5.el6_0.1?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-5.el6_0.1.ppc64",
"product": {
"name": "mod_ssl-1:2.2.15-5.el6_0.1.ppc64",
"product_id": "mod_ssl-1:2.2.15-5.el6_0.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-5.el6_0.1?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-5.el6_0.1.ppc64",
"product": {
"name": "httpd-0:2.2.15-5.el6_0.1.ppc64",
"product_id": "httpd-0:2.2.15-5.el6_0.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-5.el6_0.1?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-5.el6_0.1.ppc64",
"product": {
"name": "httpd-devel-0:2.2.15-5.el6_0.1.ppc64",
"product_id": "httpd-devel-0:2.2.15-5.el6_0.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-5.el6_0.1?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-5.el6_0.1.ppc64",
"product": {
"name": "httpd-tools-0:2.2.15-5.el6_0.1.ppc64",
"product_id": "httpd-tools-0:2.2.15-5.el6_0.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-5.el6_0.1?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.2.3-45.el5_6.2.s390x",
"product": {
"name": "httpd-manual-0:2.2.3-45.el5_6.2.s390x",
"product_id": "httpd-manual-0:2.2.3-45.el5_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.3-45.el5_6.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.3-45.el5_6.2.s390x",
"product": {
"name": "httpd-debuginfo-0:2.2.3-45.el5_6.2.s390x",
"product_id": "httpd-debuginfo-0:2.2.3-45.el5_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-45.el5_6.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.3-45.el5_6.2.s390x",
"product": {
"name": "mod_ssl-1:2.2.3-45.el5_6.2.s390x",
"product_id": "mod_ssl-1:2.2.3-45.el5_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.3-45.el5_6.2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.3-45.el5_6.2.s390x",
"product": {
"name": "httpd-0:2.2.3-45.el5_6.2.s390x",
"product_id": "httpd-0:2.2.3-45.el5_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.3-45.el5_6.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.3-45.el5_6.2.s390x",
"product": {
"name": "httpd-devel-0:2.2.3-45.el5_6.2.s390x",
"product_id": "httpd-devel-0:2.2.3-45.el5_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.3-45.el5_6.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-5.el6_0.1.s390x",
"product": {
"name": "httpd-debuginfo-0:2.2.15-5.el6_0.1.s390x",
"product_id": "httpd-debuginfo-0:2.2.15-5.el6_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-5.el6_0.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-5.el6_0.1.s390x",
"product": {
"name": "mod_ssl-1:2.2.15-5.el6_0.1.s390x",
"product_id": "mod_ssl-1:2.2.15-5.el6_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-5.el6_0.1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-5.el6_0.1.s390x",
"product": {
"name": "httpd-0:2.2.15-5.el6_0.1.s390x",
"product_id": "httpd-0:2.2.15-5.el6_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-5.el6_0.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-5.el6_0.1.s390x",
"product": {
"name": "httpd-devel-0:2.2.15-5.el6_0.1.s390x",
"product_id": "httpd-devel-0:2.2.15-5.el6_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-5.el6_0.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-5.el6_0.1.s390x",
"product": {
"name": "httpd-tools-0:2.2.15-5.el6_0.1.s390x",
"product_id": "httpd-tools-0:2.2.15-5.el6_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-5.el6_0.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.3-45.el5_6.2.s390",
"product": {
"name": "httpd-debuginfo-0:2.2.3-45.el5_6.2.s390",
"product_id": "httpd-debuginfo-0:2.2.3-45.el5_6.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-45.el5_6.2?arch=s390"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.3-45.el5_6.2.s390",
"product": {
"name": "httpd-devel-0:2.2.3-45.el5_6.2.s390",
"product_id": "httpd-devel-0:2.2.3-45.el5_6.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.3-45.el5_6.2?arch=s390"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-5.el6_0.1.s390",
"product": {
"name": "httpd-debuginfo-0:2.2.15-5.el6_0.1.s390",
"product_id": "httpd-debuginfo-0:2.2.15-5.el6_0.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-5.el6_0.1?arch=s390"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-5.el6_0.1.s390",
"product": {
"name": "httpd-devel-0:2.2.15-5.el6_0.1.s390",
"product_id": "httpd-devel-0:2.2.15-5.el6_0.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-5.el6_0.1?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.2.3-45.el5_6.2.x86_64",
"product": {
"name": "httpd-manual-0:2.2.3-45.el5_6.2.x86_64",
"product_id": "httpd-manual-0:2.2.3-45.el5_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.3-45.el5_6.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.3-45.el5_6.2.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.2.3-45.el5_6.2.x86_64",
"product_id": "httpd-debuginfo-0:2.2.3-45.el5_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-45.el5_6.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.3-45.el5_6.2.x86_64",
"product": {
"name": "mod_ssl-1:2.2.3-45.el5_6.2.x86_64",
"product_id": "mod_ssl-1:2.2.3-45.el5_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.3-45.el5_6.2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.3-45.el5_6.2.x86_64",
"product": {
"name": "httpd-0:2.2.3-45.el5_6.2.x86_64",
"product_id": "httpd-0:2.2.3-45.el5_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.3-45.el5_6.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.3-45.el5_6.2.x86_64",
"product": {
"name": "httpd-devel-0:2.2.3-45.el5_6.2.x86_64",
"product_id": "httpd-devel-0:2.2.3-45.el5_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.3-45.el5_6.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.3-22.el5_3.3.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.2.3-22.el5_3.3.x86_64",
"product_id": "httpd-debuginfo-0:2.2.3-22.el5_3.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-22.el5_3.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.2.3-22.el5_3.3.x86_64",
"product": {
"name": "httpd-manual-0:2.2.3-22.el5_3.3.x86_64",
"product_id": "httpd-manual-0:2.2.3-22.el5_3.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.3-22.el5_3.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.3-22.el5_3.3.x86_64",
"product": {
"name": "httpd-devel-0:2.2.3-22.el5_3.3.x86_64",
"product_id": "httpd-devel-0:2.2.3-22.el5_3.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.3-22.el5_3.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.3-22.el5_3.3.x86_64",
"product": {
"name": "mod_ssl-1:2.2.3-22.el5_3.3.x86_64",
"product_id": "mod_ssl-1:2.2.3-22.el5_3.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.3-22.el5_3.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.3-22.el5_3.3.x86_64",
"product": {
"name": "httpd-0:2.2.3-22.el5_3.3.x86_64",
"product_id": "httpd-0:2.2.3-22.el5_3.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.3-22.el5_3.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-5.el6_0.1.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.2.15-5.el6_0.1.x86_64",
"product_id": "httpd-debuginfo-0:2.2.15-5.el6_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-5.el6_0.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-5.el6_0.1.x86_64",
"product": {
"name": "mod_ssl-1:2.2.15-5.el6_0.1.x86_64",
"product_id": "mod_ssl-1:2.2.15-5.el6_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-5.el6_0.1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-5.el6_0.1.x86_64",
"product": {
"name": "httpd-0:2.2.15-5.el6_0.1.x86_64",
"product_id": "httpd-0:2.2.15-5.el6_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-5.el6_0.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-5.el6_0.1.x86_64",
"product": {
"name": "httpd-devel-0:2.2.15-5.el6_0.1.x86_64",
"product_id": "httpd-devel-0:2.2.15-5.el6_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-5.el6_0.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-5.el6_0.1.x86_64",
"product": {
"name": "httpd-tools-0:2.2.15-5.el6_0.1.x86_64",
"product_id": "httpd-tools-0:2.2.15-5.el6_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-5.el6_0.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.3-45.el5_6.2.i386",
"product": {
"name": "httpd-debuginfo-0:2.2.3-45.el5_6.2.i386",
"product_id": "httpd-debuginfo-0:2.2.3-45.el5_6.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-45.el5_6.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.3-45.el5_6.2.i386",
"product": {
"name": "httpd-devel-0:2.2.3-45.el5_6.2.i386",
"product_id": "httpd-devel-0:2.2.3-45.el5_6.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.3-45.el5_6.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.2.3-45.el5_6.2.i386",
"product": {
"name": "httpd-manual-0:2.2.3-45.el5_6.2.i386",
"product_id": "httpd-manual-0:2.2.3-45.el5_6.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.3-45.el5_6.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.3-45.el5_6.2.i386",
"product": {
"name": "mod_ssl-1:2.2.3-45.el5_6.2.i386",
"product_id": "mod_ssl-1:2.2.3-45.el5_6.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.3-45.el5_6.2?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.3-45.el5_6.2.i386",
"product": {
"name": "httpd-0:2.2.3-45.el5_6.2.i386",
"product_id": "httpd-0:2.2.3-45.el5_6.2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.3-45.el5_6.2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.3-22.el5_3.3.i386",
"product": {
"name": "httpd-debuginfo-0:2.2.3-22.el5_3.3.i386",
"product_id": "httpd-debuginfo-0:2.2.3-22.el5_3.3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-22.el5_3.3?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.3-22.el5_3.3.i386",
"product": {
"name": "httpd-devel-0:2.2.3-22.el5_3.3.i386",
"product_id": "httpd-devel-0:2.2.3-22.el5_3.3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.3-22.el5_3.3?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.2.3-22.el5_3.3.i386",
"product": {
"name": "httpd-manual-0:2.2.3-22.el5_3.3.i386",
"product_id": "httpd-manual-0:2.2.3-22.el5_3.3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.3-22.el5_3.3?arch=i386"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.3-22.el5_3.3.i386",
"product": {
"name": "mod_ssl-1:2.2.3-22.el5_3.3.i386",
"product_id": "mod_ssl-1:2.2.3-22.el5_3.3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.3-22.el5_3.3?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.3-22.el5_3.3.i386",
"product": {
"name": "httpd-0:2.2.3-22.el5_3.3.i386",
"product_id": "httpd-0:2.2.3-22.el5_3.3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.3-22.el5_3.3?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.2.3-45.el5_6.2.src",
"product": {
"name": "httpd-0:2.2.3-45.el5_6.2.src",
"product_id": "httpd-0:2.2.3-45.el5_6.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.3-45.el5_6.2?arch=src"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.3-22.el5_3.3.src",
"product": {
"name": "httpd-0:2.2.3-22.el5_3.3.src",
"product_id": "httpd-0:2.2.3-22.el5_3.3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.3-22.el5_3.3?arch=src"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-5.el6_0.1.src",
"product": {
"name": "httpd-0:2.2.15-5.el6_0.1.src",
"product_id": "httpd-0:2.2.15-5.el6_0.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-5.el6_0.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-5.el6_0.1.i686",
"product": {
"name": "httpd-debuginfo-0:2.2.15-5.el6_0.1.i686",
"product_id": "httpd-debuginfo-0:2.2.15-5.el6_0.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-5.el6_0.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-5.el6_0.1.i686",
"product": {
"name": "httpd-devel-0:2.2.15-5.el6_0.1.i686",
"product_id": "httpd-devel-0:2.2.15-5.el6_0.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-5.el6_0.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-5.el6_0.1.i686",
"product": {
"name": "mod_ssl-1:2.2.15-5.el6_0.1.i686",
"product_id": "mod_ssl-1:2.2.15-5.el6_0.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-5.el6_0.1?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-5.el6_0.1.i686",
"product": {
"name": "httpd-0:2.2.15-5.el6_0.1.i686",
"product_id": "httpd-0:2.2.15-5.el6_0.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-5.el6_0.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-5.el6_0.1.i686",
"product": {
"name": "httpd-tools-0:2.2.15-5.el6_0.1.i686",
"product_id": "httpd-tools-0:2.2.15-5.el6_0.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-5.el6_0.1?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.2.15-5.el6_0.1.noarch",
"product": {
"name": "httpd-manual-0:2.2.15-5.el6_0.1.noarch",
"product_id": "httpd-manual-0:2.2.15-5.el6_0.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.15-5.el6_0.1?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-22.el5_3.3.i386 as a component of Red Hat Enterprise Linux Long Life (v. 5.3 server)",
"product_id": "5Server-5.3.LL:httpd-0:2.2.3-22.el5_3.3.i386"
},
"product_reference": "httpd-0:2.2.3-22.el5_3.3.i386",
"relates_to_product_reference": "5Server-5.3.LL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-22.el5_3.3.ia64 as a component of Red Hat Enterprise Linux Long Life (v. 5.3 server)",
"product_id": "5Server-5.3.LL:httpd-0:2.2.3-22.el5_3.3.ia64"
},
"product_reference": "httpd-0:2.2.3-22.el5_3.3.ia64",
"relates_to_product_reference": "5Server-5.3.LL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-22.el5_3.3.src as a component of Red Hat Enterprise Linux Long Life (v. 5.3 server)",
"product_id": "5Server-5.3.LL:httpd-0:2.2.3-22.el5_3.3.src"
},
"product_reference": "httpd-0:2.2.3-22.el5_3.3.src",
"relates_to_product_reference": "5Server-5.3.LL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-22.el5_3.3.x86_64 as a component of Red Hat Enterprise Linux Long Life (v. 5.3 server)",
"product_id": "5Server-5.3.LL:httpd-0:2.2.3-22.el5_3.3.x86_64"
},
"product_reference": "httpd-0:2.2.3-22.el5_3.3.x86_64",
"relates_to_product_reference": "5Server-5.3.LL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-22.el5_3.3.i386 as a component of Red Hat Enterprise Linux Long Life (v. 5.3 server)",
"product_id": "5Server-5.3.LL:httpd-debuginfo-0:2.2.3-22.el5_3.3.i386"
},
"product_reference": "httpd-debuginfo-0:2.2.3-22.el5_3.3.i386",
"relates_to_product_reference": "5Server-5.3.LL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-22.el5_3.3.ia64 as a component of Red Hat Enterprise Linux Long Life (v. 5.3 server)",
"product_id": "5Server-5.3.LL:httpd-debuginfo-0:2.2.3-22.el5_3.3.ia64"
},
"product_reference": "httpd-debuginfo-0:2.2.3-22.el5_3.3.ia64",
"relates_to_product_reference": "5Server-5.3.LL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-22.el5_3.3.x86_64 as a component of Red Hat Enterprise Linux Long Life (v. 5.3 server)",
"product_id": "5Server-5.3.LL:httpd-debuginfo-0:2.2.3-22.el5_3.3.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.3-22.el5_3.3.x86_64",
"relates_to_product_reference": "5Server-5.3.LL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-22.el5_3.3.i386 as a component of Red Hat Enterprise Linux Long Life (v. 5.3 server)",
"product_id": "5Server-5.3.LL:httpd-devel-0:2.2.3-22.el5_3.3.i386"
},
"product_reference": "httpd-devel-0:2.2.3-22.el5_3.3.i386",
"relates_to_product_reference": "5Server-5.3.LL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-22.el5_3.3.ia64 as a component of Red Hat Enterprise Linux Long Life (v. 5.3 server)",
"product_id": "5Server-5.3.LL:httpd-devel-0:2.2.3-22.el5_3.3.ia64"
},
"product_reference": "httpd-devel-0:2.2.3-22.el5_3.3.ia64",
"relates_to_product_reference": "5Server-5.3.LL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-22.el5_3.3.x86_64 as a component of Red Hat Enterprise Linux Long Life (v. 5.3 server)",
"product_id": "5Server-5.3.LL:httpd-devel-0:2.2.3-22.el5_3.3.x86_64"
},
"product_reference": "httpd-devel-0:2.2.3-22.el5_3.3.x86_64",
"relates_to_product_reference": "5Server-5.3.LL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.3-22.el5_3.3.i386 as a component of Red Hat Enterprise Linux Long Life (v. 5.3 server)",
"product_id": "5Server-5.3.LL:httpd-manual-0:2.2.3-22.el5_3.3.i386"
},
"product_reference": "httpd-manual-0:2.2.3-22.el5_3.3.i386",
"relates_to_product_reference": "5Server-5.3.LL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.3-22.el5_3.3.ia64 as a component of Red Hat Enterprise Linux Long Life (v. 5.3 server)",
"product_id": "5Server-5.3.LL:httpd-manual-0:2.2.3-22.el5_3.3.ia64"
},
"product_reference": "httpd-manual-0:2.2.3-22.el5_3.3.ia64",
"relates_to_product_reference": "5Server-5.3.LL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.3-22.el5_3.3.x86_64 as a component of Red Hat Enterprise Linux Long Life (v. 5.3 server)",
"product_id": "5Server-5.3.LL:httpd-manual-0:2.2.3-22.el5_3.3.x86_64"
},
"product_reference": "httpd-manual-0:2.2.3-22.el5_3.3.x86_64",
"relates_to_product_reference": "5Server-5.3.LL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.3-22.el5_3.3.i386 as a component of Red Hat Enterprise Linux Long Life (v. 5.3 server)",
"product_id": "5Server-5.3.LL:mod_ssl-1:2.2.3-22.el5_3.3.i386"
},
"product_reference": "mod_ssl-1:2.2.3-22.el5_3.3.i386",
"relates_to_product_reference": "5Server-5.3.LL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.3-22.el5_3.3.ia64 as a component of Red Hat Enterprise Linux Long Life (v. 5.3 server)",
"product_id": "5Server-5.3.LL:mod_ssl-1:2.2.3-22.el5_3.3.ia64"
},
"product_reference": "mod_ssl-1:2.2.3-22.el5_3.3.ia64",
"relates_to_product_reference": "5Server-5.3.LL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.3-22.el5_3.3.x86_64 as a component of Red Hat Enterprise Linux Long Life (v. 5.3 server)",
"product_id": "5Server-5.3.LL:mod_ssl-1:2.2.3-22.el5_3.3.x86_64"
},
"product_reference": "mod_ssl-1:2.2.3-22.el5_3.3.x86_64",
"relates_to_product_reference": "5Server-5.3.LL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-45.el5_6.2.i386 as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.i386"
},
"product_reference": "httpd-0:2.2.3-45.el5_6.2.i386",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-45.el5_6.2.ia64 as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.ia64"
},
"product_reference": "httpd-0:2.2.3-45.el5_6.2.ia64",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-45.el5_6.2.ppc as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.ppc"
},
"product_reference": "httpd-0:2.2.3-45.el5_6.2.ppc",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-45.el5_6.2.s390x as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.s390x"
},
"product_reference": "httpd-0:2.2.3-45.el5_6.2.s390x",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-45.el5_6.2.src as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.src"
},
"product_reference": "httpd-0:2.2.3-45.el5_6.2.src",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-45.el5_6.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.x86_64"
},
"product_reference": "httpd-0:2.2.3-45.el5_6.2.x86_64",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-45.el5_6.2.i386 as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.i386"
},
"product_reference": "httpd-debuginfo-0:2.2.3-45.el5_6.2.i386",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-45.el5_6.2.ia64 as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.ia64"
},
"product_reference": "httpd-debuginfo-0:2.2.3-45.el5_6.2.ia64",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-45.el5_6.2.ppc as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.3-45.el5_6.2.ppc",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-45.el5_6.2.ppc64 as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.3-45.el5_6.2.ppc64",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-45.el5_6.2.s390 as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.3-45.el5_6.2.s390",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-45.el5_6.2.s390x as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.3-45.el5_6.2.s390x",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-45.el5_6.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.3-45.el5_6.2.x86_64",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-45.el5_6.2.i386 as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.i386"
},
"product_reference": "httpd-devel-0:2.2.3-45.el5_6.2.i386",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-45.el5_6.2.ia64 as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.ia64"
},
"product_reference": "httpd-devel-0:2.2.3-45.el5_6.2.ia64",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-45.el5_6.2.ppc as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.ppc"
},
"product_reference": "httpd-devel-0:2.2.3-45.el5_6.2.ppc",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-45.el5_6.2.ppc64 as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.ppc64"
},
"product_reference": "httpd-devel-0:2.2.3-45.el5_6.2.ppc64",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-45.el5_6.2.s390 as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.s390"
},
"product_reference": "httpd-devel-0:2.2.3-45.el5_6.2.s390",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-45.el5_6.2.s390x as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.s390x"
},
"product_reference": "httpd-devel-0:2.2.3-45.el5_6.2.s390x",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-45.el5_6.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.x86_64"
},
"product_reference": "httpd-devel-0:2.2.3-45.el5_6.2.x86_64",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.3-45.el5_6.2.i386 as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-manual-0:2.2.3-45.el5_6.2.i386"
},
"product_reference": "httpd-manual-0:2.2.3-45.el5_6.2.i386",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.3-45.el5_6.2.ia64 as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-manual-0:2.2.3-45.el5_6.2.ia64"
},
"product_reference": "httpd-manual-0:2.2.3-45.el5_6.2.ia64",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.3-45.el5_6.2.ppc as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-manual-0:2.2.3-45.el5_6.2.ppc"
},
"product_reference": "httpd-manual-0:2.2.3-45.el5_6.2.ppc",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.3-45.el5_6.2.s390x as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-manual-0:2.2.3-45.el5_6.2.s390x"
},
"product_reference": "httpd-manual-0:2.2.3-45.el5_6.2.s390x",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.3-45.el5_6.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:httpd-manual-0:2.2.3-45.el5_6.2.x86_64"
},
"product_reference": "httpd-manual-0:2.2.3-45.el5_6.2.x86_64",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.3-45.el5_6.2.i386 as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:mod_ssl-1:2.2.3-45.el5_6.2.i386"
},
"product_reference": "mod_ssl-1:2.2.3-45.el5_6.2.i386",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.3-45.el5_6.2.ia64 as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:mod_ssl-1:2.2.3-45.el5_6.2.ia64"
},
"product_reference": "mod_ssl-1:2.2.3-45.el5_6.2.ia64",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.3-45.el5_6.2.ppc as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:mod_ssl-1:2.2.3-45.el5_6.2.ppc"
},
"product_reference": "mod_ssl-1:2.2.3-45.el5_6.2.ppc",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.3-45.el5_6.2.s390x as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:mod_ssl-1:2.2.3-45.el5_6.2.s390x"
},
"product_reference": "mod_ssl-1:2.2.3-45.el5_6.2.s390x",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.3-45.el5_6.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
"product_id": "5Server-5.6.Z:mod_ssl-1:2.2.3-45.el5_6.2.x86_64"
},
"product_reference": "mod_ssl-1:2.2.3-45.el5_6.2.x86_64",
"relates_to_product_reference": "5Server-5.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-5.el6_0.1.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:httpd-0:2.2.15-5.el6_0.1.i686"
},
"product_reference": "httpd-0:2.2.15-5.el6_0.1.i686",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-5.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:httpd-0:2.2.15-5.el6_0.1.ppc64"
},
"product_reference": "httpd-0:2.2.15-5.el6_0.1.ppc64",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-5.el6_0.1.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:httpd-0:2.2.15-5.el6_0.1.s390x"
},
"product_reference": "httpd-0:2.2.15-5.el6_0.1.s390x",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-5.el6_0.1.src as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:httpd-0:2.2.15-5.el6_0.1.src"
},
"product_reference": "httpd-0:2.2.15-5.el6_0.1.src",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-5.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:httpd-0:2.2.15-5.el6_0.1.x86_64"
},
"product_reference": "httpd-0:2.2.15-5.el6_0.1.x86_64",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-5.el6_0.1.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-5.el6_0.1.i686",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-5.el6_0.1.ppc as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-5.el6_0.1.ppc",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-5.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-5.el6_0.1.ppc64",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-5.el6_0.1.s390 as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-5.el6_0.1.s390",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-5.el6_0.1.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-5.el6_0.1.s390x",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-5.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-5.el6_0.1.x86_64",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-5.el6_0.1.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.i686"
},
"product_reference": "httpd-devel-0:2.2.15-5.el6_0.1.i686",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-5.el6_0.1.ppc as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-5.el6_0.1.ppc",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-5.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-5.el6_0.1.ppc64",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-5.el6_0.1.s390 as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.s390"
},
"product_reference": "httpd-devel-0:2.2.15-5.el6_0.1.s390",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-5.el6_0.1.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-5.el6_0.1.s390x",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-5.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-5.el6_0.1.x86_64",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-5.el6_0.1.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:httpd-manual-0:2.2.15-5.el6_0.1.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-5.el6_0.1.noarch",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-5.el6_0.1.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:httpd-tools-0:2.2.15-5.el6_0.1.i686"
},
"product_reference": "httpd-tools-0:2.2.15-5.el6_0.1.i686",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-5.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:httpd-tools-0:2.2.15-5.el6_0.1.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-5.el6_0.1.ppc64",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-5.el6_0.1.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:httpd-tools-0:2.2.15-5.el6_0.1.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-5.el6_0.1.s390x",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-5.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:httpd-tools-0:2.2.15-5.el6_0.1.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-5.el6_0.1.x86_64",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-5.el6_0.1.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:mod_ssl-1:2.2.15-5.el6_0.1.i686"
},
"product_reference": "mod_ssl-1:2.2.15-5.el6_0.1.i686",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-5.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:mod_ssl-1:2.2.15-5.el6_0.1.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-5.el6_0.1.ppc64",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-5.el6_0.1.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:mod_ssl-1:2.2.15-5.el6_0.1.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-5.el6_0.1.s390x",
"relates_to_product_reference": "6Server-6.0.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-5.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.0)",
"product_id": "6Server-6.0.z:mod_ssl-1:2.2.15-5.el6_0.1.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-5.el6_0.1.x86_64",
"relates_to_product_reference": "6Server-6.0.z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2011-3192",
"discovery_date": "2011-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "732928"
}
],
"notes": [
{
"category": "description",
"text": "The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: multiple ranges DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Before updated packages are deployed, users can deploy configuration changes to mitigate this flaw:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3192#c18",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-5.3.LL:httpd-0:2.2.3-22.el5_3.3.i386",
"5Server-5.3.LL:httpd-0:2.2.3-22.el5_3.3.ia64",
"5Server-5.3.LL:httpd-0:2.2.3-22.el5_3.3.src",
"5Server-5.3.LL:httpd-0:2.2.3-22.el5_3.3.x86_64",
"5Server-5.3.LL:httpd-debuginfo-0:2.2.3-22.el5_3.3.i386",
"5Server-5.3.LL:httpd-debuginfo-0:2.2.3-22.el5_3.3.ia64",
"5Server-5.3.LL:httpd-debuginfo-0:2.2.3-22.el5_3.3.x86_64",
"5Server-5.3.LL:httpd-devel-0:2.2.3-22.el5_3.3.i386",
"5Server-5.3.LL:httpd-devel-0:2.2.3-22.el5_3.3.ia64",
"5Server-5.3.LL:httpd-devel-0:2.2.3-22.el5_3.3.x86_64",
"5Server-5.3.LL:httpd-manual-0:2.2.3-22.el5_3.3.i386",
"5Server-5.3.LL:httpd-manual-0:2.2.3-22.el5_3.3.ia64",
"5Server-5.3.LL:httpd-manual-0:2.2.3-22.el5_3.3.x86_64",
"5Server-5.3.LL:mod_ssl-1:2.2.3-22.el5_3.3.i386",
"5Server-5.3.LL:mod_ssl-1:2.2.3-22.el5_3.3.ia64",
"5Server-5.3.LL:mod_ssl-1:2.2.3-22.el5_3.3.x86_64",
"5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.i386",
"5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.ia64",
"5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.ppc",
"5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.s390x",
"5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.src",
"5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.x86_64",
"5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.i386",
"5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.ia64",
"5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.ppc",
"5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.ppc64",
"5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.s390",
"5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.s390x",
"5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.x86_64",
"5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.i386",
"5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.ia64",
"5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.ppc",
"5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.ppc64",
"5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.s390",
"5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.s390x",
"5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.x86_64",
"5Server-5.6.Z:httpd-manual-0:2.2.3-45.el5_6.2.i386",
"5Server-5.6.Z:httpd-manual-0:2.2.3-45.el5_6.2.ia64",
"5Server-5.6.Z:httpd-manual-0:2.2.3-45.el5_6.2.ppc",
"5Server-5.6.Z:httpd-manual-0:2.2.3-45.el5_6.2.s390x",
"5Server-5.6.Z:httpd-manual-0:2.2.3-45.el5_6.2.x86_64",
"5Server-5.6.Z:mod_ssl-1:2.2.3-45.el5_6.2.i386",
"5Server-5.6.Z:mod_ssl-1:2.2.3-45.el5_6.2.ia64",
"5Server-5.6.Z:mod_ssl-1:2.2.3-45.el5_6.2.ppc",
"5Server-5.6.Z:mod_ssl-1:2.2.3-45.el5_6.2.s390x",
"5Server-5.6.Z:mod_ssl-1:2.2.3-45.el5_6.2.x86_64",
"6Server-6.0.z:httpd-0:2.2.15-5.el6_0.1.i686",
"6Server-6.0.z:httpd-0:2.2.15-5.el6_0.1.ppc64",
"6Server-6.0.z:httpd-0:2.2.15-5.el6_0.1.s390x",
"6Server-6.0.z:httpd-0:2.2.15-5.el6_0.1.src",
"6Server-6.0.z:httpd-0:2.2.15-5.el6_0.1.x86_64",
"6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.i686",
"6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.ppc",
"6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.ppc64",
"6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.s390",
"6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.s390x",
"6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.x86_64",
"6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.i686",
"6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.ppc",
"6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.ppc64",
"6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.s390",
"6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.s390x",
"6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.x86_64",
"6Server-6.0.z:httpd-manual-0:2.2.15-5.el6_0.1.noarch",
"6Server-6.0.z:httpd-tools-0:2.2.15-5.el6_0.1.i686",
"6Server-6.0.z:httpd-tools-0:2.2.15-5.el6_0.1.ppc64",
"6Server-6.0.z:httpd-tools-0:2.2.15-5.el6_0.1.s390x",
"6Server-6.0.z:httpd-tools-0:2.2.15-5.el6_0.1.x86_64",
"6Server-6.0.z:mod_ssl-1:2.2.15-5.el6_0.1.i686",
"6Server-6.0.z:mod_ssl-1:2.2.15-5.el6_0.1.ppc64",
"6Server-6.0.z:mod_ssl-1:2.2.15-5.el6_0.1.s390x",
"6Server-6.0.z:mod_ssl-1:2.2.15-5.el6_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-3192"
},
{
"category": "external",
"summary": "RHBZ#732928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-3192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3192"
}
],
"release_date": "2011-08-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-09-14T18:59:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Server-5.3.LL:httpd-0:2.2.3-22.el5_3.3.i386",
"5Server-5.3.LL:httpd-0:2.2.3-22.el5_3.3.ia64",
"5Server-5.3.LL:httpd-0:2.2.3-22.el5_3.3.src",
"5Server-5.3.LL:httpd-0:2.2.3-22.el5_3.3.x86_64",
"5Server-5.3.LL:httpd-debuginfo-0:2.2.3-22.el5_3.3.i386",
"5Server-5.3.LL:httpd-debuginfo-0:2.2.3-22.el5_3.3.ia64",
"5Server-5.3.LL:httpd-debuginfo-0:2.2.3-22.el5_3.3.x86_64",
"5Server-5.3.LL:httpd-devel-0:2.2.3-22.el5_3.3.i386",
"5Server-5.3.LL:httpd-devel-0:2.2.3-22.el5_3.3.ia64",
"5Server-5.3.LL:httpd-devel-0:2.2.3-22.el5_3.3.x86_64",
"5Server-5.3.LL:httpd-manual-0:2.2.3-22.el5_3.3.i386",
"5Server-5.3.LL:httpd-manual-0:2.2.3-22.el5_3.3.ia64",
"5Server-5.3.LL:httpd-manual-0:2.2.3-22.el5_3.3.x86_64",
"5Server-5.3.LL:mod_ssl-1:2.2.3-22.el5_3.3.i386",
"5Server-5.3.LL:mod_ssl-1:2.2.3-22.el5_3.3.ia64",
"5Server-5.3.LL:mod_ssl-1:2.2.3-22.el5_3.3.x86_64",
"5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.i386",
"5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.ia64",
"5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.ppc",
"5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.s390x",
"5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.src",
"5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.x86_64",
"5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.i386",
"5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.ia64",
"5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.ppc",
"5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.ppc64",
"5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.s390",
"5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.s390x",
"5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.x86_64",
"5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.i386",
"5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.ia64",
"5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.ppc",
"5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.ppc64",
"5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.s390",
"5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.s390x",
"5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.x86_64",
"5Server-5.6.Z:httpd-manual-0:2.2.3-45.el5_6.2.i386",
"5Server-5.6.Z:httpd-manual-0:2.2.3-45.el5_6.2.ia64",
"5Server-5.6.Z:httpd-manual-0:2.2.3-45.el5_6.2.ppc",
"5Server-5.6.Z:httpd-manual-0:2.2.3-45.el5_6.2.s390x",
"5Server-5.6.Z:httpd-manual-0:2.2.3-45.el5_6.2.x86_64",
"5Server-5.6.Z:mod_ssl-1:2.2.3-45.el5_6.2.i386",
"5Server-5.6.Z:mod_ssl-1:2.2.3-45.el5_6.2.ia64",
"5Server-5.6.Z:mod_ssl-1:2.2.3-45.el5_6.2.ppc",
"5Server-5.6.Z:mod_ssl-1:2.2.3-45.el5_6.2.s390x",
"5Server-5.6.Z:mod_ssl-1:2.2.3-45.el5_6.2.x86_64",
"6Server-6.0.z:httpd-0:2.2.15-5.el6_0.1.i686",
"6Server-6.0.z:httpd-0:2.2.15-5.el6_0.1.ppc64",
"6Server-6.0.z:httpd-0:2.2.15-5.el6_0.1.s390x",
"6Server-6.0.z:httpd-0:2.2.15-5.el6_0.1.src",
"6Server-6.0.z:httpd-0:2.2.15-5.el6_0.1.x86_64",
"6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.i686",
"6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.ppc",
"6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.ppc64",
"6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.s390",
"6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.s390x",
"6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.x86_64",
"6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.i686",
"6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.ppc",
"6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.ppc64",
"6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.s390",
"6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.s390x",
"6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.x86_64",
"6Server-6.0.z:httpd-manual-0:2.2.15-5.el6_0.1.noarch",
"6Server-6.0.z:httpd-tools-0:2.2.15-5.el6_0.1.i686",
"6Server-6.0.z:httpd-tools-0:2.2.15-5.el6_0.1.ppc64",
"6Server-6.0.z:httpd-tools-0:2.2.15-5.el6_0.1.s390x",
"6Server-6.0.z:httpd-tools-0:2.2.15-5.el6_0.1.x86_64",
"6Server-6.0.z:mod_ssl-1:2.2.15-5.el6_0.1.i686",
"6Server-6.0.z:mod_ssl-1:2.2.15-5.el6_0.1.ppc64",
"6Server-6.0.z:mod_ssl-1:2.2.15-5.el6_0.1.s390x",
"6Server-6.0.z:mod_ssl-1:2.2.15-5.el6_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1294"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-5.3.LL:httpd-0:2.2.3-22.el5_3.3.i386",
"5Server-5.3.LL:httpd-0:2.2.3-22.el5_3.3.ia64",
"5Server-5.3.LL:httpd-0:2.2.3-22.el5_3.3.src",
"5Server-5.3.LL:httpd-0:2.2.3-22.el5_3.3.x86_64",
"5Server-5.3.LL:httpd-debuginfo-0:2.2.3-22.el5_3.3.i386",
"5Server-5.3.LL:httpd-debuginfo-0:2.2.3-22.el5_3.3.ia64",
"5Server-5.3.LL:httpd-debuginfo-0:2.2.3-22.el5_3.3.x86_64",
"5Server-5.3.LL:httpd-devel-0:2.2.3-22.el5_3.3.i386",
"5Server-5.3.LL:httpd-devel-0:2.2.3-22.el5_3.3.ia64",
"5Server-5.3.LL:httpd-devel-0:2.2.3-22.el5_3.3.x86_64",
"5Server-5.3.LL:httpd-manual-0:2.2.3-22.el5_3.3.i386",
"5Server-5.3.LL:httpd-manual-0:2.2.3-22.el5_3.3.ia64",
"5Server-5.3.LL:httpd-manual-0:2.2.3-22.el5_3.3.x86_64",
"5Server-5.3.LL:mod_ssl-1:2.2.3-22.el5_3.3.i386",
"5Server-5.3.LL:mod_ssl-1:2.2.3-22.el5_3.3.ia64",
"5Server-5.3.LL:mod_ssl-1:2.2.3-22.el5_3.3.x86_64",
"5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.i386",
"5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.ia64",
"5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.ppc",
"5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.s390x",
"5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.src",
"5Server-5.6.Z:httpd-0:2.2.3-45.el5_6.2.x86_64",
"5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.i386",
"5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.ia64",
"5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.ppc",
"5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.ppc64",
"5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.s390",
"5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.s390x",
"5Server-5.6.Z:httpd-debuginfo-0:2.2.3-45.el5_6.2.x86_64",
"5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.i386",
"5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.ia64",
"5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.ppc",
"5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.ppc64",
"5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.s390",
"5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.s390x",
"5Server-5.6.Z:httpd-devel-0:2.2.3-45.el5_6.2.x86_64",
"5Server-5.6.Z:httpd-manual-0:2.2.3-45.el5_6.2.i386",
"5Server-5.6.Z:httpd-manual-0:2.2.3-45.el5_6.2.ia64",
"5Server-5.6.Z:httpd-manual-0:2.2.3-45.el5_6.2.ppc",
"5Server-5.6.Z:httpd-manual-0:2.2.3-45.el5_6.2.s390x",
"5Server-5.6.Z:httpd-manual-0:2.2.3-45.el5_6.2.x86_64",
"5Server-5.6.Z:mod_ssl-1:2.2.3-45.el5_6.2.i386",
"5Server-5.6.Z:mod_ssl-1:2.2.3-45.el5_6.2.ia64",
"5Server-5.6.Z:mod_ssl-1:2.2.3-45.el5_6.2.ppc",
"5Server-5.6.Z:mod_ssl-1:2.2.3-45.el5_6.2.s390x",
"5Server-5.6.Z:mod_ssl-1:2.2.3-45.el5_6.2.x86_64",
"6Server-6.0.z:httpd-0:2.2.15-5.el6_0.1.i686",
"6Server-6.0.z:httpd-0:2.2.15-5.el6_0.1.ppc64",
"6Server-6.0.z:httpd-0:2.2.15-5.el6_0.1.s390x",
"6Server-6.0.z:httpd-0:2.2.15-5.el6_0.1.src",
"6Server-6.0.z:httpd-0:2.2.15-5.el6_0.1.x86_64",
"6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.i686",
"6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.ppc",
"6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.ppc64",
"6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.s390",
"6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.s390x",
"6Server-6.0.z:httpd-debuginfo-0:2.2.15-5.el6_0.1.x86_64",
"6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.i686",
"6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.ppc",
"6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.ppc64",
"6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.s390",
"6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.s390x",
"6Server-6.0.z:httpd-devel-0:2.2.15-5.el6_0.1.x86_64",
"6Server-6.0.z:httpd-manual-0:2.2.15-5.el6_0.1.noarch",
"6Server-6.0.z:httpd-tools-0:2.2.15-5.el6_0.1.i686",
"6Server-6.0.z:httpd-tools-0:2.2.15-5.el6_0.1.ppc64",
"6Server-6.0.z:httpd-tools-0:2.2.15-5.el6_0.1.s390x",
"6Server-6.0.z:httpd-tools-0:2.2.15-5.el6_0.1.x86_64",
"6Server-6.0.z:mod_ssl-1:2.2.15-5.el6_0.1.i686",
"6Server-6.0.z:mod_ssl-1:2.2.15-5.el6_0.1.ppc64",
"6Server-6.0.z:mod_ssl-1:2.2.15-5.el6_0.1.s390x",
"6Server-6.0.z:mod_ssl-1:2.2.15-5.el6_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: multiple ranges DoS"
}
]
}
RHSA-2011:1245
Vulnerability from csaf_redhat - Published: 2011-08-31 22:43 - Updated: 2025-11-21 17:38Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
Updated httpd packages that fix one security issue are now available for
Red Hat Enterprise Linux 4, 5, and 6.
The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.
Details
The Apache HTTP Server is a popular web server.
A flaw was found in the way the Apache HTTP Server handled Range HTTP
headers. A remote attacker could use this flaw to cause httpd to use an
excessive amount of memory and CPU time via HTTP requests with a
specially-crafted Range header. (CVE-2011-3192)
All httpd users should upgrade to these updated packages, which contain a
backported patch to correct this issue. After installing the updated
packages, the httpd daemon must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated httpd packages that fix one security issue are now available for\nRed Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from the\nCVE link in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Apache HTTP Server is a popular web server.\n\nA flaw was found in the way the Apache HTTP Server handled Range HTTP\nheaders. A remote attacker could use this flaw to cause httpd to use an\nexcessive amount of memory and CPU time via HTTP requests with a\nspecially-crafted Range header. (CVE-2011-3192)\n\nAll httpd users should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2011:1245",
"url": "https://access.redhat.com/errata/RHSA-2011:1245"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "732928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_1245.json"
}
],
"title": "Red Hat Security Advisory: httpd security update",
"tracking": {
"current_release_date": "2025-11-21T17:38:48+00:00",
"generator": {
"date": "2025-11-21T17:38:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2011:1245",
"initial_release_date": "2011-08-31T22:43:00+00:00",
"revision_history": [
{
"date": "2011-08-31T22:43:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2011-08-31T18:44:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:38:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "RHEL Desktop Workstation (v. 5 client)",
"product": {
"name": "RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.2.3-53.el5_7.1.x86_64",
"product": {
"name": "httpd-manual-0:2.2.3-53.el5_7.1.x86_64",
"product_id": "httpd-manual-0:2.2.3-53.el5_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.3-53.el5_7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.x86_64",
"product_id": "httpd-debuginfo-0:2.2.3-53.el5_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-53.el5_7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.3-53.el5_7.1.x86_64",
"product": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.x86_64",
"product_id": "httpd-devel-0:2.2.3-53.el5_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.3-53.el5_7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.3-53.el5_7.1.x86_64",
"product": {
"name": "mod_ssl-1:2.2.3-53.el5_7.1.x86_64",
"product_id": "mod_ssl-1:2.2.3-53.el5_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.3-53.el5_7.1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.3-53.el5_7.1.x86_64",
"product": {
"name": "httpd-0:2.2.3-53.el5_7.1.x86_64",
"product_id": "httpd-0:2.2.3-53.el5_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.3-53.el5_7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-9.el6_1.2.x86_64",
"product": {
"name": "mod_ssl-1:2.2.15-9.el6_1.2.x86_64",
"product_id": "mod_ssl-1:2.2.15-9.el6_1.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-9.el6_1.2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-9.el6_1.2.x86_64",
"product": {
"name": "httpd-devel-0:2.2.15-9.el6_1.2.x86_64",
"product_id": "httpd-devel-0:2.2.15-9.el6_1.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-9.el6_1.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-9.el6_1.2.x86_64",
"product": {
"name": "httpd-tools-0:2.2.15-9.el6_1.2.x86_64",
"product_id": "httpd-tools-0:2.2.15-9.el6_1.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-9.el6_1.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-9.el6_1.2.x86_64",
"product": {
"name": "httpd-0:2.2.15-9.el6_1.2.x86_64",
"product_id": "httpd-0:2.2.15-9.el6_1.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-9.el6_1.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-9.el6_1.2.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.2.15-9.el6_1.2.x86_64",
"product_id": "httpd-debuginfo-0:2.2.15-9.el6_1.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-9.el6_1.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.0.52-48.ent.x86_64",
"product": {
"name": "mod_ssl-1:2.0.52-48.ent.x86_64",
"product_id": "mod_ssl-1:2.0.52-48.ent.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.0.52-48.ent?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.0.52-48.ent.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.x86_64",
"product_id": "httpd-debuginfo-0:2.0.52-48.ent.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.0.52-48.ent?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.0.52-48.ent.x86_64",
"product": {
"name": "httpd-manual-0:2.0.52-48.ent.x86_64",
"product_id": "httpd-manual-0:2.0.52-48.ent.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.0.52-48.ent?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-suexec-0:2.0.52-48.ent.x86_64",
"product": {
"name": "httpd-suexec-0:2.0.52-48.ent.x86_64",
"product_id": "httpd-suexec-0:2.0.52-48.ent.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-suexec@2.0.52-48.ent?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.0.52-48.ent.x86_64",
"product": {
"name": "httpd-devel-0:2.0.52-48.ent.x86_64",
"product_id": "httpd-devel-0:2.0.52-48.ent.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.0.52-48.ent?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.0.52-48.ent.x86_64",
"product": {
"name": "httpd-0:2.0.52-48.ent.x86_64",
"product_id": "httpd-0:2.0.52-48.ent.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.0.52-48.ent?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.i386",
"product": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.i386",
"product_id": "httpd-debuginfo-0:2.2.3-53.el5_7.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-53.el5_7.1?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.3-53.el5_7.1.i386",
"product": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.i386",
"product_id": "httpd-devel-0:2.2.3-53.el5_7.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.3-53.el5_7.1?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.2.3-53.el5_7.1.i386",
"product": {
"name": "httpd-manual-0:2.2.3-53.el5_7.1.i386",
"product_id": "httpd-manual-0:2.2.3-53.el5_7.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.3-53.el5_7.1?arch=i386"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.3-53.el5_7.1.i386",
"product": {
"name": "mod_ssl-1:2.2.3-53.el5_7.1.i386",
"product_id": "mod_ssl-1:2.2.3-53.el5_7.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.3-53.el5_7.1?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.3-53.el5_7.1.i386",
"product": {
"name": "httpd-0:2.2.3-53.el5_7.1.i386",
"product_id": "httpd-0:2.2.3-53.el5_7.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.3-53.el5_7.1?arch=i386"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.0.52-48.ent.i386",
"product": {
"name": "mod_ssl-1:2.0.52-48.ent.i386",
"product_id": "mod_ssl-1:2.0.52-48.ent.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.0.52-48.ent?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.0.52-48.ent.i386",
"product": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.i386",
"product_id": "httpd-debuginfo-0:2.0.52-48.ent.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.0.52-48.ent?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.0.52-48.ent.i386",
"product": {
"name": "httpd-manual-0:2.0.52-48.ent.i386",
"product_id": "httpd-manual-0:2.0.52-48.ent.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.0.52-48.ent?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-suexec-0:2.0.52-48.ent.i386",
"product": {
"name": "httpd-suexec-0:2.0.52-48.ent.i386",
"product_id": "httpd-suexec-0:2.0.52-48.ent.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-suexec@2.0.52-48.ent?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.0.52-48.ent.i386",
"product": {
"name": "httpd-devel-0:2.0.52-48.ent.i386",
"product_id": "httpd-devel-0:2.0.52-48.ent.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.0.52-48.ent?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.0.52-48.ent.i386",
"product": {
"name": "httpd-0:2.0.52-48.ent.i386",
"product_id": "httpd-0:2.0.52-48.ent.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.0.52-48.ent?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.2.3-53.el5_7.1.src",
"product": {
"name": "httpd-0:2.2.3-53.el5_7.1.src",
"product_id": "httpd-0:2.2.3-53.el5_7.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.3-53.el5_7.1?arch=src"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-9.el6_1.2.src",
"product": {
"name": "httpd-0:2.2.15-9.el6_1.2.src",
"product_id": "httpd-0:2.2.15-9.el6_1.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-9.el6_1.2?arch=src"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.0.52-48.ent.src",
"product": {
"name": "httpd-0:2.0.52-48.ent.src",
"product_id": "httpd-0:2.0.52-48.ent.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.0.52-48.ent?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.2.3-53.el5_7.1.ia64",
"product": {
"name": "httpd-manual-0:2.2.3-53.el5_7.1.ia64",
"product_id": "httpd-manual-0:2.2.3-53.el5_7.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.3-53.el5_7.1?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ia64",
"product": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ia64",
"product_id": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-53.el5_7.1?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.3-53.el5_7.1.ia64",
"product": {
"name": "mod_ssl-1:2.2.3-53.el5_7.1.ia64",
"product_id": "mod_ssl-1:2.2.3-53.el5_7.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.3-53.el5_7.1?arch=ia64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.3-53.el5_7.1.ia64",
"product": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.ia64",
"product_id": "httpd-devel-0:2.2.3-53.el5_7.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.3-53.el5_7.1?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.3-53.el5_7.1.ia64",
"product": {
"name": "httpd-0:2.2.3-53.el5_7.1.ia64",
"product_id": "httpd-0:2.2.3-53.el5_7.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.3-53.el5_7.1?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.0.52-48.ent.ia64",
"product": {
"name": "mod_ssl-1:2.0.52-48.ent.ia64",
"product_id": "mod_ssl-1:2.0.52-48.ent.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.0.52-48.ent?arch=ia64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.0.52-48.ent.ia64",
"product": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.ia64",
"product_id": "httpd-debuginfo-0:2.0.52-48.ent.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.0.52-48.ent?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.0.52-48.ent.ia64",
"product": {
"name": "httpd-manual-0:2.0.52-48.ent.ia64",
"product_id": "httpd-manual-0:2.0.52-48.ent.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.0.52-48.ent?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "httpd-suexec-0:2.0.52-48.ent.ia64",
"product": {
"name": "httpd-suexec-0:2.0.52-48.ent.ia64",
"product_id": "httpd-suexec-0:2.0.52-48.ent.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-suexec@2.0.52-48.ent?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.0.52-48.ent.ia64",
"product": {
"name": "httpd-devel-0:2.0.52-48.ent.ia64",
"product_id": "httpd-devel-0:2.0.52-48.ent.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.0.52-48.ent?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.0.52-48.ent.ia64",
"product": {
"name": "httpd-0:2.0.52-48.ent.ia64",
"product_id": "httpd-0:2.0.52-48.ent.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.0.52-48.ent?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.2.3-53.el5_7.1.ppc",
"product": {
"name": "httpd-manual-0:2.2.3-53.el5_7.1.ppc",
"product_id": "httpd-manual-0:2.2.3-53.el5_7.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.3-53.el5_7.1?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc",
"product": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc",
"product_id": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-53.el5_7.1?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.3-53.el5_7.1.ppc",
"product": {
"name": "mod_ssl-1:2.2.3-53.el5_7.1.ppc",
"product_id": "mod_ssl-1:2.2.3-53.el5_7.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.3-53.el5_7.1?arch=ppc\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.3-53.el5_7.1.ppc",
"product": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.ppc",
"product_id": "httpd-devel-0:2.2.3-53.el5_7.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.3-53.el5_7.1?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.3-53.el5_7.1.ppc",
"product": {
"name": "httpd-0:2.2.3-53.el5_7.1.ppc",
"product_id": "httpd-0:2.2.3-53.el5_7.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.3-53.el5_7.1?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-9.el6_1.2.ppc",
"product": {
"name": "httpd-devel-0:2.2.15-9.el6_1.2.ppc",
"product_id": "httpd-devel-0:2.2.15-9.el6_1.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-9.el6_1.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-9.el6_1.2.ppc",
"product": {
"name": "httpd-debuginfo-0:2.2.15-9.el6_1.2.ppc",
"product_id": "httpd-debuginfo-0:2.2.15-9.el6_1.2.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-9.el6_1.2?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.0.52-48.ent.ppc",
"product": {
"name": "mod_ssl-1:2.0.52-48.ent.ppc",
"product_id": "mod_ssl-1:2.0.52-48.ent.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.0.52-48.ent?arch=ppc\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.0.52-48.ent.ppc",
"product": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.ppc",
"product_id": "httpd-debuginfo-0:2.0.52-48.ent.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.0.52-48.ent?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.0.52-48.ent.ppc",
"product": {
"name": "httpd-manual-0:2.0.52-48.ent.ppc",
"product_id": "httpd-manual-0:2.0.52-48.ent.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.0.52-48.ent?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "httpd-suexec-0:2.0.52-48.ent.ppc",
"product": {
"name": "httpd-suexec-0:2.0.52-48.ent.ppc",
"product_id": "httpd-suexec-0:2.0.52-48.ent.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-suexec@2.0.52-48.ent?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.0.52-48.ent.ppc",
"product": {
"name": "httpd-devel-0:2.0.52-48.ent.ppc",
"product_id": "httpd-devel-0:2.0.52-48.ent.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.0.52-48.ent?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.0.52-48.ent.ppc",
"product": {
"name": "httpd-0:2.0.52-48.ent.ppc",
"product_id": "httpd-0:2.0.52-48.ent.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.0.52-48.ent?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc64",
"product": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc64",
"product_id": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-53.el5_7.1?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.3-53.el5_7.1.ppc64",
"product": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.ppc64",
"product_id": "httpd-devel-0:2.2.3-53.el5_7.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.3-53.el5_7.1?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-9.el6_1.2.ppc64",
"product": {
"name": "mod_ssl-1:2.2.15-9.el6_1.2.ppc64",
"product_id": "mod_ssl-1:2.2.15-9.el6_1.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-9.el6_1.2?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-9.el6_1.2.ppc64",
"product": {
"name": "httpd-devel-0:2.2.15-9.el6_1.2.ppc64",
"product_id": "httpd-devel-0:2.2.15-9.el6_1.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-9.el6_1.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-9.el6_1.2.ppc64",
"product": {
"name": "httpd-tools-0:2.2.15-9.el6_1.2.ppc64",
"product_id": "httpd-tools-0:2.2.15-9.el6_1.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-9.el6_1.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-9.el6_1.2.ppc64",
"product": {
"name": "httpd-0:2.2.15-9.el6_1.2.ppc64",
"product_id": "httpd-0:2.2.15-9.el6_1.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-9.el6_1.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-9.el6_1.2.ppc64",
"product": {
"name": "httpd-debuginfo-0:2.2.15-9.el6_1.2.ppc64",
"product_id": "httpd-debuginfo-0:2.2.15-9.el6_1.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-9.el6_1.2?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.2.3-53.el5_7.1.s390x",
"product": {
"name": "httpd-manual-0:2.2.3-53.el5_7.1.s390x",
"product_id": "httpd-manual-0:2.2.3-53.el5_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.3-53.el5_7.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.s390x",
"product": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.s390x",
"product_id": "httpd-debuginfo-0:2.2.3-53.el5_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-53.el5_7.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.3-53.el5_7.1.s390x",
"product": {
"name": "mod_ssl-1:2.2.3-53.el5_7.1.s390x",
"product_id": "mod_ssl-1:2.2.3-53.el5_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.3-53.el5_7.1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.3-53.el5_7.1.s390x",
"product": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.s390x",
"product_id": "httpd-devel-0:2.2.3-53.el5_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.3-53.el5_7.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.3-53.el5_7.1.s390x",
"product": {
"name": "httpd-0:2.2.3-53.el5_7.1.s390x",
"product_id": "httpd-0:2.2.3-53.el5_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.3-53.el5_7.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-9.el6_1.2.s390x",
"product": {
"name": "mod_ssl-1:2.2.15-9.el6_1.2.s390x",
"product_id": "mod_ssl-1:2.2.15-9.el6_1.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-9.el6_1.2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-9.el6_1.2.s390x",
"product": {
"name": "httpd-devel-0:2.2.15-9.el6_1.2.s390x",
"product_id": "httpd-devel-0:2.2.15-9.el6_1.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-9.el6_1.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-9.el6_1.2.s390x",
"product": {
"name": "httpd-tools-0:2.2.15-9.el6_1.2.s390x",
"product_id": "httpd-tools-0:2.2.15-9.el6_1.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-9.el6_1.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-9.el6_1.2.s390x",
"product": {
"name": "httpd-0:2.2.15-9.el6_1.2.s390x",
"product_id": "httpd-0:2.2.15-9.el6_1.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-9.el6_1.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-9.el6_1.2.s390x",
"product": {
"name": "httpd-debuginfo-0:2.2.15-9.el6_1.2.s390x",
"product_id": "httpd-debuginfo-0:2.2.15-9.el6_1.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-9.el6_1.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.0.52-48.ent.s390x",
"product": {
"name": "mod_ssl-1:2.0.52-48.ent.s390x",
"product_id": "mod_ssl-1:2.0.52-48.ent.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.0.52-48.ent?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.0.52-48.ent.s390x",
"product": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.s390x",
"product_id": "httpd-debuginfo-0:2.0.52-48.ent.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.0.52-48.ent?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.0.52-48.ent.s390x",
"product": {
"name": "httpd-manual-0:2.0.52-48.ent.s390x",
"product_id": "httpd-manual-0:2.0.52-48.ent.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.0.52-48.ent?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-suexec-0:2.0.52-48.ent.s390x",
"product": {
"name": "httpd-suexec-0:2.0.52-48.ent.s390x",
"product_id": "httpd-suexec-0:2.0.52-48.ent.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-suexec@2.0.52-48.ent?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.0.52-48.ent.s390x",
"product": {
"name": "httpd-devel-0:2.0.52-48.ent.s390x",
"product_id": "httpd-devel-0:2.0.52-48.ent.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.0.52-48.ent?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.0.52-48.ent.s390x",
"product": {
"name": "httpd-0:2.0.52-48.ent.s390x",
"product_id": "httpd-0:2.0.52-48.ent.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.0.52-48.ent?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.s390",
"product": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.s390",
"product_id": "httpd-debuginfo-0:2.2.3-53.el5_7.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.3-53.el5_7.1?arch=s390"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.3-53.el5_7.1.s390",
"product": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.s390",
"product_id": "httpd-devel-0:2.2.3-53.el5_7.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.3-53.el5_7.1?arch=s390"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-9.el6_1.2.s390",
"product": {
"name": "httpd-devel-0:2.2.15-9.el6_1.2.s390",
"product_id": "httpd-devel-0:2.2.15-9.el6_1.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-9.el6_1.2?arch=s390"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-9.el6_1.2.s390",
"product": {
"name": "httpd-debuginfo-0:2.2.15-9.el6_1.2.s390",
"product_id": "httpd-debuginfo-0:2.2.15-9.el6_1.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-9.el6_1.2?arch=s390"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.0.52-48.ent.s390",
"product": {
"name": "mod_ssl-1:2.0.52-48.ent.s390",
"product_id": "mod_ssl-1:2.0.52-48.ent.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.0.52-48.ent?arch=s390\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.0.52-48.ent.s390",
"product": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.s390",
"product_id": "httpd-debuginfo-0:2.0.52-48.ent.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.0.52-48.ent?arch=s390"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.0.52-48.ent.s390",
"product": {
"name": "httpd-manual-0:2.0.52-48.ent.s390",
"product_id": "httpd-manual-0:2.0.52-48.ent.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.0.52-48.ent?arch=s390"
}
}
},
{
"category": "product_version",
"name": "httpd-suexec-0:2.0.52-48.ent.s390",
"product": {
"name": "httpd-suexec-0:2.0.52-48.ent.s390",
"product_id": "httpd-suexec-0:2.0.52-48.ent.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-suexec@2.0.52-48.ent?arch=s390"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.0.52-48.ent.s390",
"product": {
"name": "httpd-devel-0:2.0.52-48.ent.s390",
"product_id": "httpd-devel-0:2.0.52-48.ent.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.0.52-48.ent?arch=s390"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.0.52-48.ent.s390",
"product": {
"name": "httpd-0:2.0.52-48.ent.s390",
"product_id": "httpd-0:2.0.52-48.ent.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.0.52-48.ent?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-9.el6_1.2.i686",
"product": {
"name": "mod_ssl-1:2.2.15-9.el6_1.2.i686",
"product_id": "mod_ssl-1:2.2.15-9.el6_1.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-9.el6_1.2?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-9.el6_1.2.i686",
"product": {
"name": "httpd-devel-0:2.2.15-9.el6_1.2.i686",
"product_id": "httpd-devel-0:2.2.15-9.el6_1.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-9.el6_1.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-9.el6_1.2.i686",
"product": {
"name": "httpd-tools-0:2.2.15-9.el6_1.2.i686",
"product_id": "httpd-tools-0:2.2.15-9.el6_1.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-9.el6_1.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-9.el6_1.2.i686",
"product": {
"name": "httpd-0:2.2.15-9.el6_1.2.i686",
"product_id": "httpd-0:2.2.15-9.el6_1.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-9.el6_1.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-9.el6_1.2.i686",
"product": {
"name": "httpd-debuginfo-0:2.2.15-9.el6_1.2.i686",
"product_id": "httpd-debuginfo-0:2.2.15-9.el6_1.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-9.el6_1.2?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.2.15-9.el6_1.2.noarch",
"product": {
"name": "httpd-manual-0:2.2.15-9.el6_1.2.noarch",
"product_id": "httpd-manual-0:2.2.15-9.el6_1.2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.15-9.el6_1.2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-0:2.0.52-48.ent.i386"
},
"product_reference": "httpd-0:2.0.52-48.ent.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-0:2.0.52-48.ent.ia64"
},
"product_reference": "httpd-0:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-0:2.0.52-48.ent.ppc"
},
"product_reference": "httpd-0:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-0:2.0.52-48.ent.s390"
},
"product_reference": "httpd-0:2.0.52-48.ent.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-0:2.0.52-48.ent.s390x"
},
"product_reference": "httpd-0:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-0:2.0.52-48.ent.src"
},
"product_reference": "httpd-0:2.0.52-48.ent.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-0:2.0.52-48.ent.x86_64"
},
"product_reference": "httpd-0:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-debuginfo-0:2.0.52-48.ent.i386"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-debuginfo-0:2.0.52-48.ent.ia64"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-debuginfo-0:2.0.52-48.ent.ppc"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-debuginfo-0:2.0.52-48.ent.s390"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-debuginfo-0:2.0.52-48.ent.s390x"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-debuginfo-0:2.0.52-48.ent.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-devel-0:2.0.52-48.ent.i386"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-devel-0:2.0.52-48.ent.ia64"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-devel-0:2.0.52-48.ent.ppc"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-devel-0:2.0.52-48.ent.s390"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-devel-0:2.0.52-48.ent.s390x"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-devel-0:2.0.52-48.ent.x86_64"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-manual-0:2.0.52-48.ent.i386"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-manual-0:2.0.52-48.ent.ia64"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-manual-0:2.0.52-48.ent.ppc"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-manual-0:2.0.52-48.ent.s390"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-manual-0:2.0.52-48.ent.s390x"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-manual-0:2.0.52-48.ent.x86_64"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-suexec-0:2.0.52-48.ent.i386"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-suexec-0:2.0.52-48.ent.ia64"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-suexec-0:2.0.52-48.ent.ppc"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-suexec-0:2.0.52-48.ent.s390"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-suexec-0:2.0.52-48.ent.s390x"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:httpd-suexec-0:2.0.52-48.ent.x86_64"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:mod_ssl-1:2.0.52-48.ent.i386"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:mod_ssl-1:2.0.52-48.ent.ia64"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:mod_ssl-1:2.0.52-48.ent.ppc"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:mod_ssl-1:2.0.52-48.ent.s390"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:mod_ssl-1:2.0.52-48.ent.s390x"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:mod_ssl-1:2.0.52-48.ent.x86_64"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-0:2.0.52-48.ent.i386"
},
"product_reference": "httpd-0:2.0.52-48.ent.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-0:2.0.52-48.ent.ia64"
},
"product_reference": "httpd-0:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-0:2.0.52-48.ent.ppc"
},
"product_reference": "httpd-0:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-0:2.0.52-48.ent.s390"
},
"product_reference": "httpd-0:2.0.52-48.ent.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-0:2.0.52-48.ent.s390x"
},
"product_reference": "httpd-0:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-0:2.0.52-48.ent.src"
},
"product_reference": "httpd-0:2.0.52-48.ent.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-0:2.0.52-48.ent.x86_64"
},
"product_reference": "httpd-0:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-debuginfo-0:2.0.52-48.ent.i386"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-debuginfo-0:2.0.52-48.ent.ia64"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-debuginfo-0:2.0.52-48.ent.ppc"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-debuginfo-0:2.0.52-48.ent.s390"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-debuginfo-0:2.0.52-48.ent.s390x"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-debuginfo-0:2.0.52-48.ent.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-devel-0:2.0.52-48.ent.i386"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-devel-0:2.0.52-48.ent.ia64"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-devel-0:2.0.52-48.ent.ppc"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-devel-0:2.0.52-48.ent.s390"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-devel-0:2.0.52-48.ent.s390x"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-devel-0:2.0.52-48.ent.x86_64"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-manual-0:2.0.52-48.ent.i386"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-manual-0:2.0.52-48.ent.ia64"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-manual-0:2.0.52-48.ent.ppc"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-manual-0:2.0.52-48.ent.s390"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-manual-0:2.0.52-48.ent.s390x"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-manual-0:2.0.52-48.ent.x86_64"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-suexec-0:2.0.52-48.ent.i386"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-suexec-0:2.0.52-48.ent.ia64"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-suexec-0:2.0.52-48.ent.ppc"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-suexec-0:2.0.52-48.ent.s390"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-suexec-0:2.0.52-48.ent.s390x"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:httpd-suexec-0:2.0.52-48.ent.x86_64"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:mod_ssl-1:2.0.52-48.ent.i386"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:mod_ssl-1:2.0.52-48.ent.ia64"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:mod_ssl-1:2.0.52-48.ent.ppc"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:mod_ssl-1:2.0.52-48.ent.s390"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:mod_ssl-1:2.0.52-48.ent.s390x"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:mod_ssl-1:2.0.52-48.ent.x86_64"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-0:2.0.52-48.ent.i386"
},
"product_reference": "httpd-0:2.0.52-48.ent.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-0:2.0.52-48.ent.ia64"
},
"product_reference": "httpd-0:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-0:2.0.52-48.ent.ppc"
},
"product_reference": "httpd-0:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-0:2.0.52-48.ent.s390"
},
"product_reference": "httpd-0:2.0.52-48.ent.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-0:2.0.52-48.ent.s390x"
},
"product_reference": "httpd-0:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-0:2.0.52-48.ent.src"
},
"product_reference": "httpd-0:2.0.52-48.ent.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-0:2.0.52-48.ent.x86_64"
},
"product_reference": "httpd-0:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-debuginfo-0:2.0.52-48.ent.i386"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-debuginfo-0:2.0.52-48.ent.ia64"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-debuginfo-0:2.0.52-48.ent.ppc"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-debuginfo-0:2.0.52-48.ent.s390"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-debuginfo-0:2.0.52-48.ent.s390x"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-debuginfo-0:2.0.52-48.ent.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-devel-0:2.0.52-48.ent.i386"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-devel-0:2.0.52-48.ent.ia64"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-devel-0:2.0.52-48.ent.ppc"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-devel-0:2.0.52-48.ent.s390"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-devel-0:2.0.52-48.ent.s390x"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-devel-0:2.0.52-48.ent.x86_64"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-manual-0:2.0.52-48.ent.i386"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-manual-0:2.0.52-48.ent.ia64"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-manual-0:2.0.52-48.ent.ppc"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-manual-0:2.0.52-48.ent.s390"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-manual-0:2.0.52-48.ent.s390x"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-manual-0:2.0.52-48.ent.x86_64"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-suexec-0:2.0.52-48.ent.i386"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-suexec-0:2.0.52-48.ent.ia64"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-suexec-0:2.0.52-48.ent.ppc"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-suexec-0:2.0.52-48.ent.s390"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-suexec-0:2.0.52-48.ent.s390x"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:httpd-suexec-0:2.0.52-48.ent.x86_64"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:mod_ssl-1:2.0.52-48.ent.i386"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:mod_ssl-1:2.0.52-48.ent.ia64"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:mod_ssl-1:2.0.52-48.ent.ppc"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:mod_ssl-1:2.0.52-48.ent.s390"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:mod_ssl-1:2.0.52-48.ent.s390x"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:mod_ssl-1:2.0.52-48.ent.x86_64"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-0:2.0.52-48.ent.i386"
},
"product_reference": "httpd-0:2.0.52-48.ent.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-0:2.0.52-48.ent.ia64"
},
"product_reference": "httpd-0:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-0:2.0.52-48.ent.ppc"
},
"product_reference": "httpd-0:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-0:2.0.52-48.ent.s390"
},
"product_reference": "httpd-0:2.0.52-48.ent.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-0:2.0.52-48.ent.s390x"
},
"product_reference": "httpd-0:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-0:2.0.52-48.ent.src"
},
"product_reference": "httpd-0:2.0.52-48.ent.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-0:2.0.52-48.ent.x86_64"
},
"product_reference": "httpd-0:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-debuginfo-0:2.0.52-48.ent.i386"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-debuginfo-0:2.0.52-48.ent.ia64"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-debuginfo-0:2.0.52-48.ent.ppc"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-debuginfo-0:2.0.52-48.ent.s390"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-debuginfo-0:2.0.52-48.ent.s390x"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-debuginfo-0:2.0.52-48.ent.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-devel-0:2.0.52-48.ent.i386"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-devel-0:2.0.52-48.ent.ia64"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-devel-0:2.0.52-48.ent.ppc"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-devel-0:2.0.52-48.ent.s390"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-devel-0:2.0.52-48.ent.s390x"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-devel-0:2.0.52-48.ent.x86_64"
},
"product_reference": "httpd-devel-0:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-manual-0:2.0.52-48.ent.i386"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-manual-0:2.0.52-48.ent.ia64"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-manual-0:2.0.52-48.ent.ppc"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-manual-0:2.0.52-48.ent.s390"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-manual-0:2.0.52-48.ent.s390x"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-manual-0:2.0.52-48.ent.x86_64"
},
"product_reference": "httpd-manual-0:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-suexec-0:2.0.52-48.ent.i386"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-suexec-0:2.0.52-48.ent.ia64"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-suexec-0:2.0.52-48.ent.ppc"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-suexec-0:2.0.52-48.ent.s390"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-suexec-0:2.0.52-48.ent.s390x"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-suexec-0:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:httpd-suexec-0:2.0.52-48.ent.x86_64"
},
"product_reference": "httpd-suexec-0:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:mod_ssl-1:2.0.52-48.ent.i386"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:mod_ssl-1:2.0.52-48.ent.ia64"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:mod_ssl-1:2.0.52-48.ent.ppc"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:mod_ssl-1:2.0.52-48.ent.s390"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:mod_ssl-1:2.0.52-48.ent.s390x"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.52-48.ent.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:mod_ssl-1:2.0.52-48.ent.x86_64"
},
"product_reference": "mod_ssl-1:2.0.52-48.ent.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-53.el5_7.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.i386"
},
"product_reference": "httpd-0:2.2.3-53.el5_7.1.i386",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-53.el5_7.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ia64"
},
"product_reference": "httpd-0:2.2.3-53.el5_7.1.ia64",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-53.el5_7.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ppc"
},
"product_reference": "httpd-0:2.2.3-53.el5_7.1.ppc",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-53.el5_7.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.s390x"
},
"product_reference": "httpd-0:2.2.3-53.el5_7.1.s390x",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-53.el5_7.1.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.src"
},
"product_reference": "httpd-0:2.2.3-53.el5_7.1.src",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-53.el5_7.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.x86_64"
},
"product_reference": "httpd-0:2.2.3-53.el5_7.1.x86_64",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.i386"
},
"product_reference": "httpd-debuginfo-0:2.2.3-53.el5_7.1.i386",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ia64"
},
"product_reference": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ia64",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc64",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.3-53.el5_7.1.s390",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.3-53.el5_7.1.s390x",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.3-53.el5_7.1.x86_64",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.i386"
},
"product_reference": "httpd-devel-0:2.2.3-53.el5_7.1.i386",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ia64"
},
"product_reference": "httpd-devel-0:2.2.3-53.el5_7.1.ia64",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc"
},
"product_reference": "httpd-devel-0:2.2.3-53.el5_7.1.ppc",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc64"
},
"product_reference": "httpd-devel-0:2.2.3-53.el5_7.1.ppc64",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390"
},
"product_reference": "httpd-devel-0:2.2.3-53.el5_7.1.s390",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390x"
},
"product_reference": "httpd-devel-0:2.2.3-53.el5_7.1.s390x",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.x86_64"
},
"product_reference": "httpd-devel-0:2.2.3-53.el5_7.1.x86_64",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.3-53.el5_7.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.i386"
},
"product_reference": "httpd-manual-0:2.2.3-53.el5_7.1.i386",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.3-53.el5_7.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ia64"
},
"product_reference": "httpd-manual-0:2.2.3-53.el5_7.1.ia64",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.3-53.el5_7.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ppc"
},
"product_reference": "httpd-manual-0:2.2.3-53.el5_7.1.ppc",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.3-53.el5_7.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.s390x"
},
"product_reference": "httpd-manual-0:2.2.3-53.el5_7.1.s390x",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.3-53.el5_7.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.x86_64"
},
"product_reference": "httpd-manual-0:2.2.3-53.el5_7.1.x86_64",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.3-53.el5_7.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.i386"
},
"product_reference": "mod_ssl-1:2.2.3-53.el5_7.1.i386",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.3-53.el5_7.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ia64"
},
"product_reference": "mod_ssl-1:2.2.3-53.el5_7.1.ia64",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.3-53.el5_7.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ppc"
},
"product_reference": "mod_ssl-1:2.2.3-53.el5_7.1.ppc",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.3-53.el5_7.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.s390x"
},
"product_reference": "mod_ssl-1:2.2.3-53.el5_7.1.s390x",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.3-53.el5_7.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.x86_64"
},
"product_reference": "mod_ssl-1:2.2.3-53.el5_7.1.x86_64",
"relates_to_product_reference": "5Client-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-53.el5_7.1.i386 as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.i386"
},
"product_reference": "httpd-0:2.2.3-53.el5_7.1.i386",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-53.el5_7.1.ia64 as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ia64"
},
"product_reference": "httpd-0:2.2.3-53.el5_7.1.ia64",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-53.el5_7.1.ppc as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ppc"
},
"product_reference": "httpd-0:2.2.3-53.el5_7.1.ppc",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-53.el5_7.1.s390x as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.s390x"
},
"product_reference": "httpd-0:2.2.3-53.el5_7.1.s390x",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-53.el5_7.1.src as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.src"
},
"product_reference": "httpd-0:2.2.3-53.el5_7.1.src",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-53.el5_7.1.x86_64 as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.x86_64"
},
"product_reference": "httpd-0:2.2.3-53.el5_7.1.x86_64",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.i386 as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.i386"
},
"product_reference": "httpd-debuginfo-0:2.2.3-53.el5_7.1.i386",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ia64 as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ia64"
},
"product_reference": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ia64",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc64 as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc64",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.s390 as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.3-53.el5_7.1.s390",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.s390x as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.3-53.el5_7.1.s390x",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.x86_64 as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.3-53.el5_7.1.x86_64",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.i386 as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.i386"
},
"product_reference": "httpd-devel-0:2.2.3-53.el5_7.1.i386",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.ia64 as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ia64"
},
"product_reference": "httpd-devel-0:2.2.3-53.el5_7.1.ia64",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.ppc as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc"
},
"product_reference": "httpd-devel-0:2.2.3-53.el5_7.1.ppc",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.ppc64 as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc64"
},
"product_reference": "httpd-devel-0:2.2.3-53.el5_7.1.ppc64",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.s390 as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390"
},
"product_reference": "httpd-devel-0:2.2.3-53.el5_7.1.s390",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.s390x as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390x"
},
"product_reference": "httpd-devel-0:2.2.3-53.el5_7.1.s390x",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.x86_64 as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.x86_64"
},
"product_reference": "httpd-devel-0:2.2.3-53.el5_7.1.x86_64",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.3-53.el5_7.1.i386 as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.i386"
},
"product_reference": "httpd-manual-0:2.2.3-53.el5_7.1.i386",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.3-53.el5_7.1.ia64 as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ia64"
},
"product_reference": "httpd-manual-0:2.2.3-53.el5_7.1.ia64",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.3-53.el5_7.1.ppc as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ppc"
},
"product_reference": "httpd-manual-0:2.2.3-53.el5_7.1.ppc",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.3-53.el5_7.1.s390x as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.s390x"
},
"product_reference": "httpd-manual-0:2.2.3-53.el5_7.1.s390x",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.3-53.el5_7.1.x86_64 as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.x86_64"
},
"product_reference": "httpd-manual-0:2.2.3-53.el5_7.1.x86_64",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.3-53.el5_7.1.i386 as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.i386"
},
"product_reference": "mod_ssl-1:2.2.3-53.el5_7.1.i386",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.3-53.el5_7.1.ia64 as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ia64"
},
"product_reference": "mod_ssl-1:2.2.3-53.el5_7.1.ia64",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.3-53.el5_7.1.ppc as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ppc"
},
"product_reference": "mod_ssl-1:2.2.3-53.el5_7.1.ppc",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.3-53.el5_7.1.s390x as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.s390x"
},
"product_reference": "mod_ssl-1:2.2.3-53.el5_7.1.s390x",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.3-53.el5_7.1.x86_64 as a component of RHEL Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.x86_64"
},
"product_reference": "mod_ssl-1:2.2.3-53.el5_7.1.x86_64",
"relates_to_product_reference": "5Client-Workstation-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-53.el5_7.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.i386"
},
"product_reference": "httpd-0:2.2.3-53.el5_7.1.i386",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-53.el5_7.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ia64"
},
"product_reference": "httpd-0:2.2.3-53.el5_7.1.ia64",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-53.el5_7.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ppc"
},
"product_reference": "httpd-0:2.2.3-53.el5_7.1.ppc",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-53.el5_7.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.s390x"
},
"product_reference": "httpd-0:2.2.3-53.el5_7.1.s390x",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-53.el5_7.1.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.src"
},
"product_reference": "httpd-0:2.2.3-53.el5_7.1.src",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.3-53.el5_7.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.x86_64"
},
"product_reference": "httpd-0:2.2.3-53.el5_7.1.x86_64",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.i386"
},
"product_reference": "httpd-debuginfo-0:2.2.3-53.el5_7.1.i386",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ia64"
},
"product_reference": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ia64",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc64",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.3-53.el5_7.1.s390",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.3-53.el5_7.1.s390x",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.3-53.el5_7.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.3-53.el5_7.1.x86_64",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.i386"
},
"product_reference": "httpd-devel-0:2.2.3-53.el5_7.1.i386",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ia64"
},
"product_reference": "httpd-devel-0:2.2.3-53.el5_7.1.ia64",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc"
},
"product_reference": "httpd-devel-0:2.2.3-53.el5_7.1.ppc",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc64"
},
"product_reference": "httpd-devel-0:2.2.3-53.el5_7.1.ppc64",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390"
},
"product_reference": "httpd-devel-0:2.2.3-53.el5_7.1.s390",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390x"
},
"product_reference": "httpd-devel-0:2.2.3-53.el5_7.1.s390x",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.3-53.el5_7.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.x86_64"
},
"product_reference": "httpd-devel-0:2.2.3-53.el5_7.1.x86_64",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.3-53.el5_7.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.i386"
},
"product_reference": "httpd-manual-0:2.2.3-53.el5_7.1.i386",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.3-53.el5_7.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ia64"
},
"product_reference": "httpd-manual-0:2.2.3-53.el5_7.1.ia64",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.3-53.el5_7.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ppc"
},
"product_reference": "httpd-manual-0:2.2.3-53.el5_7.1.ppc",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.3-53.el5_7.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.s390x"
},
"product_reference": "httpd-manual-0:2.2.3-53.el5_7.1.s390x",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.3-53.el5_7.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.x86_64"
},
"product_reference": "httpd-manual-0:2.2.3-53.el5_7.1.x86_64",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.3-53.el5_7.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.i386"
},
"product_reference": "mod_ssl-1:2.2.3-53.el5_7.1.i386",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.3-53.el5_7.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ia64"
},
"product_reference": "mod_ssl-1:2.2.3-53.el5_7.1.ia64",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.3-53.el5_7.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ppc"
},
"product_reference": "mod_ssl-1:2.2.3-53.el5_7.1.ppc",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.3-53.el5_7.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.s390x"
},
"product_reference": "mod_ssl-1:2.2.3-53.el5_7.1.s390x",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.3-53.el5_7.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.x86_64"
},
"product_reference": "mod_ssl-1:2.2.3-53.el5_7.1.x86_64",
"relates_to_product_reference": "5Server-5.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-9.el6_1.2.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:httpd-0:2.2.15-9.el6_1.2.i686"
},
"product_reference": "httpd-0:2.2.15-9.el6_1.2.i686",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-9.el6_1.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:httpd-0:2.2.15-9.el6_1.2.ppc64"
},
"product_reference": "httpd-0:2.2.15-9.el6_1.2.ppc64",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-9.el6_1.2.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:httpd-0:2.2.15-9.el6_1.2.s390x"
},
"product_reference": "httpd-0:2.2.15-9.el6_1.2.s390x",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-9.el6_1.2.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:httpd-0:2.2.15-9.el6_1.2.src"
},
"product_reference": "httpd-0:2.2.15-9.el6_1.2.src",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-9.el6_1.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:httpd-0:2.2.15-9.el6_1.2.x86_64"
},
"product_reference": "httpd-0:2.2.15-9.el6_1.2.x86_64",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-9.el6_1.2.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-9.el6_1.2.i686",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-9.el6_1.2.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-9.el6_1.2.ppc",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-9.el6_1.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-9.el6_1.2.ppc64",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-9.el6_1.2.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-9.el6_1.2.s390",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-9.el6_1.2.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-9.el6_1.2.s390x",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-9.el6_1.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-9.el6_1.2.x86_64",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-9.el6_1.2.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.i686"
},
"product_reference": "httpd-devel-0:2.2.15-9.el6_1.2.i686",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-9.el6_1.2.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-9.el6_1.2.ppc",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-9.el6_1.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-9.el6_1.2.ppc64",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-9.el6_1.2.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.s390"
},
"product_reference": "httpd-devel-0:2.2.15-9.el6_1.2.s390",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-9.el6_1.2.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-9.el6_1.2.s390x",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-9.el6_1.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-9.el6_1.2.x86_64",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-9.el6_1.2.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:httpd-manual-0:2.2.15-9.el6_1.2.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-9.el6_1.2.noarch",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-9.el6_1.2.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:httpd-tools-0:2.2.15-9.el6_1.2.i686"
},
"product_reference": "httpd-tools-0:2.2.15-9.el6_1.2.i686",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-9.el6_1.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:httpd-tools-0:2.2.15-9.el6_1.2.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-9.el6_1.2.ppc64",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-9.el6_1.2.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:httpd-tools-0:2.2.15-9.el6_1.2.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-9.el6_1.2.s390x",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-9.el6_1.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:httpd-tools-0:2.2.15-9.el6_1.2.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-9.el6_1.2.x86_64",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-9.el6_1.2.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:mod_ssl-1:2.2.15-9.el6_1.2.i686"
},
"product_reference": "mod_ssl-1:2.2.15-9.el6_1.2.i686",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-9.el6_1.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:mod_ssl-1:2.2.15-9.el6_1.2.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-9.el6_1.2.ppc64",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-9.el6_1.2.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:mod_ssl-1:2.2.15-9.el6_1.2.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-9.el6_1.2.s390x",
"relates_to_product_reference": "6Server-6.1.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-9.el6_1.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.1.z:mod_ssl-1:2.2.15-9.el6_1.2.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-9.el6_1.2.x86_64",
"relates_to_product_reference": "6Server-6.1.z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2011-3192",
"discovery_date": "2011-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "732928"
}
],
"notes": [
{
"category": "description",
"text": "The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: multiple ranges DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Before updated packages are deployed, users can deploy configuration changes to mitigate this flaw:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3192#c18",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS:httpd-0:2.0.52-48.ent.i386",
"4AS:httpd-0:2.0.52-48.ent.ia64",
"4AS:httpd-0:2.0.52-48.ent.ppc",
"4AS:httpd-0:2.0.52-48.ent.s390",
"4AS:httpd-0:2.0.52-48.ent.s390x",
"4AS:httpd-0:2.0.52-48.ent.src",
"4AS:httpd-0:2.0.52-48.ent.x86_64",
"4AS:httpd-debuginfo-0:2.0.52-48.ent.i386",
"4AS:httpd-debuginfo-0:2.0.52-48.ent.ia64",
"4AS:httpd-debuginfo-0:2.0.52-48.ent.ppc",
"4AS:httpd-debuginfo-0:2.0.52-48.ent.s390",
"4AS:httpd-debuginfo-0:2.0.52-48.ent.s390x",
"4AS:httpd-debuginfo-0:2.0.52-48.ent.x86_64",
"4AS:httpd-devel-0:2.0.52-48.ent.i386",
"4AS:httpd-devel-0:2.0.52-48.ent.ia64",
"4AS:httpd-devel-0:2.0.52-48.ent.ppc",
"4AS:httpd-devel-0:2.0.52-48.ent.s390",
"4AS:httpd-devel-0:2.0.52-48.ent.s390x",
"4AS:httpd-devel-0:2.0.52-48.ent.x86_64",
"4AS:httpd-manual-0:2.0.52-48.ent.i386",
"4AS:httpd-manual-0:2.0.52-48.ent.ia64",
"4AS:httpd-manual-0:2.0.52-48.ent.ppc",
"4AS:httpd-manual-0:2.0.52-48.ent.s390",
"4AS:httpd-manual-0:2.0.52-48.ent.s390x",
"4AS:httpd-manual-0:2.0.52-48.ent.x86_64",
"4AS:httpd-suexec-0:2.0.52-48.ent.i386",
"4AS:httpd-suexec-0:2.0.52-48.ent.ia64",
"4AS:httpd-suexec-0:2.0.52-48.ent.ppc",
"4AS:httpd-suexec-0:2.0.52-48.ent.s390",
"4AS:httpd-suexec-0:2.0.52-48.ent.s390x",
"4AS:httpd-suexec-0:2.0.52-48.ent.x86_64",
"4AS:mod_ssl-1:2.0.52-48.ent.i386",
"4AS:mod_ssl-1:2.0.52-48.ent.ia64",
"4AS:mod_ssl-1:2.0.52-48.ent.ppc",
"4AS:mod_ssl-1:2.0.52-48.ent.s390",
"4AS:mod_ssl-1:2.0.52-48.ent.s390x",
"4AS:mod_ssl-1:2.0.52-48.ent.x86_64",
"4Desktop:httpd-0:2.0.52-48.ent.i386",
"4Desktop:httpd-0:2.0.52-48.ent.ia64",
"4Desktop:httpd-0:2.0.52-48.ent.ppc",
"4Desktop:httpd-0:2.0.52-48.ent.s390",
"4Desktop:httpd-0:2.0.52-48.ent.s390x",
"4Desktop:httpd-0:2.0.52-48.ent.src",
"4Desktop:httpd-0:2.0.52-48.ent.x86_64",
"4Desktop:httpd-debuginfo-0:2.0.52-48.ent.i386",
"4Desktop:httpd-debuginfo-0:2.0.52-48.ent.ia64",
"4Desktop:httpd-debuginfo-0:2.0.52-48.ent.ppc",
"4Desktop:httpd-debuginfo-0:2.0.52-48.ent.s390",
"4Desktop:httpd-debuginfo-0:2.0.52-48.ent.s390x",
"4Desktop:httpd-debuginfo-0:2.0.52-48.ent.x86_64",
"4Desktop:httpd-devel-0:2.0.52-48.ent.i386",
"4Desktop:httpd-devel-0:2.0.52-48.ent.ia64",
"4Desktop:httpd-devel-0:2.0.52-48.ent.ppc",
"4Desktop:httpd-devel-0:2.0.52-48.ent.s390",
"4Desktop:httpd-devel-0:2.0.52-48.ent.s390x",
"4Desktop:httpd-devel-0:2.0.52-48.ent.x86_64",
"4Desktop:httpd-manual-0:2.0.52-48.ent.i386",
"4Desktop:httpd-manual-0:2.0.52-48.ent.ia64",
"4Desktop:httpd-manual-0:2.0.52-48.ent.ppc",
"4Desktop:httpd-manual-0:2.0.52-48.ent.s390",
"4Desktop:httpd-manual-0:2.0.52-48.ent.s390x",
"4Desktop:httpd-manual-0:2.0.52-48.ent.x86_64",
"4Desktop:httpd-suexec-0:2.0.52-48.ent.i386",
"4Desktop:httpd-suexec-0:2.0.52-48.ent.ia64",
"4Desktop:httpd-suexec-0:2.0.52-48.ent.ppc",
"4Desktop:httpd-suexec-0:2.0.52-48.ent.s390",
"4Desktop:httpd-suexec-0:2.0.52-48.ent.s390x",
"4Desktop:httpd-suexec-0:2.0.52-48.ent.x86_64",
"4Desktop:mod_ssl-1:2.0.52-48.ent.i386",
"4Desktop:mod_ssl-1:2.0.52-48.ent.ia64",
"4Desktop:mod_ssl-1:2.0.52-48.ent.ppc",
"4Desktop:mod_ssl-1:2.0.52-48.ent.s390",
"4Desktop:mod_ssl-1:2.0.52-48.ent.s390x",
"4Desktop:mod_ssl-1:2.0.52-48.ent.x86_64",
"4ES:httpd-0:2.0.52-48.ent.i386",
"4ES:httpd-0:2.0.52-48.ent.ia64",
"4ES:httpd-0:2.0.52-48.ent.ppc",
"4ES:httpd-0:2.0.52-48.ent.s390",
"4ES:httpd-0:2.0.52-48.ent.s390x",
"4ES:httpd-0:2.0.52-48.ent.src",
"4ES:httpd-0:2.0.52-48.ent.x86_64",
"4ES:httpd-debuginfo-0:2.0.52-48.ent.i386",
"4ES:httpd-debuginfo-0:2.0.52-48.ent.ia64",
"4ES:httpd-debuginfo-0:2.0.52-48.ent.ppc",
"4ES:httpd-debuginfo-0:2.0.52-48.ent.s390",
"4ES:httpd-debuginfo-0:2.0.52-48.ent.s390x",
"4ES:httpd-debuginfo-0:2.0.52-48.ent.x86_64",
"4ES:httpd-devel-0:2.0.52-48.ent.i386",
"4ES:httpd-devel-0:2.0.52-48.ent.ia64",
"4ES:httpd-devel-0:2.0.52-48.ent.ppc",
"4ES:httpd-devel-0:2.0.52-48.ent.s390",
"4ES:httpd-devel-0:2.0.52-48.ent.s390x",
"4ES:httpd-devel-0:2.0.52-48.ent.x86_64",
"4ES:httpd-manual-0:2.0.52-48.ent.i386",
"4ES:httpd-manual-0:2.0.52-48.ent.ia64",
"4ES:httpd-manual-0:2.0.52-48.ent.ppc",
"4ES:httpd-manual-0:2.0.52-48.ent.s390",
"4ES:httpd-manual-0:2.0.52-48.ent.s390x",
"4ES:httpd-manual-0:2.0.52-48.ent.x86_64",
"4ES:httpd-suexec-0:2.0.52-48.ent.i386",
"4ES:httpd-suexec-0:2.0.52-48.ent.ia64",
"4ES:httpd-suexec-0:2.0.52-48.ent.ppc",
"4ES:httpd-suexec-0:2.0.52-48.ent.s390",
"4ES:httpd-suexec-0:2.0.52-48.ent.s390x",
"4ES:httpd-suexec-0:2.0.52-48.ent.x86_64",
"4ES:mod_ssl-1:2.0.52-48.ent.i386",
"4ES:mod_ssl-1:2.0.52-48.ent.ia64",
"4ES:mod_ssl-1:2.0.52-48.ent.ppc",
"4ES:mod_ssl-1:2.0.52-48.ent.s390",
"4ES:mod_ssl-1:2.0.52-48.ent.s390x",
"4ES:mod_ssl-1:2.0.52-48.ent.x86_64",
"4WS:httpd-0:2.0.52-48.ent.i386",
"4WS:httpd-0:2.0.52-48.ent.ia64",
"4WS:httpd-0:2.0.52-48.ent.ppc",
"4WS:httpd-0:2.0.52-48.ent.s390",
"4WS:httpd-0:2.0.52-48.ent.s390x",
"4WS:httpd-0:2.0.52-48.ent.src",
"4WS:httpd-0:2.0.52-48.ent.x86_64",
"4WS:httpd-debuginfo-0:2.0.52-48.ent.i386",
"4WS:httpd-debuginfo-0:2.0.52-48.ent.ia64",
"4WS:httpd-debuginfo-0:2.0.52-48.ent.ppc",
"4WS:httpd-debuginfo-0:2.0.52-48.ent.s390",
"4WS:httpd-debuginfo-0:2.0.52-48.ent.s390x",
"4WS:httpd-debuginfo-0:2.0.52-48.ent.x86_64",
"4WS:httpd-devel-0:2.0.52-48.ent.i386",
"4WS:httpd-devel-0:2.0.52-48.ent.ia64",
"4WS:httpd-devel-0:2.0.52-48.ent.ppc",
"4WS:httpd-devel-0:2.0.52-48.ent.s390",
"4WS:httpd-devel-0:2.0.52-48.ent.s390x",
"4WS:httpd-devel-0:2.0.52-48.ent.x86_64",
"4WS:httpd-manual-0:2.0.52-48.ent.i386",
"4WS:httpd-manual-0:2.0.52-48.ent.ia64",
"4WS:httpd-manual-0:2.0.52-48.ent.ppc",
"4WS:httpd-manual-0:2.0.52-48.ent.s390",
"4WS:httpd-manual-0:2.0.52-48.ent.s390x",
"4WS:httpd-manual-0:2.0.52-48.ent.x86_64",
"4WS:httpd-suexec-0:2.0.52-48.ent.i386",
"4WS:httpd-suexec-0:2.0.52-48.ent.ia64",
"4WS:httpd-suexec-0:2.0.52-48.ent.ppc",
"4WS:httpd-suexec-0:2.0.52-48.ent.s390",
"4WS:httpd-suexec-0:2.0.52-48.ent.s390x",
"4WS:httpd-suexec-0:2.0.52-48.ent.x86_64",
"4WS:mod_ssl-1:2.0.52-48.ent.i386",
"4WS:mod_ssl-1:2.0.52-48.ent.ia64",
"4WS:mod_ssl-1:2.0.52-48.ent.ppc",
"4WS:mod_ssl-1:2.0.52-48.ent.s390",
"4WS:mod_ssl-1:2.0.52-48.ent.s390x",
"4WS:mod_ssl-1:2.0.52-48.ent.x86_64",
"5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.i386",
"5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ia64",
"5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ppc",
"5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.s390x",
"5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.src",
"5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.x86_64",
"5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.i386",
"5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ia64",
"5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc",
"5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc64",
"5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390",
"5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390x",
"5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.x86_64",
"5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.i386",
"5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ia64",
"5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc",
"5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc64",
"5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390",
"5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390x",
"5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.x86_64",
"5Client-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.i386",
"5Client-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ia64",
"5Client-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ppc",
"5Client-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.s390x",
"5Client-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.x86_64",
"5Client-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.i386",
"5Client-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ia64",
"5Client-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ppc",
"5Client-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.s390x",
"5Client-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.x86_64",
"5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.i386",
"5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ia64",
"5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ppc",
"5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.s390x",
"5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.src",
"5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.x86_64",
"5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.i386",
"5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ia64",
"5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc",
"5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc64",
"5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390",
"5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390x",
"5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.x86_64",
"5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.i386",
"5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ia64",
"5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc",
"5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc64",
"5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390",
"5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390x",
"5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.x86_64",
"5Client-Workstation-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.i386",
"5Client-Workstation-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ia64",
"5Client-Workstation-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ppc",
"5Client-Workstation-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.s390x",
"5Client-Workstation-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.x86_64",
"5Client-Workstation-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.i386",
"5Client-Workstation-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ia64",
"5Client-Workstation-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ppc",
"5Client-Workstation-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.s390x",
"5Client-Workstation-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.x86_64",
"5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.i386",
"5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ia64",
"5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ppc",
"5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.s390x",
"5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.src",
"5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.x86_64",
"5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.i386",
"5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ia64",
"5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc",
"5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc64",
"5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390",
"5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390x",
"5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.x86_64",
"5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.i386",
"5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ia64",
"5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc",
"5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc64",
"5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390",
"5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390x",
"5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.x86_64",
"5Server-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.i386",
"5Server-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ia64",
"5Server-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ppc",
"5Server-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.s390x",
"5Server-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.x86_64",
"5Server-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.i386",
"5Server-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ia64",
"5Server-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ppc",
"5Server-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.s390x",
"5Server-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.x86_64",
"6Server-6.1.z:httpd-0:2.2.15-9.el6_1.2.i686",
"6Server-6.1.z:httpd-0:2.2.15-9.el6_1.2.ppc64",
"6Server-6.1.z:httpd-0:2.2.15-9.el6_1.2.s390x",
"6Server-6.1.z:httpd-0:2.2.15-9.el6_1.2.src",
"6Server-6.1.z:httpd-0:2.2.15-9.el6_1.2.x86_64",
"6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.i686",
"6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.ppc",
"6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.ppc64",
"6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.s390",
"6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.s390x",
"6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.x86_64",
"6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.i686",
"6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.ppc",
"6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.ppc64",
"6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.s390",
"6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.s390x",
"6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.x86_64",
"6Server-6.1.z:httpd-manual-0:2.2.15-9.el6_1.2.noarch",
"6Server-6.1.z:httpd-tools-0:2.2.15-9.el6_1.2.i686",
"6Server-6.1.z:httpd-tools-0:2.2.15-9.el6_1.2.ppc64",
"6Server-6.1.z:httpd-tools-0:2.2.15-9.el6_1.2.s390x",
"6Server-6.1.z:httpd-tools-0:2.2.15-9.el6_1.2.x86_64",
"6Server-6.1.z:mod_ssl-1:2.2.15-9.el6_1.2.i686",
"6Server-6.1.z:mod_ssl-1:2.2.15-9.el6_1.2.ppc64",
"6Server-6.1.z:mod_ssl-1:2.2.15-9.el6_1.2.s390x",
"6Server-6.1.z:mod_ssl-1:2.2.15-9.el6_1.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-3192"
},
{
"category": "external",
"summary": "RHBZ#732928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-3192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3192"
}
],
"release_date": "2011-08-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-08-31T22:43:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS:httpd-0:2.0.52-48.ent.i386",
"4AS:httpd-0:2.0.52-48.ent.ia64",
"4AS:httpd-0:2.0.52-48.ent.ppc",
"4AS:httpd-0:2.0.52-48.ent.s390",
"4AS:httpd-0:2.0.52-48.ent.s390x",
"4AS:httpd-0:2.0.52-48.ent.src",
"4AS:httpd-0:2.0.52-48.ent.x86_64",
"4AS:httpd-debuginfo-0:2.0.52-48.ent.i386",
"4AS:httpd-debuginfo-0:2.0.52-48.ent.ia64",
"4AS:httpd-debuginfo-0:2.0.52-48.ent.ppc",
"4AS:httpd-debuginfo-0:2.0.52-48.ent.s390",
"4AS:httpd-debuginfo-0:2.0.52-48.ent.s390x",
"4AS:httpd-debuginfo-0:2.0.52-48.ent.x86_64",
"4AS:httpd-devel-0:2.0.52-48.ent.i386",
"4AS:httpd-devel-0:2.0.52-48.ent.ia64",
"4AS:httpd-devel-0:2.0.52-48.ent.ppc",
"4AS:httpd-devel-0:2.0.52-48.ent.s390",
"4AS:httpd-devel-0:2.0.52-48.ent.s390x",
"4AS:httpd-devel-0:2.0.52-48.ent.x86_64",
"4AS:httpd-manual-0:2.0.52-48.ent.i386",
"4AS:httpd-manual-0:2.0.52-48.ent.ia64",
"4AS:httpd-manual-0:2.0.52-48.ent.ppc",
"4AS:httpd-manual-0:2.0.52-48.ent.s390",
"4AS:httpd-manual-0:2.0.52-48.ent.s390x",
"4AS:httpd-manual-0:2.0.52-48.ent.x86_64",
"4AS:httpd-suexec-0:2.0.52-48.ent.i386",
"4AS:httpd-suexec-0:2.0.52-48.ent.ia64",
"4AS:httpd-suexec-0:2.0.52-48.ent.ppc",
"4AS:httpd-suexec-0:2.0.52-48.ent.s390",
"4AS:httpd-suexec-0:2.0.52-48.ent.s390x",
"4AS:httpd-suexec-0:2.0.52-48.ent.x86_64",
"4AS:mod_ssl-1:2.0.52-48.ent.i386",
"4AS:mod_ssl-1:2.0.52-48.ent.ia64",
"4AS:mod_ssl-1:2.0.52-48.ent.ppc",
"4AS:mod_ssl-1:2.0.52-48.ent.s390",
"4AS:mod_ssl-1:2.0.52-48.ent.s390x",
"4AS:mod_ssl-1:2.0.52-48.ent.x86_64",
"4Desktop:httpd-0:2.0.52-48.ent.i386",
"4Desktop:httpd-0:2.0.52-48.ent.ia64",
"4Desktop:httpd-0:2.0.52-48.ent.ppc",
"4Desktop:httpd-0:2.0.52-48.ent.s390",
"4Desktop:httpd-0:2.0.52-48.ent.s390x",
"4Desktop:httpd-0:2.0.52-48.ent.src",
"4Desktop:httpd-0:2.0.52-48.ent.x86_64",
"4Desktop:httpd-debuginfo-0:2.0.52-48.ent.i386",
"4Desktop:httpd-debuginfo-0:2.0.52-48.ent.ia64",
"4Desktop:httpd-debuginfo-0:2.0.52-48.ent.ppc",
"4Desktop:httpd-debuginfo-0:2.0.52-48.ent.s390",
"4Desktop:httpd-debuginfo-0:2.0.52-48.ent.s390x",
"4Desktop:httpd-debuginfo-0:2.0.52-48.ent.x86_64",
"4Desktop:httpd-devel-0:2.0.52-48.ent.i386",
"4Desktop:httpd-devel-0:2.0.52-48.ent.ia64",
"4Desktop:httpd-devel-0:2.0.52-48.ent.ppc",
"4Desktop:httpd-devel-0:2.0.52-48.ent.s390",
"4Desktop:httpd-devel-0:2.0.52-48.ent.s390x",
"4Desktop:httpd-devel-0:2.0.52-48.ent.x86_64",
"4Desktop:httpd-manual-0:2.0.52-48.ent.i386",
"4Desktop:httpd-manual-0:2.0.52-48.ent.ia64",
"4Desktop:httpd-manual-0:2.0.52-48.ent.ppc",
"4Desktop:httpd-manual-0:2.0.52-48.ent.s390",
"4Desktop:httpd-manual-0:2.0.52-48.ent.s390x",
"4Desktop:httpd-manual-0:2.0.52-48.ent.x86_64",
"4Desktop:httpd-suexec-0:2.0.52-48.ent.i386",
"4Desktop:httpd-suexec-0:2.0.52-48.ent.ia64",
"4Desktop:httpd-suexec-0:2.0.52-48.ent.ppc",
"4Desktop:httpd-suexec-0:2.0.52-48.ent.s390",
"4Desktop:httpd-suexec-0:2.0.52-48.ent.s390x",
"4Desktop:httpd-suexec-0:2.0.52-48.ent.x86_64",
"4Desktop:mod_ssl-1:2.0.52-48.ent.i386",
"4Desktop:mod_ssl-1:2.0.52-48.ent.ia64",
"4Desktop:mod_ssl-1:2.0.52-48.ent.ppc",
"4Desktop:mod_ssl-1:2.0.52-48.ent.s390",
"4Desktop:mod_ssl-1:2.0.52-48.ent.s390x",
"4Desktop:mod_ssl-1:2.0.52-48.ent.x86_64",
"4ES:httpd-0:2.0.52-48.ent.i386",
"4ES:httpd-0:2.0.52-48.ent.ia64",
"4ES:httpd-0:2.0.52-48.ent.ppc",
"4ES:httpd-0:2.0.52-48.ent.s390",
"4ES:httpd-0:2.0.52-48.ent.s390x",
"4ES:httpd-0:2.0.52-48.ent.src",
"4ES:httpd-0:2.0.52-48.ent.x86_64",
"4ES:httpd-debuginfo-0:2.0.52-48.ent.i386",
"4ES:httpd-debuginfo-0:2.0.52-48.ent.ia64",
"4ES:httpd-debuginfo-0:2.0.52-48.ent.ppc",
"4ES:httpd-debuginfo-0:2.0.52-48.ent.s390",
"4ES:httpd-debuginfo-0:2.0.52-48.ent.s390x",
"4ES:httpd-debuginfo-0:2.0.52-48.ent.x86_64",
"4ES:httpd-devel-0:2.0.52-48.ent.i386",
"4ES:httpd-devel-0:2.0.52-48.ent.ia64",
"4ES:httpd-devel-0:2.0.52-48.ent.ppc",
"4ES:httpd-devel-0:2.0.52-48.ent.s390",
"4ES:httpd-devel-0:2.0.52-48.ent.s390x",
"4ES:httpd-devel-0:2.0.52-48.ent.x86_64",
"4ES:httpd-manual-0:2.0.52-48.ent.i386",
"4ES:httpd-manual-0:2.0.52-48.ent.ia64",
"4ES:httpd-manual-0:2.0.52-48.ent.ppc",
"4ES:httpd-manual-0:2.0.52-48.ent.s390",
"4ES:httpd-manual-0:2.0.52-48.ent.s390x",
"4ES:httpd-manual-0:2.0.52-48.ent.x86_64",
"4ES:httpd-suexec-0:2.0.52-48.ent.i386",
"4ES:httpd-suexec-0:2.0.52-48.ent.ia64",
"4ES:httpd-suexec-0:2.0.52-48.ent.ppc",
"4ES:httpd-suexec-0:2.0.52-48.ent.s390",
"4ES:httpd-suexec-0:2.0.52-48.ent.s390x",
"4ES:httpd-suexec-0:2.0.52-48.ent.x86_64",
"4ES:mod_ssl-1:2.0.52-48.ent.i386",
"4ES:mod_ssl-1:2.0.52-48.ent.ia64",
"4ES:mod_ssl-1:2.0.52-48.ent.ppc",
"4ES:mod_ssl-1:2.0.52-48.ent.s390",
"4ES:mod_ssl-1:2.0.52-48.ent.s390x",
"4ES:mod_ssl-1:2.0.52-48.ent.x86_64",
"4WS:httpd-0:2.0.52-48.ent.i386",
"4WS:httpd-0:2.0.52-48.ent.ia64",
"4WS:httpd-0:2.0.52-48.ent.ppc",
"4WS:httpd-0:2.0.52-48.ent.s390",
"4WS:httpd-0:2.0.52-48.ent.s390x",
"4WS:httpd-0:2.0.52-48.ent.src",
"4WS:httpd-0:2.0.52-48.ent.x86_64",
"4WS:httpd-debuginfo-0:2.0.52-48.ent.i386",
"4WS:httpd-debuginfo-0:2.0.52-48.ent.ia64",
"4WS:httpd-debuginfo-0:2.0.52-48.ent.ppc",
"4WS:httpd-debuginfo-0:2.0.52-48.ent.s390",
"4WS:httpd-debuginfo-0:2.0.52-48.ent.s390x",
"4WS:httpd-debuginfo-0:2.0.52-48.ent.x86_64",
"4WS:httpd-devel-0:2.0.52-48.ent.i386",
"4WS:httpd-devel-0:2.0.52-48.ent.ia64",
"4WS:httpd-devel-0:2.0.52-48.ent.ppc",
"4WS:httpd-devel-0:2.0.52-48.ent.s390",
"4WS:httpd-devel-0:2.0.52-48.ent.s390x",
"4WS:httpd-devel-0:2.0.52-48.ent.x86_64",
"4WS:httpd-manual-0:2.0.52-48.ent.i386",
"4WS:httpd-manual-0:2.0.52-48.ent.ia64",
"4WS:httpd-manual-0:2.0.52-48.ent.ppc",
"4WS:httpd-manual-0:2.0.52-48.ent.s390",
"4WS:httpd-manual-0:2.0.52-48.ent.s390x",
"4WS:httpd-manual-0:2.0.52-48.ent.x86_64",
"4WS:httpd-suexec-0:2.0.52-48.ent.i386",
"4WS:httpd-suexec-0:2.0.52-48.ent.ia64",
"4WS:httpd-suexec-0:2.0.52-48.ent.ppc",
"4WS:httpd-suexec-0:2.0.52-48.ent.s390",
"4WS:httpd-suexec-0:2.0.52-48.ent.s390x",
"4WS:httpd-suexec-0:2.0.52-48.ent.x86_64",
"4WS:mod_ssl-1:2.0.52-48.ent.i386",
"4WS:mod_ssl-1:2.0.52-48.ent.ia64",
"4WS:mod_ssl-1:2.0.52-48.ent.ppc",
"4WS:mod_ssl-1:2.0.52-48.ent.s390",
"4WS:mod_ssl-1:2.0.52-48.ent.s390x",
"4WS:mod_ssl-1:2.0.52-48.ent.x86_64",
"5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.i386",
"5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ia64",
"5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ppc",
"5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.s390x",
"5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.src",
"5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.x86_64",
"5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.i386",
"5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ia64",
"5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc",
"5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc64",
"5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390",
"5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390x",
"5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.x86_64",
"5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.i386",
"5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ia64",
"5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc",
"5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc64",
"5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390",
"5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390x",
"5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.x86_64",
"5Client-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.i386",
"5Client-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ia64",
"5Client-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ppc",
"5Client-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.s390x",
"5Client-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.x86_64",
"5Client-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.i386",
"5Client-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ia64",
"5Client-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ppc",
"5Client-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.s390x",
"5Client-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.x86_64",
"5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.i386",
"5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ia64",
"5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ppc",
"5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.s390x",
"5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.src",
"5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.x86_64",
"5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.i386",
"5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ia64",
"5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc",
"5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc64",
"5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390",
"5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390x",
"5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.x86_64",
"5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.i386",
"5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ia64",
"5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc",
"5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc64",
"5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390",
"5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390x",
"5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.x86_64",
"5Client-Workstation-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.i386",
"5Client-Workstation-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ia64",
"5Client-Workstation-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ppc",
"5Client-Workstation-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.s390x",
"5Client-Workstation-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.x86_64",
"5Client-Workstation-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.i386",
"5Client-Workstation-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ia64",
"5Client-Workstation-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ppc",
"5Client-Workstation-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.s390x",
"5Client-Workstation-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.x86_64",
"5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.i386",
"5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ia64",
"5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ppc",
"5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.s390x",
"5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.src",
"5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.x86_64",
"5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.i386",
"5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ia64",
"5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc",
"5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc64",
"5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390",
"5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390x",
"5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.x86_64",
"5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.i386",
"5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ia64",
"5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc",
"5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc64",
"5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390",
"5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390x",
"5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.x86_64",
"5Server-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.i386",
"5Server-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ia64",
"5Server-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ppc",
"5Server-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.s390x",
"5Server-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.x86_64",
"5Server-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.i386",
"5Server-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ia64",
"5Server-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ppc",
"5Server-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.s390x",
"5Server-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.x86_64",
"6Server-6.1.z:httpd-0:2.2.15-9.el6_1.2.i686",
"6Server-6.1.z:httpd-0:2.2.15-9.el6_1.2.ppc64",
"6Server-6.1.z:httpd-0:2.2.15-9.el6_1.2.s390x",
"6Server-6.1.z:httpd-0:2.2.15-9.el6_1.2.src",
"6Server-6.1.z:httpd-0:2.2.15-9.el6_1.2.x86_64",
"6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.i686",
"6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.ppc",
"6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.ppc64",
"6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.s390",
"6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.s390x",
"6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.x86_64",
"6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.i686",
"6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.ppc",
"6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.ppc64",
"6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.s390",
"6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.s390x",
"6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.x86_64",
"6Server-6.1.z:httpd-manual-0:2.2.15-9.el6_1.2.noarch",
"6Server-6.1.z:httpd-tools-0:2.2.15-9.el6_1.2.i686",
"6Server-6.1.z:httpd-tools-0:2.2.15-9.el6_1.2.ppc64",
"6Server-6.1.z:httpd-tools-0:2.2.15-9.el6_1.2.s390x",
"6Server-6.1.z:httpd-tools-0:2.2.15-9.el6_1.2.x86_64",
"6Server-6.1.z:mod_ssl-1:2.2.15-9.el6_1.2.i686",
"6Server-6.1.z:mod_ssl-1:2.2.15-9.el6_1.2.ppc64",
"6Server-6.1.z:mod_ssl-1:2.2.15-9.el6_1.2.s390x",
"6Server-6.1.z:mod_ssl-1:2.2.15-9.el6_1.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1245"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"4AS:httpd-0:2.0.52-48.ent.i386",
"4AS:httpd-0:2.0.52-48.ent.ia64",
"4AS:httpd-0:2.0.52-48.ent.ppc",
"4AS:httpd-0:2.0.52-48.ent.s390",
"4AS:httpd-0:2.0.52-48.ent.s390x",
"4AS:httpd-0:2.0.52-48.ent.src",
"4AS:httpd-0:2.0.52-48.ent.x86_64",
"4AS:httpd-debuginfo-0:2.0.52-48.ent.i386",
"4AS:httpd-debuginfo-0:2.0.52-48.ent.ia64",
"4AS:httpd-debuginfo-0:2.0.52-48.ent.ppc",
"4AS:httpd-debuginfo-0:2.0.52-48.ent.s390",
"4AS:httpd-debuginfo-0:2.0.52-48.ent.s390x",
"4AS:httpd-debuginfo-0:2.0.52-48.ent.x86_64",
"4AS:httpd-devel-0:2.0.52-48.ent.i386",
"4AS:httpd-devel-0:2.0.52-48.ent.ia64",
"4AS:httpd-devel-0:2.0.52-48.ent.ppc",
"4AS:httpd-devel-0:2.0.52-48.ent.s390",
"4AS:httpd-devel-0:2.0.52-48.ent.s390x",
"4AS:httpd-devel-0:2.0.52-48.ent.x86_64",
"4AS:httpd-manual-0:2.0.52-48.ent.i386",
"4AS:httpd-manual-0:2.0.52-48.ent.ia64",
"4AS:httpd-manual-0:2.0.52-48.ent.ppc",
"4AS:httpd-manual-0:2.0.52-48.ent.s390",
"4AS:httpd-manual-0:2.0.52-48.ent.s390x",
"4AS:httpd-manual-0:2.0.52-48.ent.x86_64",
"4AS:httpd-suexec-0:2.0.52-48.ent.i386",
"4AS:httpd-suexec-0:2.0.52-48.ent.ia64",
"4AS:httpd-suexec-0:2.0.52-48.ent.ppc",
"4AS:httpd-suexec-0:2.0.52-48.ent.s390",
"4AS:httpd-suexec-0:2.0.52-48.ent.s390x",
"4AS:httpd-suexec-0:2.0.52-48.ent.x86_64",
"4AS:mod_ssl-1:2.0.52-48.ent.i386",
"4AS:mod_ssl-1:2.0.52-48.ent.ia64",
"4AS:mod_ssl-1:2.0.52-48.ent.ppc",
"4AS:mod_ssl-1:2.0.52-48.ent.s390",
"4AS:mod_ssl-1:2.0.52-48.ent.s390x",
"4AS:mod_ssl-1:2.0.52-48.ent.x86_64",
"4Desktop:httpd-0:2.0.52-48.ent.i386",
"4Desktop:httpd-0:2.0.52-48.ent.ia64",
"4Desktop:httpd-0:2.0.52-48.ent.ppc",
"4Desktop:httpd-0:2.0.52-48.ent.s390",
"4Desktop:httpd-0:2.0.52-48.ent.s390x",
"4Desktop:httpd-0:2.0.52-48.ent.src",
"4Desktop:httpd-0:2.0.52-48.ent.x86_64",
"4Desktop:httpd-debuginfo-0:2.0.52-48.ent.i386",
"4Desktop:httpd-debuginfo-0:2.0.52-48.ent.ia64",
"4Desktop:httpd-debuginfo-0:2.0.52-48.ent.ppc",
"4Desktop:httpd-debuginfo-0:2.0.52-48.ent.s390",
"4Desktop:httpd-debuginfo-0:2.0.52-48.ent.s390x",
"4Desktop:httpd-debuginfo-0:2.0.52-48.ent.x86_64",
"4Desktop:httpd-devel-0:2.0.52-48.ent.i386",
"4Desktop:httpd-devel-0:2.0.52-48.ent.ia64",
"4Desktop:httpd-devel-0:2.0.52-48.ent.ppc",
"4Desktop:httpd-devel-0:2.0.52-48.ent.s390",
"4Desktop:httpd-devel-0:2.0.52-48.ent.s390x",
"4Desktop:httpd-devel-0:2.0.52-48.ent.x86_64",
"4Desktop:httpd-manual-0:2.0.52-48.ent.i386",
"4Desktop:httpd-manual-0:2.0.52-48.ent.ia64",
"4Desktop:httpd-manual-0:2.0.52-48.ent.ppc",
"4Desktop:httpd-manual-0:2.0.52-48.ent.s390",
"4Desktop:httpd-manual-0:2.0.52-48.ent.s390x",
"4Desktop:httpd-manual-0:2.0.52-48.ent.x86_64",
"4Desktop:httpd-suexec-0:2.0.52-48.ent.i386",
"4Desktop:httpd-suexec-0:2.0.52-48.ent.ia64",
"4Desktop:httpd-suexec-0:2.0.52-48.ent.ppc",
"4Desktop:httpd-suexec-0:2.0.52-48.ent.s390",
"4Desktop:httpd-suexec-0:2.0.52-48.ent.s390x",
"4Desktop:httpd-suexec-0:2.0.52-48.ent.x86_64",
"4Desktop:mod_ssl-1:2.0.52-48.ent.i386",
"4Desktop:mod_ssl-1:2.0.52-48.ent.ia64",
"4Desktop:mod_ssl-1:2.0.52-48.ent.ppc",
"4Desktop:mod_ssl-1:2.0.52-48.ent.s390",
"4Desktop:mod_ssl-1:2.0.52-48.ent.s390x",
"4Desktop:mod_ssl-1:2.0.52-48.ent.x86_64",
"4ES:httpd-0:2.0.52-48.ent.i386",
"4ES:httpd-0:2.0.52-48.ent.ia64",
"4ES:httpd-0:2.0.52-48.ent.ppc",
"4ES:httpd-0:2.0.52-48.ent.s390",
"4ES:httpd-0:2.0.52-48.ent.s390x",
"4ES:httpd-0:2.0.52-48.ent.src",
"4ES:httpd-0:2.0.52-48.ent.x86_64",
"4ES:httpd-debuginfo-0:2.0.52-48.ent.i386",
"4ES:httpd-debuginfo-0:2.0.52-48.ent.ia64",
"4ES:httpd-debuginfo-0:2.0.52-48.ent.ppc",
"4ES:httpd-debuginfo-0:2.0.52-48.ent.s390",
"4ES:httpd-debuginfo-0:2.0.52-48.ent.s390x",
"4ES:httpd-debuginfo-0:2.0.52-48.ent.x86_64",
"4ES:httpd-devel-0:2.0.52-48.ent.i386",
"4ES:httpd-devel-0:2.0.52-48.ent.ia64",
"4ES:httpd-devel-0:2.0.52-48.ent.ppc",
"4ES:httpd-devel-0:2.0.52-48.ent.s390",
"4ES:httpd-devel-0:2.0.52-48.ent.s390x",
"4ES:httpd-devel-0:2.0.52-48.ent.x86_64",
"4ES:httpd-manual-0:2.0.52-48.ent.i386",
"4ES:httpd-manual-0:2.0.52-48.ent.ia64",
"4ES:httpd-manual-0:2.0.52-48.ent.ppc",
"4ES:httpd-manual-0:2.0.52-48.ent.s390",
"4ES:httpd-manual-0:2.0.52-48.ent.s390x",
"4ES:httpd-manual-0:2.0.52-48.ent.x86_64",
"4ES:httpd-suexec-0:2.0.52-48.ent.i386",
"4ES:httpd-suexec-0:2.0.52-48.ent.ia64",
"4ES:httpd-suexec-0:2.0.52-48.ent.ppc",
"4ES:httpd-suexec-0:2.0.52-48.ent.s390",
"4ES:httpd-suexec-0:2.0.52-48.ent.s390x",
"4ES:httpd-suexec-0:2.0.52-48.ent.x86_64",
"4ES:mod_ssl-1:2.0.52-48.ent.i386",
"4ES:mod_ssl-1:2.0.52-48.ent.ia64",
"4ES:mod_ssl-1:2.0.52-48.ent.ppc",
"4ES:mod_ssl-1:2.0.52-48.ent.s390",
"4ES:mod_ssl-1:2.0.52-48.ent.s390x",
"4ES:mod_ssl-1:2.0.52-48.ent.x86_64",
"4WS:httpd-0:2.0.52-48.ent.i386",
"4WS:httpd-0:2.0.52-48.ent.ia64",
"4WS:httpd-0:2.0.52-48.ent.ppc",
"4WS:httpd-0:2.0.52-48.ent.s390",
"4WS:httpd-0:2.0.52-48.ent.s390x",
"4WS:httpd-0:2.0.52-48.ent.src",
"4WS:httpd-0:2.0.52-48.ent.x86_64",
"4WS:httpd-debuginfo-0:2.0.52-48.ent.i386",
"4WS:httpd-debuginfo-0:2.0.52-48.ent.ia64",
"4WS:httpd-debuginfo-0:2.0.52-48.ent.ppc",
"4WS:httpd-debuginfo-0:2.0.52-48.ent.s390",
"4WS:httpd-debuginfo-0:2.0.52-48.ent.s390x",
"4WS:httpd-debuginfo-0:2.0.52-48.ent.x86_64",
"4WS:httpd-devel-0:2.0.52-48.ent.i386",
"4WS:httpd-devel-0:2.0.52-48.ent.ia64",
"4WS:httpd-devel-0:2.0.52-48.ent.ppc",
"4WS:httpd-devel-0:2.0.52-48.ent.s390",
"4WS:httpd-devel-0:2.0.52-48.ent.s390x",
"4WS:httpd-devel-0:2.0.52-48.ent.x86_64",
"4WS:httpd-manual-0:2.0.52-48.ent.i386",
"4WS:httpd-manual-0:2.0.52-48.ent.ia64",
"4WS:httpd-manual-0:2.0.52-48.ent.ppc",
"4WS:httpd-manual-0:2.0.52-48.ent.s390",
"4WS:httpd-manual-0:2.0.52-48.ent.s390x",
"4WS:httpd-manual-0:2.0.52-48.ent.x86_64",
"4WS:httpd-suexec-0:2.0.52-48.ent.i386",
"4WS:httpd-suexec-0:2.0.52-48.ent.ia64",
"4WS:httpd-suexec-0:2.0.52-48.ent.ppc",
"4WS:httpd-suexec-0:2.0.52-48.ent.s390",
"4WS:httpd-suexec-0:2.0.52-48.ent.s390x",
"4WS:httpd-suexec-0:2.0.52-48.ent.x86_64",
"4WS:mod_ssl-1:2.0.52-48.ent.i386",
"4WS:mod_ssl-1:2.0.52-48.ent.ia64",
"4WS:mod_ssl-1:2.0.52-48.ent.ppc",
"4WS:mod_ssl-1:2.0.52-48.ent.s390",
"4WS:mod_ssl-1:2.0.52-48.ent.s390x",
"4WS:mod_ssl-1:2.0.52-48.ent.x86_64",
"5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.i386",
"5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ia64",
"5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ppc",
"5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.s390x",
"5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.src",
"5Client-5.7.Z:httpd-0:2.2.3-53.el5_7.1.x86_64",
"5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.i386",
"5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ia64",
"5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc",
"5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc64",
"5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390",
"5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390x",
"5Client-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.x86_64",
"5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.i386",
"5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ia64",
"5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc",
"5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc64",
"5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390",
"5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390x",
"5Client-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.x86_64",
"5Client-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.i386",
"5Client-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ia64",
"5Client-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ppc",
"5Client-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.s390x",
"5Client-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.x86_64",
"5Client-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.i386",
"5Client-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ia64",
"5Client-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ppc",
"5Client-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.s390x",
"5Client-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.x86_64",
"5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.i386",
"5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ia64",
"5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ppc",
"5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.s390x",
"5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.src",
"5Client-Workstation-5.7.Z:httpd-0:2.2.3-53.el5_7.1.x86_64",
"5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.i386",
"5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ia64",
"5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc",
"5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc64",
"5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390",
"5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390x",
"5Client-Workstation-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.x86_64",
"5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.i386",
"5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ia64",
"5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc",
"5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc64",
"5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390",
"5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390x",
"5Client-Workstation-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.x86_64",
"5Client-Workstation-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.i386",
"5Client-Workstation-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ia64",
"5Client-Workstation-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ppc",
"5Client-Workstation-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.s390x",
"5Client-Workstation-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.x86_64",
"5Client-Workstation-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.i386",
"5Client-Workstation-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ia64",
"5Client-Workstation-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ppc",
"5Client-Workstation-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.s390x",
"5Client-Workstation-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.x86_64",
"5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.i386",
"5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ia64",
"5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.ppc",
"5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.s390x",
"5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.src",
"5Server-5.7.Z:httpd-0:2.2.3-53.el5_7.1.x86_64",
"5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.i386",
"5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ia64",
"5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc",
"5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.ppc64",
"5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390",
"5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.s390x",
"5Server-5.7.Z:httpd-debuginfo-0:2.2.3-53.el5_7.1.x86_64",
"5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.i386",
"5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ia64",
"5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc",
"5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.ppc64",
"5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390",
"5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.s390x",
"5Server-5.7.Z:httpd-devel-0:2.2.3-53.el5_7.1.x86_64",
"5Server-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.i386",
"5Server-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ia64",
"5Server-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.ppc",
"5Server-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.s390x",
"5Server-5.7.Z:httpd-manual-0:2.2.3-53.el5_7.1.x86_64",
"5Server-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.i386",
"5Server-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ia64",
"5Server-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.ppc",
"5Server-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.s390x",
"5Server-5.7.Z:mod_ssl-1:2.2.3-53.el5_7.1.x86_64",
"6Server-6.1.z:httpd-0:2.2.15-9.el6_1.2.i686",
"6Server-6.1.z:httpd-0:2.2.15-9.el6_1.2.ppc64",
"6Server-6.1.z:httpd-0:2.2.15-9.el6_1.2.s390x",
"6Server-6.1.z:httpd-0:2.2.15-9.el6_1.2.src",
"6Server-6.1.z:httpd-0:2.2.15-9.el6_1.2.x86_64",
"6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.i686",
"6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.ppc",
"6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.ppc64",
"6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.s390",
"6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.s390x",
"6Server-6.1.z:httpd-debuginfo-0:2.2.15-9.el6_1.2.x86_64",
"6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.i686",
"6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.ppc",
"6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.ppc64",
"6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.s390",
"6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.s390x",
"6Server-6.1.z:httpd-devel-0:2.2.15-9.el6_1.2.x86_64",
"6Server-6.1.z:httpd-manual-0:2.2.15-9.el6_1.2.noarch",
"6Server-6.1.z:httpd-tools-0:2.2.15-9.el6_1.2.i686",
"6Server-6.1.z:httpd-tools-0:2.2.15-9.el6_1.2.ppc64",
"6Server-6.1.z:httpd-tools-0:2.2.15-9.el6_1.2.s390x",
"6Server-6.1.z:httpd-tools-0:2.2.15-9.el6_1.2.x86_64",
"6Server-6.1.z:mod_ssl-1:2.2.15-9.el6_1.2.i686",
"6Server-6.1.z:mod_ssl-1:2.2.15-9.el6_1.2.ppc64",
"6Server-6.1.z:mod_ssl-1:2.2.15-9.el6_1.2.s390x",
"6Server-6.1.z:mod_ssl-1:2.2.15-9.el6_1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: multiple ranges DoS"
}
]
}
RHSA-2011:1329
Vulnerability from csaf_redhat - Published: 2011-09-21 19:50 - Updated: 2025-11-21 17:39Summary
Red Hat Security Advisory: httpd and httpd22 security update
Notes
Topic
Updated httpd and httpd22 packages that fix one security issue are now
available for JBoss Enterprise Web Server 1.0.2 for Red Hat Enterprise
Linux 4, 5, and 6.
The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.
Details
The Apache HTTP Server is a popular web server.
A flaw was found in the way the Apache HTTP Server handled Range HTTP
headers. A remote attacker could use this flaw to cause the Apache HTTP
Server to use an excessive amount of memory and CPU time via HTTP requests
with a specially-crafted Range header. (CVE-2011-3192)
All users of JBoss Enterprise Web Server 1.0.2 should upgrade to these
updated packages, which contain a backported patch to correct this issue.
After installing the updated packages, Red Hat Enterprise Linux 4 users
must restart the httpd22 service, and Red Hat Enterprise Linux 5 and 6
users must restart the httpd service, for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated httpd and httpd22 packages that fix one security issue are now\navailable for JBoss Enterprise Web Server 1.0.2 for Red Hat Enterprise\nLinux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from the\nCVE link in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Apache HTTP Server is a popular web server.\n\nA flaw was found in the way the Apache HTTP Server handled Range HTTP\nheaders. A remote attacker could use this flaw to cause the Apache HTTP\nServer to use an excessive amount of memory and CPU time via HTTP requests\nwith a specially-crafted Range header. (CVE-2011-3192)\n\nAll users of JBoss Enterprise Web Server 1.0.2 should upgrade to these\nupdated packages, which contain a backported patch to correct this issue.\nAfter installing the updated packages, Red Hat Enterprise Linux 4 users\nmust restart the httpd22 service, and Red Hat Enterprise Linux 5 and 6\nusers must restart the httpd service, for the update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2011:1329",
"url": "https://access.redhat.com/errata/RHSA-2011:1329"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "732928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_1329.json"
}
],
"title": "Red Hat Security Advisory: httpd and httpd22 security update",
"tracking": {
"current_release_date": "2025-11-21T17:39:00+00:00",
"generator": {
"date": "2025-11-21T17:39:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2011:1329",
"initial_release_date": "2011-09-21T19:50:00+00:00",
"revision_history": [
{
"date": "2011-09-21T19:50:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2011-09-21T15:58:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:39:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product": {
"name": "Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product": {
"name": "Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el4"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product": {
"name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product_id": "5Server-JBEWS-5.0.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6 Server",
"product_id": "6Server-JBEWS-1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Web Server"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd22-debuginfo-0:2.2.17-16.ep5.el4.x86_64",
"product": {
"name": "httpd22-debuginfo-0:2.2.17-16.ep5.el4.x86_64",
"product_id": "httpd22-debuginfo-0:2.2.17-16.ep5.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22-debuginfo@2.2.17-16.ep5.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd22-apr-0:2.2.17-16.ep5.el4.x86_64",
"product": {
"name": "httpd22-apr-0:2.2.17-16.ep5.el4.x86_64",
"product_id": "httpd22-apr-0:2.2.17-16.ep5.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22-apr@2.2.17-16.ep5.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd22-manual-0:2.2.17-16.ep5.el4.x86_64",
"product": {
"name": "httpd22-manual-0:2.2.17-16.ep5.el4.x86_64",
"product_id": "httpd22-manual-0:2.2.17-16.ep5.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22-manual@2.2.17-16.ep5.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd22-apr-devel-0:2.2.17-16.ep5.el4.x86_64",
"product": {
"name": "httpd22-apr-devel-0:2.2.17-16.ep5.el4.x86_64",
"product_id": "httpd22-apr-devel-0:2.2.17-16.ep5.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22-apr-devel@2.2.17-16.ep5.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd22-devel-0:2.2.17-16.ep5.el4.x86_64",
"product": {
"name": "httpd22-devel-0:2.2.17-16.ep5.el4.x86_64",
"product_id": "httpd22-devel-0:2.2.17-16.ep5.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22-devel@2.2.17-16.ep5.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.x86_64",
"product": {
"name": "httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.x86_64",
"product_id": "httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22-apr-util-devel@2.2.17-16.ep5.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd22-0:2.2.17-16.ep5.el4.x86_64",
"product": {
"name": "httpd22-0:2.2.17-16.ep5.el4.x86_64",
"product_id": "httpd22-0:2.2.17-16.ep5.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22@2.2.17-16.ep5.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd22-apr-util-0:2.2.17-16.ep5.el4.x86_64",
"product": {
"name": "httpd22-apr-util-0:2.2.17-16.ep5.el4.x86_64",
"product_id": "httpd22-apr-util-0:2.2.17-16.ep5.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22-apr-util@2.2.17-16.ep5.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl22-1:2.2.17-16.ep5.el4.x86_64",
"product": {
"name": "mod_ssl22-1:2.2.17-16.ep5.el4.x86_64",
"product_id": "mod_ssl22-1:2.2.17-16.ep5.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl22@2.2.17-16.ep5.el4?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.17-14.1.ep5.el5.x86_64",
"product": {
"name": "httpd-0:2.2.17-14.1.ep5.el5.x86_64",
"product_id": "httpd-0:2.2.17-14.1.ep5.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.17-14.1.ep5.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.17-14.1.ep5.el5.x86_64",
"product": {
"name": "mod_ssl-1:2.2.17-14.1.ep5.el5.x86_64",
"product_id": "mod_ssl-1:2.2.17-14.1.ep5.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.17-14.1.ep5.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.17-14.1.ep5.el5.x86_64",
"product": {
"name": "httpd-devel-0:2.2.17-14.1.ep5.el5.x86_64",
"product_id": "httpd-devel-0:2.2.17-14.1.ep5.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.17-14.1.ep5.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.2.17-14.1.ep5.el5.x86_64",
"product": {
"name": "httpd-manual-0:2.2.17-14.1.ep5.el5.x86_64",
"product_id": "httpd-manual-0:2.2.17-14.1.ep5.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.17-14.1.ep5.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.17-13.2.ep5.el6.x86_64",
"product": {
"name": "httpd-0:2.2.17-13.2.ep5.el6.x86_64",
"product_id": "httpd-0:2.2.17-13.2.ep5.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.17-13.2.ep5.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.17-13.2.ep5.el6.x86_64",
"product": {
"name": "mod_ssl-1:2.2.17-13.2.ep5.el6.x86_64",
"product_id": "mod_ssl-1:2.2.17-13.2.ep5.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.17-13.2.ep5.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.17-13.2.ep5.el6.x86_64",
"product": {
"name": "httpd-tools-0:2.2.17-13.2.ep5.el6.x86_64",
"product_id": "httpd-tools-0:2.2.17-13.2.ep5.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.17-13.2.ep5.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.17-13.2.ep5.el6.x86_64",
"product": {
"name": "httpd-devel-0:2.2.17-13.2.ep5.el6.x86_64",
"product_id": "httpd-devel-0:2.2.17-13.2.ep5.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.17-13.2.ep5.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.2.17-13.2.ep5.el6.x86_64",
"product": {
"name": "httpd-manual-0:2.2.17-13.2.ep5.el6.x86_64",
"product_id": "httpd-manual-0:2.2.17-13.2.ep5.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.17-13.2.ep5.el6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd22-debuginfo-0:2.2.17-16.ep5.el4.i386",
"product": {
"name": "httpd22-debuginfo-0:2.2.17-16.ep5.el4.i386",
"product_id": "httpd22-debuginfo-0:2.2.17-16.ep5.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22-debuginfo@2.2.17-16.ep5.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd22-apr-0:2.2.17-16.ep5.el4.i386",
"product": {
"name": "httpd22-apr-0:2.2.17-16.ep5.el4.i386",
"product_id": "httpd22-apr-0:2.2.17-16.ep5.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22-apr@2.2.17-16.ep5.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd22-manual-0:2.2.17-16.ep5.el4.i386",
"product": {
"name": "httpd22-manual-0:2.2.17-16.ep5.el4.i386",
"product_id": "httpd22-manual-0:2.2.17-16.ep5.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22-manual@2.2.17-16.ep5.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd22-apr-devel-0:2.2.17-16.ep5.el4.i386",
"product": {
"name": "httpd22-apr-devel-0:2.2.17-16.ep5.el4.i386",
"product_id": "httpd22-apr-devel-0:2.2.17-16.ep5.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22-apr-devel@2.2.17-16.ep5.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd22-devel-0:2.2.17-16.ep5.el4.i386",
"product": {
"name": "httpd22-devel-0:2.2.17-16.ep5.el4.i386",
"product_id": "httpd22-devel-0:2.2.17-16.ep5.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22-devel@2.2.17-16.ep5.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.i386",
"product": {
"name": "httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.i386",
"product_id": "httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22-apr-util-devel@2.2.17-16.ep5.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd22-0:2.2.17-16.ep5.el4.i386",
"product": {
"name": "httpd22-0:2.2.17-16.ep5.el4.i386",
"product_id": "httpd22-0:2.2.17-16.ep5.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22@2.2.17-16.ep5.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd22-apr-util-0:2.2.17-16.ep5.el4.i386",
"product": {
"name": "httpd22-apr-util-0:2.2.17-16.ep5.el4.i386",
"product_id": "httpd22-apr-util-0:2.2.17-16.ep5.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22-apr-util@2.2.17-16.ep5.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "mod_ssl22-1:2.2.17-16.ep5.el4.i386",
"product": {
"name": "mod_ssl22-1:2.2.17-16.ep5.el4.i386",
"product_id": "mod_ssl22-1:2.2.17-16.ep5.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl22@2.2.17-16.ep5.el4?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.17-14.1.ep5.el5.i386",
"product": {
"name": "httpd-0:2.2.17-14.1.ep5.el5.i386",
"product_id": "httpd-0:2.2.17-14.1.ep5.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.17-14.1.ep5.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.17-14.1.ep5.el5.i386",
"product": {
"name": "mod_ssl-1:2.2.17-14.1.ep5.el5.i386",
"product_id": "mod_ssl-1:2.2.17-14.1.ep5.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.17-14.1.ep5.el5?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.17-14.1.ep5.el5.i386",
"product": {
"name": "httpd-devel-0:2.2.17-14.1.ep5.el5.i386",
"product_id": "httpd-devel-0:2.2.17-14.1.ep5.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.17-14.1.ep5.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.2.17-14.1.ep5.el5.i386",
"product": {
"name": "httpd-manual-0:2.2.17-14.1.ep5.el5.i386",
"product_id": "httpd-manual-0:2.2.17-14.1.ep5.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.17-14.1.ep5.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.17-13.2.ep5.el6.i386",
"product": {
"name": "httpd-0:2.2.17-13.2.ep5.el6.i386",
"product_id": "httpd-0:2.2.17-13.2.ep5.el6.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.17-13.2.ep5.el6?arch=i386"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.17-13.2.ep5.el6.i386",
"product": {
"name": "mod_ssl-1:2.2.17-13.2.ep5.el6.i386",
"product_id": "mod_ssl-1:2.2.17-13.2.ep5.el6.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.17-13.2.ep5.el6?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.17-13.2.ep5.el6.i386",
"product": {
"name": "httpd-tools-0:2.2.17-13.2.ep5.el6.i386",
"product_id": "httpd-tools-0:2.2.17-13.2.ep5.el6.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.17-13.2.ep5.el6?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.17-13.2.ep5.el6.i386",
"product": {
"name": "httpd-devel-0:2.2.17-13.2.ep5.el6.i386",
"product_id": "httpd-devel-0:2.2.17-13.2.ep5.el6.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.17-13.2.ep5.el6?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.2.17-13.2.ep5.el6.i386",
"product": {
"name": "httpd-manual-0:2.2.17-13.2.ep5.el6.i386",
"product_id": "httpd-manual-0:2.2.17-13.2.ep5.el6.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.17-13.2.ep5.el6?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd22-0:2.2.17-16.ep5.el4.src",
"product": {
"name": "httpd22-0:2.2.17-16.ep5.el4.src",
"product_id": "httpd22-0:2.2.17-16.ep5.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd22@2.2.17-16.ep5.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.17-14.1.ep5.el5.src",
"product": {
"name": "httpd-0:2.2.17-14.1.ep5.el5.src",
"product_id": "httpd-0:2.2.17-14.1.ep5.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.17-14.1.ep5.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.17-13.2.ep5.el6.src",
"product": {
"name": "httpd-0:2.2.17-13.2.ep5.el6.src",
"product_id": "httpd-0:2.2.17-13.2.ep5.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.17-13.2.ep5.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-0:2.2.17-16.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.i386"
},
"product_reference": "httpd22-0:2.2.17-16.ep5.el4.i386",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-0:2.2.17-16.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.src"
},
"product_reference": "httpd22-0:2.2.17-16.ep5.el4.src",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-0:2.2.17-16.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.x86_64"
},
"product_reference": "httpd22-0:2.2.17-16.ep5.el4.x86_64",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-apr-0:2.2.17-16.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.17-16.ep5.el4.i386"
},
"product_reference": "httpd22-apr-0:2.2.17-16.ep5.el4.i386",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-apr-0:2.2.17-16.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.17-16.ep5.el4.x86_64"
},
"product_reference": "httpd22-apr-0:2.2.17-16.ep5.el4.x86_64",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-apr-devel-0:2.2.17-16.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.17-16.ep5.el4.i386"
},
"product_reference": "httpd22-apr-devel-0:2.2.17-16.ep5.el4.i386",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-apr-devel-0:2.2.17-16.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.17-16.ep5.el4.x86_64"
},
"product_reference": "httpd22-apr-devel-0:2.2.17-16.ep5.el4.x86_64",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-apr-util-0:2.2.17-16.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.17-16.ep5.el4.i386"
},
"product_reference": "httpd22-apr-util-0:2.2.17-16.ep5.el4.i386",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-apr-util-0:2.2.17-16.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.17-16.ep5.el4.x86_64"
},
"product_reference": "httpd22-apr-util-0:2.2.17-16.ep5.el4.x86_64",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.i386"
},
"product_reference": "httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.i386",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.x86_64"
},
"product_reference": "httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.x86_64",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-debuginfo-0:2.2.17-16.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.17-16.ep5.el4.i386"
},
"product_reference": "httpd22-debuginfo-0:2.2.17-16.ep5.el4.i386",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-debuginfo-0:2.2.17-16.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.17-16.ep5.el4.x86_64"
},
"product_reference": "httpd22-debuginfo-0:2.2.17-16.ep5.el4.x86_64",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-devel-0:2.2.17-16.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.17-16.ep5.el4.i386"
},
"product_reference": "httpd22-devel-0:2.2.17-16.ep5.el4.i386",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-devel-0:2.2.17-16.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.17-16.ep5.el4.x86_64"
},
"product_reference": "httpd22-devel-0:2.2.17-16.ep5.el4.x86_64",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-manual-0:2.2.17-16.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.17-16.ep5.el4.i386"
},
"product_reference": "httpd22-manual-0:2.2.17-16.ep5.el4.i386",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-manual-0:2.2.17-16.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.17-16.ep5.el4.x86_64"
},
"product_reference": "httpd22-manual-0:2.2.17-16.ep5.el4.x86_64",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl22-1:2.2.17-16.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.17-16.ep5.el4.i386"
},
"product_reference": "mod_ssl22-1:2.2.17-16.ep5.el4.i386",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl22-1:2.2.17-16.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS",
"product_id": "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.17-16.ep5.el4.x86_64"
},
"product_reference": "mod_ssl22-1:2.2.17-16.ep5.el4.x86_64",
"relates_to_product_reference": "4AS-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-0:2.2.17-16.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.i386"
},
"product_reference": "httpd22-0:2.2.17-16.ep5.el4.i386",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-0:2.2.17-16.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.src"
},
"product_reference": "httpd22-0:2.2.17-16.ep5.el4.src",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-0:2.2.17-16.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.x86_64"
},
"product_reference": "httpd22-0:2.2.17-16.ep5.el4.x86_64",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-apr-0:2.2.17-16.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.17-16.ep5.el4.i386"
},
"product_reference": "httpd22-apr-0:2.2.17-16.ep5.el4.i386",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-apr-0:2.2.17-16.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.17-16.ep5.el4.x86_64"
},
"product_reference": "httpd22-apr-0:2.2.17-16.ep5.el4.x86_64",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-apr-devel-0:2.2.17-16.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.17-16.ep5.el4.i386"
},
"product_reference": "httpd22-apr-devel-0:2.2.17-16.ep5.el4.i386",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-apr-devel-0:2.2.17-16.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.17-16.ep5.el4.x86_64"
},
"product_reference": "httpd22-apr-devel-0:2.2.17-16.ep5.el4.x86_64",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-apr-util-0:2.2.17-16.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.17-16.ep5.el4.i386"
},
"product_reference": "httpd22-apr-util-0:2.2.17-16.ep5.el4.i386",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-apr-util-0:2.2.17-16.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.17-16.ep5.el4.x86_64"
},
"product_reference": "httpd22-apr-util-0:2.2.17-16.ep5.el4.x86_64",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.i386"
},
"product_reference": "httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.i386",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.x86_64"
},
"product_reference": "httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.x86_64",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-debuginfo-0:2.2.17-16.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.17-16.ep5.el4.i386"
},
"product_reference": "httpd22-debuginfo-0:2.2.17-16.ep5.el4.i386",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-debuginfo-0:2.2.17-16.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.17-16.ep5.el4.x86_64"
},
"product_reference": "httpd22-debuginfo-0:2.2.17-16.ep5.el4.x86_64",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-devel-0:2.2.17-16.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.17-16.ep5.el4.i386"
},
"product_reference": "httpd22-devel-0:2.2.17-16.ep5.el4.i386",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-devel-0:2.2.17-16.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.17-16.ep5.el4.x86_64"
},
"product_reference": "httpd22-devel-0:2.2.17-16.ep5.el4.x86_64",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-manual-0:2.2.17-16.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.17-16.ep5.el4.i386"
},
"product_reference": "httpd22-manual-0:2.2.17-16.ep5.el4.i386",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd22-manual-0:2.2.17-16.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.17-16.ep5.el4.x86_64"
},
"product_reference": "httpd22-manual-0:2.2.17-16.ep5.el4.x86_64",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl22-1:2.2.17-16.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.17-16.ep5.el4.i386"
},
"product_reference": "mod_ssl22-1:2.2.17-16.ep5.el4.i386",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl22-1:2.2.17-16.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES",
"product_id": "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.17-16.ep5.el4.x86_64"
},
"product_reference": "mod_ssl22-1:2.2.17-16.ep5.el4.x86_64",
"relates_to_product_reference": "4ES-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.17-14.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product_id": "5Server-JBEWS-5.0.0:httpd-0:2.2.17-14.1.ep5.el5.i386"
},
"product_reference": "httpd-0:2.2.17-14.1.ep5.el5.i386",
"relates_to_product_reference": "5Server-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.17-14.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product_id": "5Server-JBEWS-5.0.0:httpd-0:2.2.17-14.1.ep5.el5.src"
},
"product_reference": "httpd-0:2.2.17-14.1.ep5.el5.src",
"relates_to_product_reference": "5Server-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.17-14.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product_id": "5Server-JBEWS-5.0.0:httpd-0:2.2.17-14.1.ep5.el5.x86_64"
},
"product_reference": "httpd-0:2.2.17-14.1.ep5.el5.x86_64",
"relates_to_product_reference": "5Server-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.17-14.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product_id": "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.17-14.1.ep5.el5.i386"
},
"product_reference": "httpd-devel-0:2.2.17-14.1.ep5.el5.i386",
"relates_to_product_reference": "5Server-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.17-14.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product_id": "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.17-14.1.ep5.el5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.17-14.1.ep5.el5.x86_64",
"relates_to_product_reference": "5Server-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.17-14.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product_id": "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.17-14.1.ep5.el5.i386"
},
"product_reference": "httpd-manual-0:2.2.17-14.1.ep5.el5.i386",
"relates_to_product_reference": "5Server-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.17-14.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product_id": "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.17-14.1.ep5.el5.x86_64"
},
"product_reference": "httpd-manual-0:2.2.17-14.1.ep5.el5.x86_64",
"relates_to_product_reference": "5Server-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.17-14.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product_id": "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.17-14.1.ep5.el5.i386"
},
"product_reference": "mod_ssl-1:2.2.17-14.1.ep5.el5.i386",
"relates_to_product_reference": "5Server-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.17-14.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server",
"product_id": "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.17-14.1.ep5.el5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.17-14.1.ep5.el5.x86_64",
"relates_to_product_reference": "5Server-JBEWS-5.0.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.17-13.2.ep5.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 6 Server",
"product_id": "6Server-JBEWS-1:httpd-0:2.2.17-13.2.ep5.el6.i386"
},
"product_reference": "httpd-0:2.2.17-13.2.ep5.el6.i386",
"relates_to_product_reference": "6Server-JBEWS-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.17-13.2.ep5.el6.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 6 Server",
"product_id": "6Server-JBEWS-1:httpd-0:2.2.17-13.2.ep5.el6.src"
},
"product_reference": "httpd-0:2.2.17-13.2.ep5.el6.src",
"relates_to_product_reference": "6Server-JBEWS-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.17-13.2.ep5.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 6 Server",
"product_id": "6Server-JBEWS-1:httpd-0:2.2.17-13.2.ep5.el6.x86_64"
},
"product_reference": "httpd-0:2.2.17-13.2.ep5.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.17-13.2.ep5.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 6 Server",
"product_id": "6Server-JBEWS-1:httpd-devel-0:2.2.17-13.2.ep5.el6.i386"
},
"product_reference": "httpd-devel-0:2.2.17-13.2.ep5.el6.i386",
"relates_to_product_reference": "6Server-JBEWS-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.17-13.2.ep5.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 6 Server",
"product_id": "6Server-JBEWS-1:httpd-devel-0:2.2.17-13.2.ep5.el6.x86_64"
},
"product_reference": "httpd-devel-0:2.2.17-13.2.ep5.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.17-13.2.ep5.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 6 Server",
"product_id": "6Server-JBEWS-1:httpd-manual-0:2.2.17-13.2.ep5.el6.i386"
},
"product_reference": "httpd-manual-0:2.2.17-13.2.ep5.el6.i386",
"relates_to_product_reference": "6Server-JBEWS-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.17-13.2.ep5.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 6 Server",
"product_id": "6Server-JBEWS-1:httpd-manual-0:2.2.17-13.2.ep5.el6.x86_64"
},
"product_reference": "httpd-manual-0:2.2.17-13.2.ep5.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.17-13.2.ep5.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 6 Server",
"product_id": "6Server-JBEWS-1:httpd-tools-0:2.2.17-13.2.ep5.el6.i386"
},
"product_reference": "httpd-tools-0:2.2.17-13.2.ep5.el6.i386",
"relates_to_product_reference": "6Server-JBEWS-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.17-13.2.ep5.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 6 Server",
"product_id": "6Server-JBEWS-1:httpd-tools-0:2.2.17-13.2.ep5.el6.x86_64"
},
"product_reference": "httpd-tools-0:2.2.17-13.2.ep5.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.17-13.2.ep5.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 6 Server",
"product_id": "6Server-JBEWS-1:mod_ssl-1:2.2.17-13.2.ep5.el6.i386"
},
"product_reference": "mod_ssl-1:2.2.17-13.2.ep5.el6.i386",
"relates_to_product_reference": "6Server-JBEWS-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.17-13.2.ep5.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 6 Server",
"product_id": "6Server-JBEWS-1:mod_ssl-1:2.2.17-13.2.ep5.el6.x86_64"
},
"product_reference": "mod_ssl-1:2.2.17-13.2.ep5.el6.x86_64",
"relates_to_product_reference": "6Server-JBEWS-1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2011-3192",
"discovery_date": "2011-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "732928"
}
],
"notes": [
{
"category": "description",
"text": "The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: multiple ranges DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Before updated packages are deployed, users can deploy configuration changes to mitigate this flaw:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3192#c18",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.src",
"4AS-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.src",
"4ES-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.17-16.ep5.el4.x86_64",
"5Server-JBEWS-5.0.0:httpd-0:2.2.17-14.1.ep5.el5.i386",
"5Server-JBEWS-5.0.0:httpd-0:2.2.17-14.1.ep5.el5.src",
"5Server-JBEWS-5.0.0:httpd-0:2.2.17-14.1.ep5.el5.x86_64",
"5Server-JBEWS-5.0.0:httpd-devel-0:2.2.17-14.1.ep5.el5.i386",
"5Server-JBEWS-5.0.0:httpd-devel-0:2.2.17-14.1.ep5.el5.x86_64",
"5Server-JBEWS-5.0.0:httpd-manual-0:2.2.17-14.1.ep5.el5.i386",
"5Server-JBEWS-5.0.0:httpd-manual-0:2.2.17-14.1.ep5.el5.x86_64",
"5Server-JBEWS-5.0.0:mod_ssl-1:2.2.17-14.1.ep5.el5.i386",
"5Server-JBEWS-5.0.0:mod_ssl-1:2.2.17-14.1.ep5.el5.x86_64",
"6Server-JBEWS-1:httpd-0:2.2.17-13.2.ep5.el6.i386",
"6Server-JBEWS-1:httpd-0:2.2.17-13.2.ep5.el6.src",
"6Server-JBEWS-1:httpd-0:2.2.17-13.2.ep5.el6.x86_64",
"6Server-JBEWS-1:httpd-devel-0:2.2.17-13.2.ep5.el6.i386",
"6Server-JBEWS-1:httpd-devel-0:2.2.17-13.2.ep5.el6.x86_64",
"6Server-JBEWS-1:httpd-manual-0:2.2.17-13.2.ep5.el6.i386",
"6Server-JBEWS-1:httpd-manual-0:2.2.17-13.2.ep5.el6.x86_64",
"6Server-JBEWS-1:httpd-tools-0:2.2.17-13.2.ep5.el6.i386",
"6Server-JBEWS-1:httpd-tools-0:2.2.17-13.2.ep5.el6.x86_64",
"6Server-JBEWS-1:mod_ssl-1:2.2.17-13.2.ep5.el6.i386",
"6Server-JBEWS-1:mod_ssl-1:2.2.17-13.2.ep5.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-3192"
},
{
"category": "external",
"summary": "RHBZ#732928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-3192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3192"
}
],
"release_date": "2011-08-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-09-21T19:50:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.src",
"4AS-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.src",
"4ES-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.17-16.ep5.el4.x86_64",
"5Server-JBEWS-5.0.0:httpd-0:2.2.17-14.1.ep5.el5.i386",
"5Server-JBEWS-5.0.0:httpd-0:2.2.17-14.1.ep5.el5.src",
"5Server-JBEWS-5.0.0:httpd-0:2.2.17-14.1.ep5.el5.x86_64",
"5Server-JBEWS-5.0.0:httpd-devel-0:2.2.17-14.1.ep5.el5.i386",
"5Server-JBEWS-5.0.0:httpd-devel-0:2.2.17-14.1.ep5.el5.x86_64",
"5Server-JBEWS-5.0.0:httpd-manual-0:2.2.17-14.1.ep5.el5.i386",
"5Server-JBEWS-5.0.0:httpd-manual-0:2.2.17-14.1.ep5.el5.x86_64",
"5Server-JBEWS-5.0.0:mod_ssl-1:2.2.17-14.1.ep5.el5.i386",
"5Server-JBEWS-5.0.0:mod_ssl-1:2.2.17-14.1.ep5.el5.x86_64",
"6Server-JBEWS-1:httpd-0:2.2.17-13.2.ep5.el6.i386",
"6Server-JBEWS-1:httpd-0:2.2.17-13.2.ep5.el6.src",
"6Server-JBEWS-1:httpd-0:2.2.17-13.2.ep5.el6.x86_64",
"6Server-JBEWS-1:httpd-devel-0:2.2.17-13.2.ep5.el6.i386",
"6Server-JBEWS-1:httpd-devel-0:2.2.17-13.2.ep5.el6.x86_64",
"6Server-JBEWS-1:httpd-manual-0:2.2.17-13.2.ep5.el6.i386",
"6Server-JBEWS-1:httpd-manual-0:2.2.17-13.2.ep5.el6.x86_64",
"6Server-JBEWS-1:httpd-tools-0:2.2.17-13.2.ep5.el6.i386",
"6Server-JBEWS-1:httpd-tools-0:2.2.17-13.2.ep5.el6.x86_64",
"6Server-JBEWS-1:mod_ssl-1:2.2.17-13.2.ep5.el6.i386",
"6Server-JBEWS-1:mod_ssl-1:2.2.17-13.2.ep5.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1329"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"4AS-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.src",
"4AS-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.17-16.ep5.el4.x86_64",
"4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.17-16.ep5.el4.i386",
"4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.src",
"4ES-JBEWS-5.0.0:httpd22-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.17-16.ep5.el4.x86_64",
"4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.17-16.ep5.el4.i386",
"4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.17-16.ep5.el4.x86_64",
"5Server-JBEWS-5.0.0:httpd-0:2.2.17-14.1.ep5.el5.i386",
"5Server-JBEWS-5.0.0:httpd-0:2.2.17-14.1.ep5.el5.src",
"5Server-JBEWS-5.0.0:httpd-0:2.2.17-14.1.ep5.el5.x86_64",
"5Server-JBEWS-5.0.0:httpd-devel-0:2.2.17-14.1.ep5.el5.i386",
"5Server-JBEWS-5.0.0:httpd-devel-0:2.2.17-14.1.ep5.el5.x86_64",
"5Server-JBEWS-5.0.0:httpd-manual-0:2.2.17-14.1.ep5.el5.i386",
"5Server-JBEWS-5.0.0:httpd-manual-0:2.2.17-14.1.ep5.el5.x86_64",
"5Server-JBEWS-5.0.0:mod_ssl-1:2.2.17-14.1.ep5.el5.i386",
"5Server-JBEWS-5.0.0:mod_ssl-1:2.2.17-14.1.ep5.el5.x86_64",
"6Server-JBEWS-1:httpd-0:2.2.17-13.2.ep5.el6.i386",
"6Server-JBEWS-1:httpd-0:2.2.17-13.2.ep5.el6.src",
"6Server-JBEWS-1:httpd-0:2.2.17-13.2.ep5.el6.x86_64",
"6Server-JBEWS-1:httpd-devel-0:2.2.17-13.2.ep5.el6.i386",
"6Server-JBEWS-1:httpd-devel-0:2.2.17-13.2.ep5.el6.x86_64",
"6Server-JBEWS-1:httpd-manual-0:2.2.17-13.2.ep5.el6.i386",
"6Server-JBEWS-1:httpd-manual-0:2.2.17-13.2.ep5.el6.x86_64",
"6Server-JBEWS-1:httpd-tools-0:2.2.17-13.2.ep5.el6.i386",
"6Server-JBEWS-1:httpd-tools-0:2.2.17-13.2.ep5.el6.x86_64",
"6Server-JBEWS-1:mod_ssl-1:2.2.17-13.2.ep5.el6.i386",
"6Server-JBEWS-1:mod_ssl-1:2.2.17-13.2.ep5.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: multiple ranges DoS"
}
]
}
RHSA-2011:1300
Vulnerability from csaf_redhat - Published: 2011-09-15 17:42 - Updated: 2025-11-21 17:38Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
Updated httpd packages that fix one security issue are now available for
Red Hat Enterprise Linux 3 Extended Life Cycle Support.
The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.
Details
The Apache HTTP Server is a popular web server.
A flaw was found in the way the Apache HTTP Server handled Range HTTP
headers. A remote attacker could use this flaw to cause httpd to use an
excessive amount of memory and CPU time via HTTP requests with a
specially-crafted Range header. (CVE-2011-3192)
All httpd users should upgrade to these updated packages, which contain a
backported patch to correct this issue. After installing the updated
packages, the httpd daemon must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated httpd packages that fix one security issue are now available for\nRed Hat Enterprise Linux 3 Extended Life Cycle Support.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from the\nCVE link in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Apache HTTP Server is a popular web server.\n\nA flaw was found in the way the Apache HTTP Server handled Range HTTP\nheaders. A remote attacker could use this flaw to cause httpd to use an\nexcessive amount of memory and CPU time via HTTP requests with a\nspecially-crafted Range header. (CVE-2011-3192)\n\nAll httpd users should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2011:1300",
"url": "https://access.redhat.com/errata/RHSA-2011:1300"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "732928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_1300.json"
}
],
"title": "Red Hat Security Advisory: httpd security update",
"tracking": {
"current_release_date": "2025-11-21T17:38:54+00:00",
"generator": {
"date": "2025-11-21T17:38:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2011:1300",
"initial_release_date": "2011-09-15T17:42:00+00:00",
"revision_history": [
{
"date": "2011-09-15T17:42:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2011-09-15T13:52:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:38:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS (v. 3 ELS)",
"product": {
"name": "Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_els:3::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES (v. 3 ELS)",
"product": {
"name": "Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_els:3::es"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.0.46-78.ent.src",
"product": {
"name": "httpd-0:2.0.46-78.ent.src",
"product_id": "httpd-0:2.0.46-78.ent.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.0.46-78.ent?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.0.46-78.ent.i386",
"product": {
"name": "httpd-0:2.0.46-78.ent.i386",
"product_id": "httpd-0:2.0.46-78.ent.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.0.46-78.ent?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.0.46-78.ent.i386",
"product": {
"name": "httpd-devel-0:2.0.46-78.ent.i386",
"product_id": "httpd-devel-0:2.0.46-78.ent.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.0.46-78.ent?arch=i386"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.0.46-78.ent.i386",
"product": {
"name": "mod_ssl-1:2.0.46-78.ent.i386",
"product_id": "mod_ssl-1:2.0.46-78.ent.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.0.46-78.ent?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.0.46-78.ent.i386",
"product": {
"name": "httpd-debuginfo-0:2.0.46-78.ent.i386",
"product_id": "httpd-debuginfo-0:2.0.46-78.ent.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.0.46-78.ent?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.46-78.ent.i386 as a component of Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS:httpd-0:2.0.46-78.ent.i386"
},
"product_reference": "httpd-0:2.0.46-78.ent.i386",
"relates_to_product_reference": "3AS-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.46-78.ent.src as a component of Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS:httpd-0:2.0.46-78.ent.src"
},
"product_reference": "httpd-0:2.0.46-78.ent.src",
"relates_to_product_reference": "3AS-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.46-78.ent.i386 as a component of Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS:httpd-debuginfo-0:2.0.46-78.ent.i386"
},
"product_reference": "httpd-debuginfo-0:2.0.46-78.ent.i386",
"relates_to_product_reference": "3AS-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.46-78.ent.i386 as a component of Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS:httpd-devel-0:2.0.46-78.ent.i386"
},
"product_reference": "httpd-devel-0:2.0.46-78.ent.i386",
"relates_to_product_reference": "3AS-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.46-78.ent.i386 as a component of Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS:mod_ssl-1:2.0.46-78.ent.i386"
},
"product_reference": "mod_ssl-1:2.0.46-78.ent.i386",
"relates_to_product_reference": "3AS-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.46-78.ent.i386 as a component of Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS:httpd-0:2.0.46-78.ent.i386"
},
"product_reference": "httpd-0:2.0.46-78.ent.i386",
"relates_to_product_reference": "3ES-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.0.46-78.ent.src as a component of Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS:httpd-0:2.0.46-78.ent.src"
},
"product_reference": "httpd-0:2.0.46-78.ent.src",
"relates_to_product_reference": "3ES-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.0.46-78.ent.i386 as a component of Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS:httpd-debuginfo-0:2.0.46-78.ent.i386"
},
"product_reference": "httpd-debuginfo-0:2.0.46-78.ent.i386",
"relates_to_product_reference": "3ES-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.0.46-78.ent.i386 as a component of Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS:httpd-devel-0:2.0.46-78.ent.i386"
},
"product_reference": "httpd-devel-0:2.0.46-78.ent.i386",
"relates_to_product_reference": "3ES-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.0.46-78.ent.i386 as a component of Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS:mod_ssl-1:2.0.46-78.ent.i386"
},
"product_reference": "mod_ssl-1:2.0.46-78.ent.i386",
"relates_to_product_reference": "3ES-ELS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2011-3192",
"discovery_date": "2011-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "732928"
}
],
"notes": [
{
"category": "description",
"text": "The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: multiple ranges DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Before updated packages are deployed, users can deploy configuration changes to mitigate this flaw:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3192#c18",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"3AS-ELS:httpd-0:2.0.46-78.ent.i386",
"3AS-ELS:httpd-0:2.0.46-78.ent.src",
"3AS-ELS:httpd-debuginfo-0:2.0.46-78.ent.i386",
"3AS-ELS:httpd-devel-0:2.0.46-78.ent.i386",
"3AS-ELS:mod_ssl-1:2.0.46-78.ent.i386",
"3ES-ELS:httpd-0:2.0.46-78.ent.i386",
"3ES-ELS:httpd-0:2.0.46-78.ent.src",
"3ES-ELS:httpd-debuginfo-0:2.0.46-78.ent.i386",
"3ES-ELS:httpd-devel-0:2.0.46-78.ent.i386",
"3ES-ELS:mod_ssl-1:2.0.46-78.ent.i386"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-3192"
},
{
"category": "external",
"summary": "RHBZ#732928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-3192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3192"
}
],
"release_date": "2011-08-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-09-15T17:42:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"3AS-ELS:httpd-0:2.0.46-78.ent.i386",
"3AS-ELS:httpd-0:2.0.46-78.ent.src",
"3AS-ELS:httpd-debuginfo-0:2.0.46-78.ent.i386",
"3AS-ELS:httpd-devel-0:2.0.46-78.ent.i386",
"3AS-ELS:mod_ssl-1:2.0.46-78.ent.i386",
"3ES-ELS:httpd-0:2.0.46-78.ent.i386",
"3ES-ELS:httpd-0:2.0.46-78.ent.src",
"3ES-ELS:httpd-debuginfo-0:2.0.46-78.ent.i386",
"3ES-ELS:httpd-devel-0:2.0.46-78.ent.i386",
"3ES-ELS:mod_ssl-1:2.0.46-78.ent.i386"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1300"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"3AS-ELS:httpd-0:2.0.46-78.ent.i386",
"3AS-ELS:httpd-0:2.0.46-78.ent.src",
"3AS-ELS:httpd-debuginfo-0:2.0.46-78.ent.i386",
"3AS-ELS:httpd-devel-0:2.0.46-78.ent.i386",
"3AS-ELS:mod_ssl-1:2.0.46-78.ent.i386",
"3ES-ELS:httpd-0:2.0.46-78.ent.i386",
"3ES-ELS:httpd-0:2.0.46-78.ent.src",
"3ES-ELS:httpd-debuginfo-0:2.0.46-78.ent.i386",
"3ES-ELS:httpd-devel-0:2.0.46-78.ent.i386",
"3ES-ELS:mod_ssl-1:2.0.46-78.ent.i386"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: multiple ranges DoS"
}
]
}
RHSA-2011:1330
Vulnerability from csaf_redhat - Published: 2011-09-21 20:00 - Updated: 2025-11-21 17:39Summary
Red Hat Security Advisory: JBoss Enterprise Web Server 1.0.2 security update
Notes
Topic
An update for the Apache HTTP Server component for JBoss Enterprise Web
Server 1.0.2 that fixes one security issue is now available from the Red
Hat Customer Portal.
The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.
Details
The Apache HTTP Server is a popular web server.
A flaw was found in the way the Apache HTTP Server handled Range HTTP
headers. A remote attacker could use this flaw to cause the Apache HTTP
Server to use an excessive amount of memory and CPU time via HTTP requests
with a specially-crafted Range header. (CVE-2011-3192)
All users of JBoss Enterprise Web Server 1.0.2 as provided from the Red Hat
Customer Portal are advised to apply this update.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the Apache HTTP Server component for JBoss Enterprise Web\nServer 1.0.2 that fixes one security issue is now available from the Red\nHat Customer Portal.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from the\nCVE link in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Apache HTTP Server is a popular web server.\n\nA flaw was found in the way the Apache HTTP Server handled Range HTTP\nheaders. A remote attacker could use this flaw to cause the Apache HTTP\nServer to use an excessive amount of memory and CPU time via HTTP requests\nwith a specially-crafted Range header. (CVE-2011-3192)\n\nAll users of JBoss Enterprise Web Server 1.0.2 as provided from the Red Hat\nCustomer Portal are advised to apply this update.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2011:1330",
"url": "https://access.redhat.com/errata/RHSA-2011:1330"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=1.0.2",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=1.0.2"
},
{
"category": "external",
"summary": "732928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_1330.json"
}
],
"title": "Red Hat Security Advisory: JBoss Enterprise Web Server 1.0.2 security update",
"tracking": {
"current_release_date": "2025-11-21T17:39:00+00:00",
"generator": {
"date": "2025-11-21T17:39:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2011:1330",
"initial_release_date": "2011-09-21T20:00:00+00:00",
"revision_history": [
{
"date": "2011-09-21T20:00:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-02-20T12:43:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:39:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Web Server 1.0",
"product": {
"name": "Red Hat JBoss Web Server 1.0",
"product_id": "Red Hat JBoss Web Server 1.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Web Server"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2011-3192",
"discovery_date": "2011-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "732928"
}
],
"notes": [
{
"category": "description",
"text": "The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: multiple ranges DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Before updated packages are deployed, users can deploy configuration changes to mitigate this flaw:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3192#c18",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 1.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-3192"
},
{
"category": "external",
"summary": "RHBZ#732928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-3192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3192"
}
],
"release_date": "2011-08-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-09-21T20:00:00+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, backup your\nexisting JBoss Enterprise Web Server installation (including all\napplications and configuration files).\n\nThe JBoss server process must be restarted for this update to take effect.",
"product_ids": [
"Red Hat JBoss Web Server 1.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1330"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss Web Server 1.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: multiple ranges DoS"
}
]
}
RHSA-2011:1369
Vulnerability from csaf_redhat - Published: 2011-10-13 19:33 - Updated: 2025-11-21 17:39Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
Updated httpd packages that fix one security issue are now available for
Red Hat Application Stack v2.
The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.
Details
The Apache HTTP Server is a popular web server.
A flaw was found in the way the Apache HTTP Server handled Range HTTP
headers. A remote attacker could use this flaw to cause httpd to use an
excessive amount of memory and CPU time via HTTP requests with a
specially-crafted Range header. (CVE-2011-3192)
All httpd users should upgrade to these updated packages, which contain a
backported patch to correct this issue. After installing the updated
packages, the httpd daemon must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated httpd packages that fix one security issue are now available for\nRed Hat Application Stack v2.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from the\nCVE link in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Apache HTTP Server is a popular web server.\n\nA flaw was found in the way the Apache HTTP Server handled Range HTTP\nheaders. A remote attacker could use this flaw to cause httpd to use an\nexcessive amount of memory and CPU time via HTTP requests with a\nspecially-crafted Range header. (CVE-2011-3192)\n\nAll httpd users should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2011:1369",
"url": "https://access.redhat.com/errata/RHSA-2011:1369"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "732928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_1369.json"
}
],
"title": "Red Hat Security Advisory: httpd security update",
"tracking": {
"current_release_date": "2025-11-21T17:39:04+00:00",
"generator": {
"date": "2025-11-21T17:39:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2011:1369",
"initial_release_date": "2011-10-13T19:33:00+00:00",
"revision_history": [
{
"date": "2011-10-13T19:33:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2011-10-13T15:43:50+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:39:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Application Stack v2 for Enterprise Linux (v.5)",
"product": {
"name": "Red Hat Application Stack v2 for Enterprise Linux (v.5)",
"product_id": "5Server-Stacks",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_application_stack:2"
}
}
}
],
"category": "product_family",
"name": "Red Hat Application Stack"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.2.13-3.el5s2.x86_64",
"product": {
"name": "httpd-manual-0:2.2.13-3.el5s2.x86_64",
"product_id": "httpd-manual-0:2.2.13-3.el5s2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.13-3.el5s2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.13-3.el5s2.x86_64",
"product": {
"name": "httpd-devel-0:2.2.13-3.el5s2.x86_64",
"product_id": "httpd-devel-0:2.2.13-3.el5s2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.13-3.el5s2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.13-3.el5s2.x86_64",
"product": {
"name": "httpd-0:2.2.13-3.el5s2.x86_64",
"product_id": "httpd-0:2.2.13-3.el5s2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.13-3.el5s2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.13-3.el5s2.x86_64",
"product": {
"name": "mod_ssl-1:2.2.13-3.el5s2.x86_64",
"product_id": "mod_ssl-1:2.2.13-3.el5s2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.13-3.el5s2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.13-3.el5s2.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.2.13-3.el5s2.x86_64",
"product_id": "httpd-debuginfo-0:2.2.13-3.el5s2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.13-3.el5s2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-devel-0:2.2.13-3.el5s2.i386",
"product": {
"name": "httpd-devel-0:2.2.13-3.el5s2.i386",
"product_id": "httpd-devel-0:2.2.13-3.el5s2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.13-3.el5s2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.13-3.el5s2.i386",
"product": {
"name": "httpd-debuginfo-0:2.2.13-3.el5s2.i386",
"product_id": "httpd-debuginfo-0:2.2.13-3.el5s2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.13-3.el5s2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.2.13-3.el5s2.i386",
"product": {
"name": "httpd-manual-0:2.2.13-3.el5s2.i386",
"product_id": "httpd-manual-0:2.2.13-3.el5s2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.13-3.el5s2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.13-3.el5s2.i386",
"product": {
"name": "httpd-0:2.2.13-3.el5s2.i386",
"product_id": "httpd-0:2.2.13-3.el5s2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.13-3.el5s2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.13-3.el5s2.i386",
"product": {
"name": "mod_ssl-1:2.2.13-3.el5s2.i386",
"product_id": "mod_ssl-1:2.2.13-3.el5s2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.13-3.el5s2?arch=i386\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.2.13-3.el5s2.src",
"product": {
"name": "httpd-0:2.2.13-3.el5s2.src",
"product_id": "httpd-0:2.2.13-3.el5s2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.13-3.el5s2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.13-3.el5s2.i386 as a component of Red Hat Application Stack v2 for Enterprise Linux (v.5)",
"product_id": "5Server-Stacks:httpd-0:2.2.13-3.el5s2.i386"
},
"product_reference": "httpd-0:2.2.13-3.el5s2.i386",
"relates_to_product_reference": "5Server-Stacks"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.13-3.el5s2.src as a component of Red Hat Application Stack v2 for Enterprise Linux (v.5)",
"product_id": "5Server-Stacks:httpd-0:2.2.13-3.el5s2.src"
},
"product_reference": "httpd-0:2.2.13-3.el5s2.src",
"relates_to_product_reference": "5Server-Stacks"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.13-3.el5s2.x86_64 as a component of Red Hat Application Stack v2 for Enterprise Linux (v.5)",
"product_id": "5Server-Stacks:httpd-0:2.2.13-3.el5s2.x86_64"
},
"product_reference": "httpd-0:2.2.13-3.el5s2.x86_64",
"relates_to_product_reference": "5Server-Stacks"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.13-3.el5s2.i386 as a component of Red Hat Application Stack v2 for Enterprise Linux (v.5)",
"product_id": "5Server-Stacks:httpd-debuginfo-0:2.2.13-3.el5s2.i386"
},
"product_reference": "httpd-debuginfo-0:2.2.13-3.el5s2.i386",
"relates_to_product_reference": "5Server-Stacks"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.13-3.el5s2.x86_64 as a component of Red Hat Application Stack v2 for Enterprise Linux (v.5)",
"product_id": "5Server-Stacks:httpd-debuginfo-0:2.2.13-3.el5s2.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.13-3.el5s2.x86_64",
"relates_to_product_reference": "5Server-Stacks"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.13-3.el5s2.i386 as a component of Red Hat Application Stack v2 for Enterprise Linux (v.5)",
"product_id": "5Server-Stacks:httpd-devel-0:2.2.13-3.el5s2.i386"
},
"product_reference": "httpd-devel-0:2.2.13-3.el5s2.i386",
"relates_to_product_reference": "5Server-Stacks"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.13-3.el5s2.x86_64 as a component of Red Hat Application Stack v2 for Enterprise Linux (v.5)",
"product_id": "5Server-Stacks:httpd-devel-0:2.2.13-3.el5s2.x86_64"
},
"product_reference": "httpd-devel-0:2.2.13-3.el5s2.x86_64",
"relates_to_product_reference": "5Server-Stacks"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.13-3.el5s2.i386 as a component of Red Hat Application Stack v2 for Enterprise Linux (v.5)",
"product_id": "5Server-Stacks:httpd-manual-0:2.2.13-3.el5s2.i386"
},
"product_reference": "httpd-manual-0:2.2.13-3.el5s2.i386",
"relates_to_product_reference": "5Server-Stacks"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.13-3.el5s2.x86_64 as a component of Red Hat Application Stack v2 for Enterprise Linux (v.5)",
"product_id": "5Server-Stacks:httpd-manual-0:2.2.13-3.el5s2.x86_64"
},
"product_reference": "httpd-manual-0:2.2.13-3.el5s2.x86_64",
"relates_to_product_reference": "5Server-Stacks"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.13-3.el5s2.i386 as a component of Red Hat Application Stack v2 for Enterprise Linux (v.5)",
"product_id": "5Server-Stacks:mod_ssl-1:2.2.13-3.el5s2.i386"
},
"product_reference": "mod_ssl-1:2.2.13-3.el5s2.i386",
"relates_to_product_reference": "5Server-Stacks"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.13-3.el5s2.x86_64 as a component of Red Hat Application Stack v2 for Enterprise Linux (v.5)",
"product_id": "5Server-Stacks:mod_ssl-1:2.2.13-3.el5s2.x86_64"
},
"product_reference": "mod_ssl-1:2.2.13-3.el5s2.x86_64",
"relates_to_product_reference": "5Server-Stacks"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2011-3192",
"discovery_date": "2011-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "732928"
}
],
"notes": [
{
"category": "description",
"text": "The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: multiple ranges DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Before updated packages are deployed, users can deploy configuration changes to mitigate this flaw:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3192#c18",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Stacks:httpd-0:2.2.13-3.el5s2.i386",
"5Server-Stacks:httpd-0:2.2.13-3.el5s2.src",
"5Server-Stacks:httpd-0:2.2.13-3.el5s2.x86_64",
"5Server-Stacks:httpd-debuginfo-0:2.2.13-3.el5s2.i386",
"5Server-Stacks:httpd-debuginfo-0:2.2.13-3.el5s2.x86_64",
"5Server-Stacks:httpd-devel-0:2.2.13-3.el5s2.i386",
"5Server-Stacks:httpd-devel-0:2.2.13-3.el5s2.x86_64",
"5Server-Stacks:httpd-manual-0:2.2.13-3.el5s2.i386",
"5Server-Stacks:httpd-manual-0:2.2.13-3.el5s2.x86_64",
"5Server-Stacks:mod_ssl-1:2.2.13-3.el5s2.i386",
"5Server-Stacks:mod_ssl-1:2.2.13-3.el5s2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-3192"
},
{
"category": "external",
"summary": "RHBZ#732928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-3192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3192"
}
],
"release_date": "2011-08-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-10-13T19:33:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Server-Stacks:httpd-0:2.2.13-3.el5s2.i386",
"5Server-Stacks:httpd-0:2.2.13-3.el5s2.src",
"5Server-Stacks:httpd-0:2.2.13-3.el5s2.x86_64",
"5Server-Stacks:httpd-debuginfo-0:2.2.13-3.el5s2.i386",
"5Server-Stacks:httpd-debuginfo-0:2.2.13-3.el5s2.x86_64",
"5Server-Stacks:httpd-devel-0:2.2.13-3.el5s2.i386",
"5Server-Stacks:httpd-devel-0:2.2.13-3.el5s2.x86_64",
"5Server-Stacks:httpd-manual-0:2.2.13-3.el5s2.i386",
"5Server-Stacks:httpd-manual-0:2.2.13-3.el5s2.x86_64",
"5Server-Stacks:mod_ssl-1:2.2.13-3.el5s2.i386",
"5Server-Stacks:mod_ssl-1:2.2.13-3.el5s2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1369"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-Stacks:httpd-0:2.2.13-3.el5s2.i386",
"5Server-Stacks:httpd-0:2.2.13-3.el5s2.src",
"5Server-Stacks:httpd-0:2.2.13-3.el5s2.x86_64",
"5Server-Stacks:httpd-debuginfo-0:2.2.13-3.el5s2.i386",
"5Server-Stacks:httpd-debuginfo-0:2.2.13-3.el5s2.x86_64",
"5Server-Stacks:httpd-devel-0:2.2.13-3.el5s2.i386",
"5Server-Stacks:httpd-devel-0:2.2.13-3.el5s2.x86_64",
"5Server-Stacks:httpd-manual-0:2.2.13-3.el5s2.i386",
"5Server-Stacks:httpd-manual-0:2.2.13-3.el5s2.x86_64",
"5Server-Stacks:mod_ssl-1:2.2.13-3.el5s2.i386",
"5Server-Stacks:mod_ssl-1:2.2.13-3.el5s2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: multiple ranges DoS"
}
]
}
VAR-201108-0132
Vulnerability from variot - Updated: 2025-12-22 21:25The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086. Apache HTTPD server contains a denial-of-service vulnerability in the way multiple overlapping ranges are handled. Both the 'Range' header and the 'Range-Request' header are vulnerable. An attack tool, commonly known as 'Apache Killer', has been released in the wild. The attack tool causes a significant increase in CPU and memory usage on the server. Successful exploits will result in a denial-of-service condition. Multiple Cisco products may be affected by this vulnerability.
Mitigations that can be deployed on Cisco devices within the network are available in the Cisco Applied Intelligence companion document for this Advisory: http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=24024
This advisory is posted at: http://www.cisco.com/warp/public/707/cisco-sa-20110830-apache.shtml
Affected Products
Cisco is currently evaluating products for possible exposure to this vulnerability. Products will only be listed in the Vulnerable Products or Products Confirmed Not Vulnerable sections of this security advisory when a final determination about exposure is made. Products that are not listed in either of these two sections are still being evaluated.
Vulnerable Products +------------------
This section will be updated when more information is available. The following products are confirmed to be affected by this vulnerability:
- Cisco MDS 9000 NX-OS Software releases prior to 4.2.x are affected. Cisco MDS 9000 NX-OS Software releases 4.2.x and later are not affected.
- Cisco NX-OS Software for Cisco Nexus 7000 Series Switches releases prior to 4.2.x are affected. Cisco NX-OS Software for Cisco Nexus 7000 Series Switches versions 4.2.x and later are not affected.
- Cisco TelePresence Video Communication Server (Cisco TelePresence VCS)
- Cisco Video Surveillance Manager (VSM)
- Cisco Video Surveillance Operations Manager (VSOM)
- Cisco Wireless Control System (WCS)
Products Confirmed Not Vulnerable +--------------------------------
The following products are confirmed not vulnerable:
- Cisco ASA 5500 Series Adaptive Security Appliances
- Cisco Catalyst 6500 Series ASA Services Module
- Cisco Catalyst 6500 Series Firewall Services Module
- Cisco Fabric Manager
- Cisco Identity Services Engine
- Cisco Intercompany Media Engine
- Cisco IOS Software
- Cisco IOS XE Software
- Cisco IOS XR Software
- Cisco IP Interoperability and Collaboration System (IPICS)
- Cisco Unified IP Phones
- Cisco MDS 9000 NX-OS Software releases 4.2.x or later (prior versions are affected)
- Cisco NX-OS Software for Nexus 7000 Series Switches releases 4.2.x or later (prior versions are affected)
- Cisco Prime Central
- Cisco Prime Optical
- Cisco Prime Performance Manager
- Cisco TelePresence Server
- Cisco Unified Communications Manager (formerly Cisco CallManager)
- Cisco Unity
- Cisco Unity Connection
- Cisco Wireless LAN Controllers (WLC)
This section will be updated when more information is available. Multiple Cisco products may be affected by this vulnerability.
The following Cisco bug IDs are being used to track potential exposure to this vulnerability. The following Cisco bug IDs do not confirm that a product is vulnerable; rather, the Cisco bug IDs indicate that the product is under investigation by the appropriate product teams.
+--------------------------------------------------------------------------------------------+ | Cisco Product | Cisco bug ID | |----------------------------------------------------------------+---------------------------| | Cisco ACE 4710 Appliance | CSCts35635 | |----------------------------------------------------------------+---------------------------| | Cisco ACE Application Control Engine Module | CSCts35610 | |----------------------------------------------------------------+---------------------------| | Cisco ACE GSS 4400 Series Global Site Selector (GSS) | CSCts33313 | |----------------------------------------------------------------+---------------------------| | Cisco ACE XML Gateway | CSCts33321 | |----------------------------------------------------------------+---------------------------| | Cisco Active Network Abstraction | CSCts33317 | |----------------------------------------------------------------+---------------------------| | Cisco ASA 5500 Series Adaptive Security Appliances | CSCts33180 | |----------------------------------------------------------------+---------------------------| | Cisco CNS Network Registrar | CSCts36064 | |----------------------------------------------------------------+---------------------------| | Cisco Conductor for Videoscape | CSCts32986 | |----------------------------------------------------------------+---------------------------| | Cisco Content Delivery Engine | CSCts36206 | |----------------------------------------------------------------+---------------------------| | Cisco Content Delivery System Internet Streamer | CSCts35643 | |----------------------------------------------------------------+---------------------------| | Cisco Detector XT DDoS Mitigation Appliance | CSCts33211 | |----------------------------------------------------------------+---------------------------| | Cisco Guard XT DDoS Mitigation Appliance | CSCts33210 | |----------------------------------------------------------------+---------------------------| | Cisco Healthpresence | CSCts36069 | |----------------------------------------------------------------+---------------------------| | Cisco Identity Services Engine | CSCts33092 | |----------------------------------------------------------------+---------------------------| | Cisco IP Interoperability and Collaboration System | CSCts33206 | |----------------------------------------------------------------+---------------------------| | Cisco IP Phones | CSCts33264 | |----------------------------------------------------------------+---------------------------| | Cisco IPS Software | CSCts33199 | |----------------------------------------------------------------+---------------------------| | Cisco MDS 9000 SAN Device Management | CSCts33220 | |----------------------------------------------------------------+---------------------------| | Cisco MDS 9000 Series Multilayer Switches | CSCts33294 | |----------------------------------------------------------------+---------------------------| | Cisco NAC Manager | CSCts32965 | |----------------------------------------------------------------+---------------------------| | Cisco NAC Profiler | CSCts33267 | |----------------------------------------------------------------+---------------------------| | Cisco NAC Server | CSCts32976 | |----------------------------------------------------------------+---------------------------| | Cisco Network Analysis Module | CSCts33320 | |----------------------------------------------------------------+---------------------------| | Cisco Networking Services (CNS) Software | CSCts33279 | |----------------------------------------------------------------+---------------------------| | Cisco Nexus 5000 Series Switches | CSCts35605 | |----------------------------------------------------------------+---------------------------| | Cisco Nexus 7000 Series Switches | CSCts35665 | |----------------------------------------------------------------+---------------------------| | Cisco OnPlus Network Management and Automation | CSCts33287 | |----------------------------------------------------------------+---------------------------| | Cisco Prime Central | CSCts33004 | |----------------------------------------------------------------+---------------------------| | Cisco Prime Network Control System | CSCts33114 | |----------------------------------------------------------------+---------------------------| | Cisco Prime Performance Manager | CSCts36072 | |----------------------------------------------------------------+---------------------------| | Cisco Quad Collaboration | CSCts36158 | |----------------------------------------------------------------+---------------------------| | Cisco Secure Access Control System | CSCts33196 | |----------------------------------------------------------------+---------------------------| | Cisco Security Manager | CSCts33056 | |----------------------------------------------------------------+---------------------------| | Cisco Service Exchange Framework | CSCts33218 | |----------------------------------------------------------------+---------------------------| | Cisco Signaling Gateway Manager | CSCts33248 | |----------------------------------------------------------------+---------------------------| | Cisco Small Business Network Storage Systems | CSCts33288 | |----------------------------------------------------------------+---------------------------| | Cisco SSC System Manager | CSCts36187 | |----------------------------------------------------------------+---------------------------| | Cisco TelePresence Manager | CSCts33310 | |----------------------------------------------------------------+---------------------------| | Cisco TelePresence Multipoint Switch | CSCts33224 | |----------------------------------------------------------------+---------------------------| | Cisco TelePresence Server | CSCts33230 | |----------------------------------------------------------------+---------------------------| | Cisco CTS 500-32 Telepresence System Series | CSCts35874 | |----------------------------------------------------------------+---------------------------| | All Cisco CTS TelePresence Systems except Cisco CTS 500-32 | CSCts33276 | | TelePresence System Series | | |----------------------------------------------------------------+---------------------------| | Cisco Telepresence System Integrator C Series | CSCts35860 | |----------------------------------------------------------------+---------------------------| | Cisco UCS B-Series Blade Servers | CSCts33291 | |----------------------------------------------------------------+---------------------------| | Cisco Unified Communications Manager | CSCts32992 | |----------------------------------------------------------------+---------------------------| | Cisco Unified Communications System Voice and Unified | CSCts33271 | | Communications (VOSS) | | |----------------------------------------------------------------+---------------------------| | Cisco Unified MeetingPlace | CSCts33169 | |----------------------------------------------------------------+---------------------------| | Cisco Unified Operations Manager | CSCts33273 | |----------------------------------------------------------------+---------------------------| | Cisco Unified Presence Server | CSCts33257 | |----------------------------------------------------------------+---------------------------| | Cisco Unified Service Monitor | CSCts35893 | |----------------------------------------------------------------+---------------------------| | Cisco Unified Service Statistics Manager | CSCts36074 | |----------------------------------------------------------------+---------------------------| | Cisco Unity | CSCts33302 | |----------------------------------------------------------------+---------------------------| | Cisco Unity Connection | CSCts33260 | |----------------------------------------------------------------+---------------------------| | Cisco Video Surveillance Manager | CSCts33173 | |----------------------------------------------------------------+---------------------------| | Cisco Video Surveillance Operations Manager | CSCts33178 | |----------------------------------------------------------------+---------------------------| | Cisco Virtual Network Management | CSCts36207 | |----------------------------------------------------------------+---------------------------| | Cisco Voice Manager (CVM) | CSCts36152 | |----------------------------------------------------------------+---------------------------| | Cisco Wide Area Application Services (WAAS) Software | CSCts33254 | |----------------------------------------------------------------+---------------------------| | Cisco Wireless Control System (WCS) | CSCts33325 | |----------------------------------------------------------------+---------------------------| | Cisco Wireless Control System Navigator | CSCts33052 | |----------------------------------------------------------------+---------------------------| | Cisco Wireless LAN Controllers (WLC) | CSCts33327 | |----------------------------------------------------------------+---------------------------| | CiscoWorks Common Services | CSCts33049 | |----------------------------------------------------------------+---------------------------| | CiscoWorks LAN Management Solution (LMS) | CSCts35837 | |----------------------------------------------------------------+---------------------------| | Cisco Digital Media Suite Products | CSCts33189 | |----------------------------------------------------------------+---------------------------| | Management Center for Cisco Security Agents | CSCts33208 | |----------------------------------------------------------------+---------------------------| | Service Exchange Framework | CSCts36185 | |----------------------------------------------------------------+---------------------------| | Cisco Shared Network Management and Automation | CSCts33476 | +--------------------------------------------------------------------------------------------+
This vulnerability has been assigned the Common Vulnerabilities and Exposures (CVE) identifier CVE-2011-3192.
Vulnerability Scoring Details +----------------------------
Cisco has provided scores for the vulnerability in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding CVSS at
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at:
http://intellishield.cisco.com/security/alertmanager/cvss
- Apache HTTPd Range Header Denial of Service Vulnerability
CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete
CVSS Temporal Score - 7.8 Exploitability - High Remediation Level - Unavailable Report Confidence - Confirmed
Impact
Successful exploitation of this vulnerability could cause significant memory and CPU utilization on affected products.
Software Versions and Fixes
When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution.
In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance.
Cisco NX-OS Software +------------------- Cisco MDS 9000 NX-OS Software releases prior to 4.2.x are affected. Cisco MDS 9000 NX-OS Software releases 4.2.x and later are not affected.
Cisco NX-OS Software for Cisco Nexus 7000 Series Switches releases prior to 4.2.x are affected. Cisco NX-OS Software for Cisco Nexus 7000 Series Switches releases 4.2.x and later are not affected.
Cisco Video Surveillance Manager (VSM) +------------------------------------- No fixed software is available.
Cisco Video Surveillance Operations Manager (VSOM) +------------------------------------------------- No fixed software is available.
This section will be updated when more information is available.
Workarounds
Mitigations that can be deployed on Cisco devices within the network are available in the Cisco Applied Intelligence companion document for this Advisory: http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=24024
Obtaining Fixed Software
Cisco has released free software updates that address this vulnerability. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html or as otherwise set forth at Cisco.com Downloads at: http://www.cisco.com/public/sw-center/sw-usingswc.shtml
Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades.
Customers with Service Contracts
Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com
Customers using Third Party Support Organizations
Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory.
The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed.
Customers without Service Contracts
Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows.
- +1 800 553 2447 (toll free from within North America)
- +1 408 526 7209 (toll call from anywhere in the world)
- e-mail: tac@cisco.com
Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC.
Refer to http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages.
Exploitation and Public Announcements
This vulnerability was initially reported to the Full Disclosure mailing list at the following link: http://seclists.org/fulldisclosure/2011/Aug/175
Apache has confirmed that it is aware of exploitation of this vulnerability. Cisco is not aware of malicious exploitation of this vulnerability related specifically to Cisco products.
Proof-of-concept code is available for this vulnerability.
Status of this Notice: INTERIM
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. CISCO EXPECTS TO UPDATE THIS DOCUMENT AS NEW INFORMATION BECOMES AVAILABLE.
A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.
Distribution
This advisory is posted on Cisco's worldwide website at:
http://www.cisco.com/warp/public/707/cisco-sa-20110830-apache.shtml
In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients.
- cust-security-announce@cisco.com
- first-bulletins@lists.first.org
- bugtraq@securityfocus.com
- vulnwatch@vulnwatch.org
- cisco@spot.colorado.edu
- cisco-nsp@puck.nether.net
- full-disclosure@lists.grok.org.uk
- comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.
Revision History
+---------------------------------------+ | Revision | | Initial | | 1.0 | 2011-August-30 | public | | | | release. | +---------------------------------------+
Cisco Security Procedures
Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at: http://www.cisco.com/go/psirt
+-------------------------------------------------------------------- Copyright 2010-2011 Cisco Systems, Inc. All rights reserved. +-------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (SunOS)
iFcDBQFOXE95QXnnBKKRMNARCNOOAPwNqw0GmcvgFiKgHiHKH/T2rH/tiaXmqEU5 zwHUOqyYegD8CZvVuM9OPIOb3f3AeMz5HxYDbPMxkg+SEURf05JtyBw= =lasc -----END PGP SIGNATURE----- . For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Here are the details from the Slackware 13.37 ChangeLog: +--------------------------+ patches/packages/httpd-2.2.21-i486-1_slack13.37.txz: Upgraded. Respond with HTTP_NOT_IMPLEMENTED when the method is not recognized. [Jean-Frederic Clere] SECURITY: CVE-2011-3348 Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20. PR 51748. [] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 12.0: ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/httpd-2.2.21-i486-1_slack12.0.tgz
Updated package for Slackware 12.1: ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/httpd-2.2.21-i486-1_slack12.1.tgz
Updated package for Slackware 12.2: ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/httpd-2.2.21-i486-1_slack12.2.tgz
Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/httpd-2.2.21-i486-1_slack13.0.txz
Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/httpd-2.2.21-x86_64-1_slack13.0.txz
Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/httpd-2.2.21-i486-1_slack13.1.txz
Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/httpd-2.2.21-x86_64-1_slack13.1.txz
Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/httpd-2.2.21-i486-1_slack13.37.txz
Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/httpd-2.2.21-x86_64-1_slack13.37.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/httpd-2.2.21-i486-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/httpd-2.2.21-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 12.0 package: e6ed3d69eeb235a35799ad4fb43b02bb httpd-2.2.21-i486-1_slack12.0.tgz
Slackware 12.1 package: 531a640d39b1ec2f4216a8fa4cea9c52 httpd-2.2.21-i486-1_slack12.1.tgz
Slackware 12.2 package: f93ceab045175be85509f0b9f7be0993 httpd-2.2.21-i486-1_slack12.2.tgz
Slackware 13.0 package: 569145d8fb1f800f04f4d6333f16f704 httpd-2.2.21-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: 03f6c419d49e3c4a351956ad27d72fd6 httpd-2.2.21-x86_64-1_slack13.0.txz
Slackware 13.1 package: 1a218016a62fbaf8a110e6afcc6789b2 httpd-2.2.21-i486-1_slack13.1.txz
Slackware x86_64 13.1 package: 82eed1a8af9ab4545a18158f4a4641c1 httpd-2.2.21-x86_64-1_slack13.1.txz
Slackware 13.37 package: d7c15df0fcc28648220ad329b0685f65 httpd-2.2.21-i486-1_slack13.37.txz
Slackware x86_64 13.37 package: a192a12b1b63489733a7b8fc62435d3d httpd-2.2.21-x86_64-1_slack13.37.txz
Slackware -current package: a16f461ad9843823811c40de6f38b63e n/httpd-2.2.21-i486-1.txz
Slackware x86_64 -current package: 0b4c491e383ea496020db90aa67b970c n/httpd-2.2.21-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg httpd-2.2.21-i486-1_slack13.37.txz
Then, restart the httpd daemon.
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address.
Release Date: 2011-09-08 Last Updated: 2011-09-23
Potential Security Impact: Remote Denial of Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP-UX Apache Web Server. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS).
References: CVE-2011-3192, CVE-2011-0419
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.23, B.11.31 running HP-UX Apache Web Server Suite v3.17 containing Apache v2.2.15.07 or earlier HP-UX B.11.11 running HP-UX Apache Web Server Suite v2.33 containing Apache v2.0.64.01 or earlier
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2011-3192 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2011-0419 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
This bulletin will be revised when additional information becomes available.
HP has provided the following software updates to resolve these vulnerabilities.
HP-UX Web Server Suite (WSS) v3.18 containing Apache v2.2.15.08
The WSS v3.18 update is available for download from the following location https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXWSATW318
HP-UX 11i Releases / Apache Depot name
B.11.23 & B.11.31 (32-bit) / HPUXWS22ATW-B318-32.depot
B.11.23 & B.11.31 (64-bit) / HPUXWS22ATW-B318-64.depot
HP-UX Web Server Suite (WSS) v2.33 containing Apache v2.0.64.01 and earlier
The WSS v2.33 preliminary update is available for download from the following location ftp://srt10606:P2xg=AD5@ftp.usa.hp.com or https://ftp.usa.hp.com/hprc/home with username srt10606 and password P2xg=AD5
NOTE: CVE-2011-0419 is not resolved in the WSS v2.33 depot below.
HP-UX 11i Release / Apache Depot name
B.11.11 / Apache-2.0-CVE-2011-3192-Fix-11.11.depot
B.11.23 (32 & 64-bit) / No longer supported. Upgrade to WSS v 3.18
B.11.31 (32 & 64-bit) / No longer supported. Upgrade to WSS v 3.18
Alternatives to Installing the WSS v2.33 Preliminary Patch The Apache Software Foundation has documented a work around. For customers not wanting to install the WSS v2.33 preliminary patch, the following are recommended.
1) Use SetEnvIf or mod_rewrite to detect a large number of ranges and then either ignore the Range: header or reject the request.
2) Limit the size of the request field to a few hundred bytes.
3) Use mod_headers to completely disallow the use of Range headers.
Please refer to the Apache advisory for details. http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110826103531.998348F82@minotaur.apache.org%3e
MANUAL ACTIONS: Yes - Update For B.11.23 and B.11.31 install HP-UX Web Server Suite v3.18 or subsequent. For B.11.11 install HP-UX Web Server Suite v2.33 or subsequent.
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically.
AFFECTED VERSIONS
HP-UX Web Server Suite v3.18 HP-UX B.11.23 HP-UX B.11.31 ================== hpuxws22APCH32.APACHE hpuxws22APCH32.APACHE2 hpuxws22APCH32.AUTH_LDAP hpuxws22APCH32.AUTH_LDAP2 hpuxws22APCH32.MOD_JK hpuxws22APCH32.MOD_JK2 hpuxws22APCH32.MOD_PERL hpuxws22APCH32.MOD_PERL2 hpuxws22APCH32.PHP hpuxws22APCH32.PHP2 hpuxws22APCH32.WEBPROXY hpuxws22APCH32.WEBPROXY2 hpuxws22APACHE.APACHE hpuxws22APACHE.APACHE2 hpuxws22APACHE.AUTH_LDAP hpuxws22APACHE.AUTH_LDAP2 hpuxws22APACHE.MOD_JK hpuxws22APACHE.MOD_JK2 hpuxws22APACHE.MOD_PERL hpuxws22APACHE.MOD_PERL2 hpuxws22APACHE.PHP hpuxws22APACHE.PHP2 hpuxws22APACHE.WEBPROXY hpuxws22APACHE.WEBPROXY2 action: install revision B.2.2.15.08 or subsequent
HP-UX Web Server Suite v2.33 HP-UX B.11.11 ================== hpuxwsAPACHE.APACHE hpuxwsAPACHE.APACHE2 hpuxwsAPACHE.AUTH_LDAP hpuxwsAPACHE.AUTH_LDAP2 hpuxwsAPACHE.MOD_JK hpuxwsAPACHE.MOD_JK2 hpuxwsAPACHE.MOD_PERL hpuxwsAPACHE.MOD_PERL2 hpuxwsAPACHE.PHP hpuxwsAPACHE.PHP2 hpuxwsAPACHE.WEBPROXY action: install revision B.2.0.64.01 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 8 September 2011 Initial release Version:2 (rev.2) - 8 September 2011 Updated affectivity, recommendations, typos Version:3 (rev.3) - 22 September 2011 New source for depots Version:4 (rev.4) - 23 September 2011 Apache WSS 2.33 depot for B.11.11 available
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2011 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. * Oracle Application Server 10g versions 10.1.2.3.0 and 10.1.3.5.0. Summary:
Updated httpd and httpd22 packages that fix one security issue are now available for JBoss Enterprise Web Server 1.0.2 for Red Hat Enterprise Linux 4, 5, and 6.
The Red Hat Security Response Team has rated this update as having important security impact.
- (CVE-2011-3192)
All users of JBoss Enterprise Web Server 1.0.2 should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, Red Hat Enterprise Linux 4 users must restart the httpd22 service, and Red Hat Enterprise Linux 5 and 6 users must restart the httpd service, for the update to take effect.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259
- Bugs fixed (http://bugzilla.redhat.com/):
732928 - CVE-2011-3192 httpd: multiple ranges DoS
- Package List:
JBoss Enterprise Web Server 1.0 for RHEL 4 AS:
Source: httpd22-2.2.17-16.ep5.el4.src.rpm
i386: httpd22-2.2.17-16.ep5.el4.i386.rpm httpd22-apr-2.2.17-16.ep5.el4.i386.rpm httpd22-apr-devel-2.2.17-16.ep5.el4.i386.rpm httpd22-apr-util-2.2.17-16.ep5.el4.i386.rpm httpd22-apr-util-devel-2.2.17-16.ep5.el4.i386.rpm httpd22-debuginfo-2.2.17-16.ep5.el4.i386.rpm httpd22-devel-2.2.17-16.ep5.el4.i386.rpm httpd22-manual-2.2.17-16.ep5.el4.i386.rpm mod_ssl22-2.2.17-16.ep5.el4.i386.rpm
x86_64: httpd22-2.2.17-16.ep5.el4.x86_64.rpm httpd22-apr-2.2.17-16.ep5.el4.x86_64.rpm httpd22-apr-devel-2.2.17-16.ep5.el4.x86_64.rpm httpd22-apr-util-2.2.17-16.ep5.el4.x86_64.rpm httpd22-apr-util-devel-2.2.17-16.ep5.el4.x86_64.rpm httpd22-debuginfo-2.2.17-16.ep5.el4.x86_64.rpm httpd22-devel-2.2.17-16.ep5.el4.x86_64.rpm httpd22-manual-2.2.17-16.ep5.el4.x86_64.rpm mod_ssl22-2.2.17-16.ep5.el4.x86_64.rpm
JBoss Enterprise Web Server 1.0 for RHEL 4 ES:
Source: httpd22-2.2.17-16.ep5.el4.src.rpm
i386: httpd22-2.2.17-16.ep5.el4.i386.rpm httpd22-apr-2.2.17-16.ep5.el4.i386.rpm httpd22-apr-devel-2.2.17-16.ep5.el4.i386.rpm httpd22-apr-util-2.2.17-16.ep5.el4.i386.rpm httpd22-apr-util-devel-2.2.17-16.ep5.el4.i386.rpm httpd22-debuginfo-2.2.17-16.ep5.el4.i386.rpm httpd22-devel-2.2.17-16.ep5.el4.i386.rpm httpd22-manual-2.2.17-16.ep5.el4.i386.rpm mod_ssl22-2.2.17-16.ep5.el4.i386.rpm
x86_64: httpd22-2.2.17-16.ep5.el4.x86_64.rpm httpd22-apr-2.2.17-16.ep5.el4.x86_64.rpm httpd22-apr-devel-2.2.17-16.ep5.el4.x86_64.rpm httpd22-apr-util-2.2.17-16.ep5.el4.x86_64.rpm httpd22-apr-util-devel-2.2.17-16.ep5.el4.x86_64.rpm httpd22-debuginfo-2.2.17-16.ep5.el4.x86_64.rpm httpd22-devel-2.2.17-16.ep5.el4.x86_64.rpm httpd22-manual-2.2.17-16.ep5.el4.x86_64.rpm mod_ssl22-2.2.17-16.ep5.el4.x86_64.rpm
JBoss Enterprise Web Server 1.0 for RHEL 5 Server:
Source: httpd-2.2.17-14.1.ep5.el5.src.rpm
i386: httpd-2.2.17-14.1.ep5.el5.i386.rpm httpd-debuginfo-2.2.17-14.1.ep5.el5.i386.rpm httpd-devel-2.2.17-14.1.ep5.el5.i386.rpm httpd-manual-2.2.17-14.1.ep5.el5.i386.rpm mod_ssl-2.2.17-14.1.ep5.el5.i386.rpm
x86_64: httpd-2.2.17-14.1.ep5.el5.x86_64.rpm httpd-debuginfo-2.2.17-14.1.ep5.el5.x86_64.rpm httpd-devel-2.2.17-14.1.ep5.el5.x86_64.rpm httpd-manual-2.2.17-14.1.ep5.el5.x86_64.rpm mod_ssl-2.2.17-14.1.ep5.el5.x86_64.rpm
JBoss Enterprise Web Server 1.0 for RHEL 6 Server:
Source: httpd-2.2.17-13.2.ep5.el6.src.rpm
i386: httpd-2.2.17-13.2.ep5.el6.i386.rpm httpd-debuginfo-2.2.17-13.2.ep5.el6.i386.rpm httpd-devel-2.2.17-13.2.ep5.el6.i386.rpm httpd-manual-2.2.17-13.2.ep5.el6.i386.rpm httpd-tools-2.2.17-13.2.ep5.el6.i386.rpm mod_ssl-2.2.17-13.2.ep5.el6.i386.rpm
x86_64: httpd-2.2.17-13.2.ep5.el6.x86_64.rpm httpd-debuginfo-2.2.17-13.2.ep5.el6.x86_64.rpm httpd-devel-2.2.17-13.2.ep5.el6.x86_64.rpm httpd-manual-2.2.17-13.2.ep5.el6.x86_64.rpm httpd-tools-2.2.17-13.2.ep5.el6.x86_64.rpm mod_ssl-2.2.17-13.2.ep5.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2011-3192.html https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/
TITLE: Hitachi Products ByteRange Filter Denial of Service Vulnerability
SECUNIA ADVISORY ID: SA46229
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46229/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46229
RELEASE DATE: 2011-10-30
DISCUSS ADVISORY: http://secunia.com/advisories/46229/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/46229/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46229
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Hitachi has acknowledged a vulnerability in multiple Hitachi products, which can be exploited by malicious people to cause a DoS (Denial of Service).
ORIGINAL ADVISORY: Hitachi (Japanese): http://www.hitachi.co.jp/Prod/comp/soft1/security/info/./vuls/HS11-020/index.html http://www.hitachi.co.jp/Prod/comp/soft1/security/info/./vuls/HS11-021/index.html http://www.hitachi.co.jp/Prod/comp/soft1/security/info/./vuls/HS11-022/index.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. HP OpenView Network Node Manager (OV NNM) v7.53 running on HP-UX, Linux, and Solaris.
Apache-2.2.21.tar.gz is available using ftp.
Host Account Password
ftp.usa.hp.com sb02704 Secure12
After downloading Apache-2.2.21.tar.gz optionally verify the SHA1 check sum: SHA1(Apache-2.2.21.tar)= 642721cac9a7c4d1e8e6033a5198071bbdd54840 SHA1(Apache-2.2.21.tar.gz)= 87d0c04be6dd06b52f1b9c7c645ce39fad117a08
The Apache-2.2.21.tar archive contains a README.txt file with installation instructions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201108-0132",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "web server",
"scope": "eq",
"trust": 2.4,
"vendor": "hitachi",
"version": "03-00-01"
},
{
"model": "web server",
"scope": "eq",
"trust": 2.1,
"vendor": "hitachi",
"version": "03-00"
},
{
"model": "web server",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "03-00-02"
},
{
"model": "web server",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "03-10"
},
{
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "10"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.0"
},
{
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.65"
},
{
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.20"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "11.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "10.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "8.04"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.3"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.35"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "10.10"
},
{
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.4"
},
{
"model": "web server linux",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "04-00"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "03-00-05"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "03-10-01"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apache http server",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva s a",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "oracle",
"version": null
},
{
"model": "jp1/cm2/snmp system observer",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "device manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1-00"
},
{
"model": "device manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1.1-03"
},
{
"model": "device manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.2-00"
},
{
"model": "tiered storage manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1-00"
},
{
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1.1-00"
},
{
"model": "device manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.2-01"
},
{
"model": "device manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.2-01"
},
{
"model": "device manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1.1-00"
},
{
"model": "device manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.2-00"
},
{
"model": "tiered storage manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1.1-00"
},
{
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1-00"
},
{
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.2-00"
},
{
"model": "jp1/hicommand device manager",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "5.9-08"
},
{
"model": "jp1/hicommand device manager",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "5.9-00"
},
{
"model": "device manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1-03"
},
{
"model": "tiered storage manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1-01"
},
{
"model": "device manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1-00"
},
{
"model": "device manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1-02"
},
{
"model": "device manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1.1-04"
},
{
"model": "web server linux",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "03-00"
},
{
"model": "tiered storage manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1.1-01"
},
{
"model": "device manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1.1-00"
},
{
"model": "device manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.0-06"
},
{
"model": "replication manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1-01"
},
{
"model": "device manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.2-02"
},
{
"model": "device manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.2-02"
},
{
"model": "device manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.0-00"
},
{
"model": "tiered storage manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.2-00"
},
{
"model": "replication manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1-00"
},
{
"model": "tiered storage manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.2-01"
},
{
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.2-01"
},
{
"model": "device manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1-02"
},
{
"model": "device manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1.1-04"
},
{
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1-01"
},
{
"model": "tuning manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.0"
},
{
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1.1-01"
},
{
"model": "replication manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.2-00"
},
{
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "03-00"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "04-10-02"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.3.1"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
},
{
"model": "management center for cisco security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-04"
},
{
"model": "device manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"model": "global link manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.6-00"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.58"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.54"
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "ciscoworks common services base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.42"
},
{
"model": "replication manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0.0-00"
},
{
"model": "tuning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.401"
},
{
"model": "jp1/hicommand tiered storage manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "linux enterprise sdk sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "hat jboss enterprise web server for rhel as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "41.0"
},
{
"model": "jp1/performance management web console",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-00"
},
{
"model": "ciscoworks common services base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "hat jboss enterprise web server for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "61.0.2"
},
{
"model": "global link manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.2-00"
},
{
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50-03"
},
{
"model": "jp1/hicommand tuning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "device manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.1-02"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "hat jboss enterprise web server for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "61.0"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.41"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "device manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.0-00"
},
{
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.9"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.57"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.11"
},
{
"model": "web server aix",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00"
},
{
"model": "device manager software (solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0-06(x64))"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "replication manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.1-01"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.49"
},
{
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-06"
},
{
"model": "web server 04-10",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00-2"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "software foundation apache 2.0.61-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-10"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "jp1/it resource management-manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-10-02"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.50"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-10-01"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.0-68"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.7"
},
{
"model": "interstage service integrator standard edition 9.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hat enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.10"
},
{
"model": "software foundation apache -beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.34"
},
{
"model": "point software secureplatform r60 hfa 05",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "systemwalker service quality coordinator enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "13.5"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2-77"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.4"
},
{
"model": "groupware server",
"scope": "ne",
"trust": 0.3,
"vendor": "kolab",
"version": "2.3.4"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-10-03"
},
{
"model": "jp1/hicommand provisioning manager (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-90"
},
{
"model": "interstage application development cycle manager standard editio 10.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "wireless control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.8"
},
{
"model": "ciscoworks lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "provisioning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "job management partner 1/performance management web console",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-0"
},
{
"model": "software foundation apache -dev",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.56"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"model": "jp1/hicommand provisioning manager )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-90"
},
{
"model": "device manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.0-00"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.1"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00-03"
},
{
"model": "web server solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00-01"
},
{
"model": "device manager software )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0-06"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2.77"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "provisioning manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0.0-00"
},
{
"model": "systemwalker availability view enterprise edition 13.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.17"
},
{
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-10-03"
},
{
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-10-04"
},
{
"model": "interstage application development cycle manager standard editio",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "10.0"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "point software secureplatform r65 hfa02",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "software foundation apache -beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.28"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.15"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.27"
},
{
"model": "device manager software (solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1.1-04(x64))"
},
{
"model": "linux enterprise server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-10-01(x64)"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.1"
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3"
},
{
"model": "network collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "ciscoworks common services base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.96"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.55"
},
{
"model": "software foundation apache 2.2.6-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-10-04"
},
{
"model": "interstage service integrator enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "global link manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.5-00"
},
{
"model": "systemwalker availability view standard edition 13.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.17"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0.0-00"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"model": "tuning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.2-01"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "interstage list manager enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "tiered storage manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0.0-00"
},
{
"model": "software foundation apache 2.2.15-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "jp1/hicommand device manager (solaris (s",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5.9.0-08"
},
{
"model": "ciscoworks lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50-01"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.2"
},
{
"model": "device manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"model": "interstage application development cycle manager enterprise edit",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "10.1"
},
{
"model": "web server (hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-0011.0)"
},
{
"model": "web server 2).(sola",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00-01(*"
},
{
"model": "interstage application development cycle manager enterprise edit",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "10.2"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "point software secureplatform ng fp1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "linux enterprise sdk sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.5"
},
{
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-10-05"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.45"
},
{
"model": "it operations analyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "02-53-01"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "global link manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "point software endpoint security",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "0"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "tiered storage manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"model": "tuning manager software )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.001"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.4"
},
{
"model": "hat jboss enterprise web server for rhel server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "51.0.2"
},
{
"model": "device manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.12"
},
{
"model": "hat enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "jp1/hicommand tiered storage manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-30"
},
{
"model": "jp1/hicommand device manager (solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5.9-00(x64))"
},
{
"model": "tuning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"model": "point software secureplatform r65.70",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "jp1/hicommand provisioning manager )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-10"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "device manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.13"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.68"
},
{
"model": "wireless control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.164"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.102"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0"
},
{
"model": "device manager software )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1.1-03"
},
{
"model": "systemwalker availability view standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "13.3"
},
{
"model": "video surveillance operations manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-08"
},
{
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50-02"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.31"
},
{
"model": "ciscoworks lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "wireless control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "jp1/performance management web console",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-00-08"
},
{
"model": "software foundation apache beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.28"
},
{
"model": "network collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00-04"
},
{
"model": "replication manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0.0-00"
},
{
"model": "replication manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1-00"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.1"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.28"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "device manager software (solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1.1-03(x64))"
},
{
"model": "point software secureplatform ng fp2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.35"
},
{
"model": "device manager software )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0-00"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "5665"
},
{
"model": "software foundation apache a9",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.42"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "jp1/hicommand tiered storage manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-90"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0-103"
},
{
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00-05"
},
{
"model": "os/400 v6r1m0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.4"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.95"
},
{
"model": "device manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.8"
},
{
"model": "software foundation apache 2.2.5-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "jp1/performance management web console",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-10"
},
{
"model": "onboard administrator",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.32"
},
{
"model": "jp1/performance management web console",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-00-07"
},
{
"model": "tiered storage manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"model": "it operations analyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "02-53"
},
{
"model": "jp1/hicommand tuning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-90"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.15"
},
{
"model": "it operations director",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "02-50-06"
},
{
"model": "point software security gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "0"
},
{
"model": "replication manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.2-00"
},
{
"model": "san-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0-95"
},
{
"model": "onboard administrator",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.31"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.41"
},
{
"model": "provisioning manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0.0-00"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.59"
},
{
"model": "hat jboss enterprise web server for rhel es",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "41.0.2"
},
{
"model": "groupware server -rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "meeting exchange sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "interstage software quality analyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "10.0"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "jp1/hicommand tiered storage manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-20"
},
{
"model": "interstage application server standard-j edition b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.19"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "application stack",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "v20"
},
{
"model": "jp1/it service level management manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-50"
},
{
"model": "jp1/hicommand tuning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-20"
},
{
"model": "wireless control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.163"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.4"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "it operations analyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "02-51-01"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "onboard administrator",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.50"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.5"
},
{
"model": "tuning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.402"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.6"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "tiered storage manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.1-02"
},
{
"model": "ciscoworks lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "tuning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-03"
},
{
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "tuning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1-00"
},
{
"model": "messaging storage server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.51"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.17"
},
{
"model": "web server 04-00.",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.18"
},
{
"model": "interstage application server standard-j edition 9.1.0b",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"model": "software foundation apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.20"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1-73"
},
{
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-10-01"
},
{
"model": "device manager software (solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1-00(x64))"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "tiered storage manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.1-02"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00-04"
},
{
"model": "hat jboss enterprise web server for rhel server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "51.0"
},
{
"model": "provisioning manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.35"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.27"
},
{
"model": "tiered storage manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.5"
},
{
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50-02"
},
{
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-10-01"
},
{
"model": "replication manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "software foundation apache 2.3.38-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.3.2"
},
{
"model": "ciscoworks common services base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.6"
},
{
"model": "groupware server",
"scope": "ne",
"trust": 0.3,
"vendor": "kolab",
"version": "2.3.3"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.95"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "jp1/hicommand tiered storage manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50-02"
},
{
"model": "interstage application server web-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-30"
},
{
"model": "interstage service integrator standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "point software dlp-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "0"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.39"
},
{
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.3"
},
{
"model": "point software secureplatform r71.30",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"model": "interstage application server enterprise edition b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "jp1/it resource management-manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-11"
},
{
"model": "jp1/cm2/snmp system observer )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "system management homepage b",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2.77"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "jp1/hicommand tiered storage manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "tiered storage manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"model": "application server 10g r2",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.3.0"
},
{
"model": "groupware server 2.2-rc1",
"scope": null,
"trust": 0.3,
"vendor": "kolab",
"version": null
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "tiered storage manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.3.0-00"
},
{
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00-05"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "5687"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "systemwalker service quality coordinator enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "13.4"
},
{
"model": "jp1/hicommand tuning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "message networking sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux enterprise server for vmware sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "device manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-10"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.43"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.64"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "jp1/it service level management manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-0"
},
{
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-90"
},
{
"model": "it operations director",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "02-50-01"
},
{
"model": "transportation manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.5.06.00"
},
{
"model": "tuning manager software )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.401"
},
{
"model": "hat enterprise linux server 6.0.z",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.46"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.25"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00-03"
},
{
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.0-00"
},
{
"model": "jp1/hicommand tiered storage manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5.5"
},
{
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.33"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "systemwalker service catalog manager v14g",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "14.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.5"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "jp1/hicommand device manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "tiered storage manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.0-00"
},
{
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-10-09"
},
{
"model": "wide area application services 4.1.1b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ciscoworks lan management solution update",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "messaging storage server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "jp1/it resource management-manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-11-02"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.14"
},
{
"model": "it operations director",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "02-50-07"
},
{
"model": "ciscoworks lan management solution (dec update",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.02007"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.4"
},
{
"model": "wireless control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.91.0"
},
{
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-20"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.23"
},
{
"model": "replication manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.1-01"
},
{
"model": "global link manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.2-01"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "wireless control system for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ciscoworks common services base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.5"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.18"
},
{
"model": "software foundation apache 2.0.62-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "tuning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00-01(*2)"
},
{
"model": "groupware server 2.2-rc3",
"scope": null,
"trust": 0.3,
"vendor": "kolab",
"version": null
},
{
"model": "replication manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00-04"
},
{
"model": "jp1/hicommand device manager (solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5.9-08(x64))"
},
{
"model": "jp1/hicommand device manager (solaris (s",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5.9.0-00"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "hat enterprise linux 5.3.ll",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "provisioning manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.3.0-00"
},
{
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.17"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.13"
},
{
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"model": "hat jboss enterprise web server for rhel as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "41.0.2"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00-02"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.9"
},
{
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.15"
},
{
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-02"
},
{
"model": "device manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.0-00"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "hat enterprise linux els",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "jp1/hicommand tuning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-30"
},
{
"model": "web server (hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00-0111.0"
},
{
"model": "provisioning manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"model": "software foundation apache 2.0.60-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "netware sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-60-01"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.35"
},
{
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "tiered storage manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.0-00"
},
{
"model": "netware sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5.0"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "mobility services engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-40"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "jp1/automatic job management system web operation assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "3-0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "jp1/it resource management-manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "replication manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.8"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.39"
},
{
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-10"
},
{
"model": "device manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.1-02"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "tuning manager software )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.2-01"
},
{
"model": "hat enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-00"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.60"
},
{
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "systemwalker software configuration manager",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "14.1"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "tiered storage manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "device manager software (solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1-03(x64))"
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "cts telepresence systems",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ciscoworks common services base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.13"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "interstage service integrator enterprise edition 9.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "jp1/integrated management service support",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-00-50"
},
{
"model": "point software secureplatform r75",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-09"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.1"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "5632"
},
{
"model": "point software secureplatform ng fp2 edition",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "2"
},
{
"model": "device manager software (solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0-00(x64))"
},
{
"model": "global link manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1-01"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2.2"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.37"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.56"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.3.1"
},
{
"model": "web server custom edition",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"model": "interstage application development cycle manager standard editio",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "10.1"
},
{
"model": "tuning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.96"
},
{
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "interstage application development cycle manager standard editio",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "10.2"
},
{
"model": "interstage list manager standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "wireless control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0.181.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2.4"
},
{
"model": "software foundation apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.21"
},
{
"model": "transportation manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "device manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"model": "point software ipso6 r70.40",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "interstage software quality analyzer 10.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "global link manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1-00"
},
{
"model": "secure global desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.62"
},
{
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-10-10"
},
{
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-60-01"
},
{
"model": "wireless control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "jp1/performance management web console",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-10-03"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "5150"
},
{
"model": "tuning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.2-00"
},
{
"model": "replication manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.0-00"
},
{
"model": "software foundation apache 2.2.7-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "point software ipso6 r75",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.19"
},
{
"model": "web server 04-00-03.",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "tiered storage manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "5675"
},
{
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-10-03"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.2"
},
{
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-10"
},
{
"model": "application server 10g r3",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.5.0"
},
{
"model": "jp1/hicommand tiered storage manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-40"
},
{
"model": "device manager software (solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1-02(x64))"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.44"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"model": "interstage application server standard-j edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "ciscoworks common services base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-00"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "5645"
},
{
"model": "jp1/integrated management service support",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-0"
},
{
"model": "jp1/hicommand tuning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-40"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.19"
},
{
"model": "hat enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "netware sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "jp1/hicommand tiered storage manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-10"
},
{
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00"
},
{
"model": "tiered storage manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0-12"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.9"
},
{
"model": "jp1/hicommand tuning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-10"
},
{
"model": "jp1/hicommand tiered storage manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-00"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.27"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "5655"
},
{
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-60"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00-060"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.13"
},
{
"model": "interstage job workload server",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "jp1/hicommand tuning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-00"
},
{
"model": "jp1/hicommand provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-90"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"model": "provisioning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0.0-00"
},
{
"model": "jp1/automatic job management system web operation assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "2-0"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.3.0.3"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1"
},
{
"model": "software foundation apache -beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.32"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.11"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.38"
},
{
"model": "provisioning manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "tuning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.001"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.52"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.17"
},
{
"model": "tuning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "point software secureplatform ng",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.63"
},
{
"model": "point software ipso6 r71.30",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.36"
},
{
"model": "tuning manager software )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.402"
},
{
"model": "point software secureplatform r70.40",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "jp1/performance management web console",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-08-50"
},
{
"model": "web server linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-10-01"
},
{
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-10-02"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1.73"
},
{
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.18"
},
{
"model": "tuning manager software )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1-00"
},
{
"model": "provisioning manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-01"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "ciscoworks common services base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.4"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "hat jboss enterprise web server for rhel es",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "41.0"
},
{
"model": "device manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "cloud infrastructure management software",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "1.2"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2.3"
},
{
"model": "ciscoworks common services base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.5"
},
{
"model": "tuning manager software )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.2-00"
},
{
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"model": "linux enterprise sdk sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "wireless control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.100.0"
},
{
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "jp1/integrated management service support",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-50-01"
},
{
"model": "tiered storage manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"model": "interstage apworks modelers-j edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "wireless control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.62.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "device manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.3"
},
{
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-10-03(x64)"
},
{
"model": "replication manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"model": "web server aix",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00"
},
{
"model": "device manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.16"
},
{
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50-03"
},
{
"model": "device manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.1-02"
},
{
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-03"
},
{
"model": "replication manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.0-00"
},
{
"model": "replication manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.19"
},
{
"model": "tiered storage manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.2.0-00"
},
{
"model": "ciscoworks common services base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.5"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "tiered storage manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.0-00"
},
{
"model": "replication manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.1-01"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.12"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "jp1/performance management web console",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "onboard administrator",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.55"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "5135"
},
{
"model": "provisioning manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.2"
},
{
"model": "device manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.0-00"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-60"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.53"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-10-02"
},
{
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-05"
},
{
"model": "provisioning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "tuning manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-03"
},
{
"model": "web server solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00"
},
{
"model": "video surveillance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jp1/performance management web console",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-08-50-09"
},
{
"model": "systemwalker runbook automation v14g 14.1.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "hat enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "it operations analyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "02-51"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "provisioning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "device manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00-01"
},
{
"model": "tuning manager software )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.7"
},
{
"model": "job management partner 1/automatic job management system man",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "3-0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "ciscoworks common services base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-10"
},
{
"model": "replication manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1-01"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.103"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.32"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.0"
},
{
"model": "web server )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "5638"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.3"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "device manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "point software ipso6 r65.70",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "interstage studio enterprise edition b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "point software secureplatform ngx r60 build",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "244"
},
{
"model": "interstage business application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.5"
},
{
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-07"
},
{
"model": "device manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.48"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "jp1/cm2/snmp system observer",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "transportation manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1"
},
{
"model": "jp1/it resource management-manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-10-03"
},
{
"model": "jp1/hicommand device manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05.10"
},
{
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.1-02"
},
{
"model": "wireless control system for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.47"
},
{
"model": "device manager software (solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1.1-00(x64))"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "interstage application server enterprise edition 9.1.0b",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "jp1/serverconductor/control manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "systemwalker availability view enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "13.3"
},
{
"model": "jp1/it resource management-manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-10"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.33"
},
{
"model": "provisioning manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.2"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "device manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.3.0-00"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.40"
},
{
"model": "quad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "device manager software (solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.2-00(x64))"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.43"
},
{
"model": "onboard administrator",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.21"
},
{
"model": "systemwalker it process master standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "13.3.1"
},
{
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50-01"
},
{
"model": "device manager software )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1-03"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.61"
},
{
"model": "it operations analyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "02-01"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.4"
},
{
"model": "tiered storage manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"model": "interstage studio standard-j edition b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1.0"
},
{
"model": "software foundation apache 2.0.64-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "job management partner 1/automatic job management system web",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "3-0"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.6"
},
{
"model": "jp1/hicommand tiered storage manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50-01"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#405811"
},
{
"db": "BID",
"id": "49303"
},
{
"db": "NVD",
"id": "CVE-2011-3192"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "111915"
},
{
"db": "PACKETSTORM",
"id": "104936"
},
{
"db": "PACKETSTORM",
"id": "112043"
},
{
"db": "PACKETSTORM",
"id": "105356"
},
{
"db": "PACKETSTORM",
"id": "106557"
}
],
"trust": 0.5
},
"cve": "CVE-2011-3192",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2011-3192",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-3192",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#405811",
"trust": 0.8,
"value": "16.01"
},
{
"author": "VULMON",
"id": "CVE-2011-3192",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#405811"
},
{
"db": "VULMON",
"id": "CVE-2011-3192"
},
{
"db": "NVD",
"id": "CVE-2011-3192"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086. Apache HTTPD server contains a denial-of-service vulnerability in the way multiple overlapping ranges are handled. Both the \u0027Range\u0027 header and the \u0027Range-Request\u0027 header are vulnerable. An attack tool, commonly known as \u0027Apache Killer\u0027, has been released in the wild. The attack tool causes a significant increase in CPU and memory usage on the server. \nSuccessful exploits will result in a denial-of-service condition. Multiple Cisco products\nmay be affected by this vulnerability. \n\nMitigations that can be deployed on Cisco devices within the network\nare available in the Cisco Applied Intelligence companion document\nfor this Advisory: \nhttp://tools.cisco.com/security/center/viewAMBAlert.x?alertId=24024\n\nThis advisory is posted at:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20110830-apache.shtml\n\nAffected Products\n=================\n\nCisco is currently evaluating products for possible exposure to this\nvulnerability. Products will only be listed in the Vulnerable\nProducts or Products Confirmed Not Vulnerable sections of this\nsecurity advisory when a final determination about exposure is made. \nProducts that are not listed in either of these two sections are\nstill being evaluated. \n\nVulnerable Products\n+------------------\n\nThis section will be updated when more information is available. The\nfollowing products are confirmed to be affected by this\nvulnerability:\n\n * Cisco MDS 9000 NX-OS Software releases prior to 4.2.x are\n affected. Cisco MDS 9000 NX-OS Software releases 4.2.x and later\n are not affected. \n * Cisco NX-OS Software for Cisco Nexus 7000 Series Switches\n releases prior to 4.2.x are affected. Cisco NX-OS Software for\n Cisco Nexus 7000 Series Switches versions 4.2.x and later are not\n affected. \n * Cisco TelePresence Video Communication Server (Cisco TelePresence\n VCS)\n * Cisco Video Surveillance Manager (VSM)\n * Cisco Video Surveillance Operations Manager (VSOM)\n * Cisco Wireless Control System (WCS)\n\n\nProducts Confirmed Not Vulnerable\n+--------------------------------\n\nThe following products are confirmed not vulnerable:\n\n * Cisco ASA 5500 Series Adaptive Security Appliances\n * Cisco Catalyst 6500 Series ASA Services Module\n * Cisco Catalyst 6500 Series Firewall Services Module\n * Cisco Fabric Manager\n * Cisco Identity Services Engine\n * Cisco Intercompany Media Engine\n * Cisco IOS Software\n * Cisco IOS XE Software\n * Cisco IOS XR Software\n * Cisco IP Interoperability and Collaboration System (IPICS)\n * Cisco Unified IP Phones\n * Cisco MDS 9000 NX-OS Software releases 4.2.x or later (prior\n versions are affected)\n * Cisco NX-OS Software for Nexus 7000 Series Switches releases\n 4.2.x or later (prior versions are affected)\n * Cisco Prime Central\n * Cisco Prime Optical\n * Cisco Prime Performance Manager\n * Cisco TelePresence Server\n * Cisco Unified Communications Manager (formerly Cisco CallManager)\n * Cisco Unity\n * Cisco Unity Connection\n * Cisco Wireless LAN Controllers (WLC)\n\nThis section will be updated when more information is available. Multiple Cisco products\nmay be affected by this vulnerability. \n\nThe following Cisco bug IDs are being used to track potential\nexposure to this vulnerability. The following Cisco bug IDs do not\nconfirm that a product is vulnerable; rather, the Cisco bug IDs\nindicate that the product is under investigation by the appropriate\nproduct teams. \n\n+--------------------------------------------------------------------------------------------+\n| Cisco Product | Cisco bug ID |\n|----------------------------------------------------------------+---------------------------|\n| Cisco ACE 4710 Appliance | CSCts35635 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco ACE Application Control Engine Module | CSCts35610 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco ACE GSS 4400 Series Global Site Selector (GSS) | CSCts33313 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco ACE XML Gateway | CSCts33321 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Active Network Abstraction | CSCts33317 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco ASA 5500 Series Adaptive Security Appliances | CSCts33180 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco CNS Network Registrar | CSCts36064 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Conductor for Videoscape | CSCts32986 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Content Delivery Engine | CSCts36206 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Content Delivery System Internet Streamer | CSCts35643 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Detector XT DDoS Mitigation Appliance | CSCts33211 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Guard XT DDoS Mitigation Appliance | CSCts33210 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Healthpresence | CSCts36069 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Identity Services Engine | CSCts33092 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco IP Interoperability and Collaboration System | CSCts33206 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco IP Phones | CSCts33264 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco IPS Software | CSCts33199 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco MDS 9000 SAN Device Management | CSCts33220 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco MDS 9000 Series Multilayer Switches | CSCts33294 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco NAC Manager | CSCts32965 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco NAC Profiler | CSCts33267 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco NAC Server | CSCts32976 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Network Analysis Module | CSCts33320 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Networking Services (CNS) Software | CSCts33279 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Nexus 5000 Series Switches | CSCts35605 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Nexus 7000 Series Switches | CSCts35665 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco OnPlus Network Management and Automation | CSCts33287 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Prime Central | CSCts33004 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Prime Network Control System | CSCts33114 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Prime Performance Manager | CSCts36072 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Quad Collaboration | CSCts36158 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Secure Access Control System | CSCts33196 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Security Manager | CSCts33056 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Service Exchange Framework | CSCts33218 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Signaling Gateway Manager | CSCts33248 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Small Business Network Storage Systems | CSCts33288 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco SSC System Manager | CSCts36187 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco TelePresence Manager | CSCts33310 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco TelePresence Multipoint Switch | CSCts33224 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco TelePresence Server | CSCts33230 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco CTS 500-32 Telepresence System Series | CSCts35874 |\n|----------------------------------------------------------------+---------------------------|\n| All Cisco CTS TelePresence Systems except Cisco CTS 500-32 | CSCts33276 |\n| TelePresence System Series | |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Telepresence System Integrator C Series | CSCts35860 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco UCS B-Series Blade Servers | CSCts33291 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Unified Communications Manager | CSCts32992 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Unified Communications System Voice and Unified | CSCts33271 |\n| Communications (VOSS) | |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Unified MeetingPlace | CSCts33169 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Unified Operations Manager | CSCts33273 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Unified Presence Server | CSCts33257 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Unified Service Monitor | CSCts35893 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Unified Service Statistics Manager | CSCts36074 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Unity | CSCts33302 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Unity Connection | CSCts33260 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Video Surveillance Manager | CSCts33173 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Video Surveillance Operations Manager | CSCts33178 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Virtual Network Management | CSCts36207 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Voice Manager (CVM) | CSCts36152 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Wide Area Application Services (WAAS) Software | CSCts33254 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Wireless Control System (WCS) | CSCts33325 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Wireless Control System Navigator | CSCts33052 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Wireless LAN Controllers (WLC) | CSCts33327 |\n|----------------------------------------------------------------+---------------------------|\n| CiscoWorks Common Services | CSCts33049 |\n|----------------------------------------------------------------+---------------------------|\n| CiscoWorks LAN Management Solution (LMS) | CSCts35837 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Digital Media Suite Products | CSCts33189 |\n|----------------------------------------------------------------+---------------------------|\n| Management Center for Cisco Security Agents | CSCts33208 |\n|----------------------------------------------------------------+---------------------------|\n| Service Exchange Framework | CSCts36185 |\n|----------------------------------------------------------------+---------------------------|\n| Cisco Shared Network Management and Automation | CSCts33476 |\n+--------------------------------------------------------------------------------------------+\n\nThis vulnerability has been assigned the Common Vulnerabilities and\nExposures (CVE) identifier CVE-2011-3192. \n \n\nVulnerability Scoring Details\n+----------------------------\n\nCisco has provided scores for the vulnerability in this advisory\nbased on the Common Vulnerability Scoring System (CVSS). The CVSS\nscoring in this Security Advisory is done in accordance with CVSS\nversion 2.0. \n\nCVSS is a standards-based scoring method that conveys vulnerability\nseverity and helps determine urgency and priority of response. \n\nCisco has provided a base and temporal score. Customers can then\ncompute environmental scores to assist in determining the impact of\nthe vulnerability in individual networks. \n\nCisco has provided an FAQ to answer additional questions regarding\nCVSS at\n\nhttp://www.cisco.com/web/about/security/intelligence/cvss-qandas.html\n\nCisco has also provided a CVSS calculator to help compute the\nenvironmental impact for individual networks at:\n\nhttp://intellishield.cisco.com/security/alertmanager/cvss\n\n* Apache HTTPd Range Header Denial of Service Vulnerability\n\nCVSS Base Score - 7.8\n Access Vector - Network\n Access Complexity - Low\n Authentication - None\n Confidentiality Impact - None\n Integrity Impact - None\n Availability Impact - Complete\n\nCVSS Temporal Score - 7.8\n Exploitability - High\n Remediation Level - Unavailable\n Report Confidence - Confirmed\n \n\nImpact\n======\n\nSuccessful exploitation of this vulnerability could cause significant\nmemory and CPU utilization on affected products. \n \n\nSoftware Versions and Fixes\n===========================\n\nWhen considering software upgrades, also consult \nhttp://www.cisco.com/go/psirt and any subsequent advisories to determine \nexposure and a complete upgrade solution. \n\nIn all cases, customers should exercise caution to be certain the\ndevices to be upgraded contain sufficient memory and that current\nhardware and software configurations will continue to be supported\nproperly by the new release. If the information is not clear, contact\nthe Cisco Technical Assistance Center (TAC) or your contracted\nmaintenance provider for assistance. \n\nCisco NX-OS Software\n+-------------------\nCisco MDS 9000 NX-OS Software releases prior to 4.2.x are affected. \nCisco MDS 9000 NX-OS Software releases 4.2.x and later are not\naffected. \n\nCisco NX-OS Software for Cisco Nexus 7000 Series Switches releases\nprior to 4.2.x are affected. Cisco NX-OS Software for Cisco Nexus\n7000 Series Switches releases 4.2.x and later are not affected. \n\nCisco Video Surveillance Manager (VSM)\n+-------------------------------------\nNo fixed software is available. \n\nCisco Video Surveillance Operations Manager (VSOM)\n+-------------------------------------------------\nNo fixed software is available. \n\nThis section will be updated when more information is available. \n \n\nWorkarounds\n===========\n\nMitigations that can be deployed on Cisco devices within the network\nare available in the Cisco Applied Intelligence companion document\nfor this Advisory: \nhttp://tools.cisco.com/security/center/viewAMBAlert.x?alertId=24024\n \n\nObtaining Fixed Software\n========================\n\nCisco has released free software updates that address this\nvulnerability. Prior to deploying software, customers should consult\ntheir maintenance provider or check the software for feature set\ncompatibility and known issues specific to their environment. \n\nCustomers may only install and expect support for the feature sets\nthey have purchased. By installing, downloading, accessing or\notherwise using such software upgrades, customers agree to be bound\nby the terms of Cisco\u0027s software license terms found at \nhttp://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html \nor as otherwise set forth at Cisco.com Downloads at:\nhttp://www.cisco.com/public/sw-center/sw-usingswc.shtml \n\nDo not contact psirt@cisco.com or security-alert@cisco.com for\nsoftware upgrades. \n\n \nCustomers with Service Contracts\n================================\n\nCustomers with contracts should obtain upgraded software through\ntheir regular update channels. For most customers, this means that\nupgrades should be obtained through the Software Center on Cisco\u0027s\nworldwide website at http://www.cisco.com\n\n \nCustomers using Third Party Support Organizations\n=================================================\n\nCustomers whose Cisco products are provided or maintained through\nprior or existing agreements with third-party support organizations,\nsuch as Cisco Partners, authorized resellers, or service providers\nshould contact that support organization for guidance and assistance\nwith the appropriate course of action in regards to this advisory. \n\nThe effectiveness of any workaround or fix is dependent on specific\ncustomer situations, such as product mix, network topology, traffic\nbehavior, and organizational mission. Due to the variety of affected\nproducts and releases, customers should consult with their service\nprovider or support organization to ensure any applied workaround or\nfix is the most appropriate for use in the intended network before it\nis deployed. \n\n \n\nCustomers without Service Contracts\n===================================\n\nCustomers who purchase direct from Cisco but do not hold a Cisco\nservice contract, and customers who purchase through third-party\nvendors but are unsuccessful in obtaining fixed software through\ntheir point of sale should acquire upgrades by contacting the Cisco\nTechnical Assistance Center (TAC). TAC contacts are as follows. \n\n * +1 800 553 2447 (toll free from within North America)\n * +1 408 526 7209 (toll call from anywhere in the world)\n * e-mail: tac@cisco.com\n\nCustomers should have their product serial number available and be\nprepared to give the URL of this notice as evidence of entitlement to\na free upgrade. Free upgrades for non-contract customers must be\nrequested through the TAC. \n\nRefer to \nhttp://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html \nfor additional TAC contact information, including localized telephone \nnumbers, and instructions and e-mail addresses for use in various \nlanguages. \n \n\nExploitation and Public Announcements\n=====================================\n\nThis vulnerability was initially reported to the Full Disclosure\nmailing list at the following link: \nhttp://seclists.org/fulldisclosure/2011/Aug/175\n\nApache has confirmed that it is aware of exploitation of this\nvulnerability. Cisco is not aware of malicious exploitation of this\nvulnerability related specifically to Cisco products. \n\nProof-of-concept code is available for this vulnerability. \n \n\nStatus of this Notice: INTERIM\n==============================\n\nTHIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY\nKIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE\nINFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS\nAT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS\nDOCUMENT AT ANY TIME. CISCO EXPECTS TO UPDATE THIS DOCUMENT AS NEW\nINFORMATION BECOMES AVAILABLE. \n\nA stand-alone copy or Paraphrase of the text of this document that\nomits the distribution URL in the following section is an\nuncontrolled copy, and may lack important information or contain\nfactual errors. \n \n\nDistribution\n============\nThis advisory is posted on Cisco\u0027s worldwide website at:\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20110830-apache.shtml\n\nIn addition to worldwide web posting, a text version of this notice\nis clear-signed with the Cisco PSIRT PGP key and is posted to the\nfollowing e-mail and Usenet news recipients. \n\n * cust-security-announce@cisco.com\n * first-bulletins@lists.first.org\n * bugtraq@securityfocus.com\n * vulnwatch@vulnwatch.org\n * cisco@spot.colorado.edu\n * cisco-nsp@puck.nether.net\n * full-disclosure@lists.grok.org.uk\n * comp.dcom.sys.cisco@newsgate.cisco.com\n\nFuture updates of this advisory, if any, will be placed on Cisco\u0027s\nworldwide website, but may or may not be actively announced on\nmailing lists or newsgroups. Users concerned about this problem are\nencouraged to check the above URL for any updates. \n \n\nRevision History\n================\n+---------------------------------------+\n| Revision | | Initial |\n| 1.0 | 2011-August-30 | public |\n| | | release. |\n+---------------------------------------+\n\n \nCisco Security Procedures\n=========================\n\nComplete information on reporting security vulnerabilities in Cisco\nproducts, obtaining assistance with security incidents, and\nregistering to receive security information from Cisco, is available\non Cisco\u0027s worldwide website at: \nhttp://www.cisco.com/en/US/products/products_security_vulnerability_policy.html \nThis includes instructions for press inquiries regarding Cisco security notices. \nAll Cisco security advisories are available at:\nhttp://www.cisco.com/go/psirt\n\n+--------------------------------------------------------------------\nCopyright 2010-2011 Cisco Systems, Inc. All rights reserved. \n+--------------------------------------------------------------------\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (SunOS)\n\niFcDBQFOXE95QXnnBKKRMNARCNOOAPwNqw0GmcvgFiKgHiHKH/T2rH/tiaXmqEU5\nzwHUOqyYegD8CZvVuM9OPIOb3f3AeMz5HxYDbPMxkg+SEURf05JtyBw=\n=lasc\n-----END PGP SIGNATURE-----\n. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\n\nHere are the details from the Slackware 13.37 ChangeLog:\n+--------------------------+\npatches/packages/httpd-2.2.21-i486-1_slack13.37.txz: Upgraded. \n Respond with HTTP_NOT_IMPLEMENTED when the method is not\n recognized. [Jean-Frederic Clere] SECURITY: CVE-2011-3348\n Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20. \n PR 51748. [\u003clowprio20 gmail.com\u003e]\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/httpd-2.2.21-i486-1_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/httpd-2.2.21-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/httpd-2.2.21-i486-1_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/httpd-2.2.21-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/httpd-2.2.21-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/httpd-2.2.21-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/httpd-2.2.21-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/httpd-2.2.21-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/httpd-2.2.21-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/httpd-2.2.21-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/httpd-2.2.21-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 12.0 package:\ne6ed3d69eeb235a35799ad4fb43b02bb httpd-2.2.21-i486-1_slack12.0.tgz\n\nSlackware 12.1 package:\n531a640d39b1ec2f4216a8fa4cea9c52 httpd-2.2.21-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\nf93ceab045175be85509f0b9f7be0993 httpd-2.2.21-i486-1_slack12.2.tgz\n\nSlackware 13.0 package:\n569145d8fb1f800f04f4d6333f16f704 httpd-2.2.21-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n03f6c419d49e3c4a351956ad27d72fd6 httpd-2.2.21-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\n1a218016a62fbaf8a110e6afcc6789b2 httpd-2.2.21-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n82eed1a8af9ab4545a18158f4a4641c1 httpd-2.2.21-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\nd7c15df0fcc28648220ad329b0685f65 httpd-2.2.21-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\na192a12b1b63489733a7b8fc62435d3d httpd-2.2.21-x86_64-1_slack13.37.txz\n\nSlackware -current package:\na16f461ad9843823811c40de6f38b63e n/httpd-2.2.21-i486-1.txz\n\nSlackware x86_64 -current package:\n0b4c491e383ea496020db90aa67b970c n/httpd-2.2.21-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg httpd-2.2.21-i486-1_slack13.37.txz\n\nThen, restart the httpd daemon. \n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. \n\nRelease Date: 2011-09-08\nLast Updated: 2011-09-23\n\n -----------------------------------------------------------------------------\n\nPotential Security Impact: Remote Denial of Service (DoS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP-UX Apache Web Server. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS). \n\nReferences: CVE-2011-3192, CVE-2011-0419\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.23, B.11.31 running HP-UX Apache Web Server Suite v3.17 containing Apache v2.2.15.07 or earlier\nHP-UX B.11.11 running HP-UX Apache Web Server Suite v2.33 containing Apache v2.0.64.01 or earlier\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2011-3192 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2011-0419 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nThis bulletin will be revised when additional information becomes available. \n\nHP has provided the following software updates to resolve these vulnerabilities. \n\nHP-UX Web Server Suite (WSS) v3.18 containing Apache v2.2.15.08\n\nThe WSS v3.18 update is available for download from the following location\nhttps://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXWSATW318\n\nHP-UX 11i Releases / Apache Depot name\n\nB.11.23 \u0026 B.11.31 (32-bit) / HPUXWS22ATW-B318-32.depot\n\nB.11.23 \u0026 B.11.31 (64-bit) / HPUXWS22ATW-B318-64.depot\n\nHP-UX Web Server Suite (WSS) v2.33 containing Apache v2.0.64.01 and earlier\n\nThe WSS v2.33 preliminary update is available for download from the following location\nftp://srt10606:P2xg=AD5@ftp.usa.hp.com or\nhttps://ftp.usa.hp.com/hprc/home with\nusername srt10606 and password P2xg=AD5\n\nNOTE: CVE-2011-0419 is not resolved in the WSS v2.33 depot below. \n\nHP-UX 11i Release / Apache Depot name\n\nB.11.11 / Apache-2.0-CVE-2011-3192-Fix-11.11.depot\n\nB.11.23 (32 \u0026 64-bit) / No longer supported. Upgrade to WSS v 3.18\n\nB.11.31 (32 \u0026 64-bit) / No longer supported. Upgrade to WSS v 3.18\n\nAlternatives to Installing the WSS v2.33 Preliminary Patch\nThe Apache Software Foundation has documented a work around. For customers not wanting to install the WSS v2.33 preliminary patch, the following are recommended. \n\n1) Use SetEnvIf or mod_rewrite to detect a large number of ranges and then either ignore the Range: header or reject the request. \n\n2) Limit the size of the request field to a few hundred bytes. \n\n3) Use mod_headers to completely disallow the use of Range headers. \n\nPlease refer to the Apache advisory for details. http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110826103531.998348F82@minotaur.apache.org%3e\n\nMANUAL ACTIONS: Yes - Update\nFor B.11.23 and B.11.31 install HP-UX Web Server Suite v3.18 or subsequent. \nFor B.11.11 install HP-UX Web Server Suite v2.33 or subsequent. \n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. \n\nAFFECTED VERSIONS\n\nHP-UX Web Server Suite v3.18\nHP-UX B.11.23\nHP-UX B.11.31\n==================\nhpuxws22APCH32.APACHE\nhpuxws22APCH32.APACHE2\nhpuxws22APCH32.AUTH_LDAP\nhpuxws22APCH32.AUTH_LDAP2\nhpuxws22APCH32.MOD_JK\nhpuxws22APCH32.MOD_JK2\nhpuxws22APCH32.MOD_PERL\nhpuxws22APCH32.MOD_PERL2\nhpuxws22APCH32.PHP\nhpuxws22APCH32.PHP2\nhpuxws22APCH32.WEBPROXY\nhpuxws22APCH32.WEBPROXY2\nhpuxws22APACHE.APACHE\nhpuxws22APACHE.APACHE2\nhpuxws22APACHE.AUTH_LDAP\nhpuxws22APACHE.AUTH_LDAP2\nhpuxws22APACHE.MOD_JK\nhpuxws22APACHE.MOD_JK2\nhpuxws22APACHE.MOD_PERL\nhpuxws22APACHE.MOD_PERL2\nhpuxws22APACHE.PHP\nhpuxws22APACHE.PHP2\nhpuxws22APACHE.WEBPROXY\nhpuxws22APACHE.WEBPROXY2\naction: install revision B.2.2.15.08 or subsequent\n\nHP-UX Web Server Suite v2.33\nHP-UX B.11.11\n==================\nhpuxwsAPACHE.APACHE\nhpuxwsAPACHE.APACHE2\nhpuxwsAPACHE.AUTH_LDAP\nhpuxwsAPACHE.AUTH_LDAP2\nhpuxwsAPACHE.MOD_JK\nhpuxwsAPACHE.MOD_JK2\nhpuxwsAPACHE.MOD_PERL\nhpuxwsAPACHE.MOD_PERL2\nhpuxwsAPACHE.PHP\nhpuxwsAPACHE.PHP2\nhpuxwsAPACHE.WEBPROXY\naction: install revision B.2.0.64.01 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 8 September 2011 Initial release\nVersion:2 (rev.2) - 8 September 2011 Updated affectivity, recommendations, typos\nVersion:3 (rev.3) - 22 September 2011 New source for depots\nVersion:4 (rev.4) - 23 September 2011 Apache WSS 2.33 depot for B.11.11 available\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430\n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2011 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n* Oracle Application Server 10g versions 10.1.2.3.0 and 10.1.3.5.0. Summary:\n\nUpdated httpd and httpd22 packages that fix one security issue are now\navailable for JBoss Enterprise Web Server 1.0.2 for Red Hat Enterprise\nLinux 4, 5, and 6. \n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. \n\n2. (CVE-2011-3192)\n\nAll users of JBoss Enterprise Web Server 1.0.2 should upgrade to these\nupdated packages, which contain a backported patch to correct this issue. \nAfter installing the updated packages, Red Hat Enterprise Linux 4 users\nmust restart the httpd22 service, and Red Hat Enterprise Linux 5 and 6\nusers must restart the httpd service, for the update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n732928 - CVE-2011-3192 httpd: multiple ranges DoS\n\n6. Package List:\n\nJBoss Enterprise Web Server 1.0 for RHEL 4 AS:\n\nSource:\nhttpd22-2.2.17-16.ep5.el4.src.rpm\n\ni386:\nhttpd22-2.2.17-16.ep5.el4.i386.rpm\nhttpd22-apr-2.2.17-16.ep5.el4.i386.rpm\nhttpd22-apr-devel-2.2.17-16.ep5.el4.i386.rpm\nhttpd22-apr-util-2.2.17-16.ep5.el4.i386.rpm\nhttpd22-apr-util-devel-2.2.17-16.ep5.el4.i386.rpm\nhttpd22-debuginfo-2.2.17-16.ep5.el4.i386.rpm\nhttpd22-devel-2.2.17-16.ep5.el4.i386.rpm\nhttpd22-manual-2.2.17-16.ep5.el4.i386.rpm\nmod_ssl22-2.2.17-16.ep5.el4.i386.rpm\n\nx86_64:\nhttpd22-2.2.17-16.ep5.el4.x86_64.rpm\nhttpd22-apr-2.2.17-16.ep5.el4.x86_64.rpm\nhttpd22-apr-devel-2.2.17-16.ep5.el4.x86_64.rpm\nhttpd22-apr-util-2.2.17-16.ep5.el4.x86_64.rpm\nhttpd22-apr-util-devel-2.2.17-16.ep5.el4.x86_64.rpm\nhttpd22-debuginfo-2.2.17-16.ep5.el4.x86_64.rpm\nhttpd22-devel-2.2.17-16.ep5.el4.x86_64.rpm\nhttpd22-manual-2.2.17-16.ep5.el4.x86_64.rpm\nmod_ssl22-2.2.17-16.ep5.el4.x86_64.rpm\n\nJBoss Enterprise Web Server 1.0 for RHEL 4 ES:\n\nSource:\nhttpd22-2.2.17-16.ep5.el4.src.rpm\n\ni386:\nhttpd22-2.2.17-16.ep5.el4.i386.rpm\nhttpd22-apr-2.2.17-16.ep5.el4.i386.rpm\nhttpd22-apr-devel-2.2.17-16.ep5.el4.i386.rpm\nhttpd22-apr-util-2.2.17-16.ep5.el4.i386.rpm\nhttpd22-apr-util-devel-2.2.17-16.ep5.el4.i386.rpm\nhttpd22-debuginfo-2.2.17-16.ep5.el4.i386.rpm\nhttpd22-devel-2.2.17-16.ep5.el4.i386.rpm\nhttpd22-manual-2.2.17-16.ep5.el4.i386.rpm\nmod_ssl22-2.2.17-16.ep5.el4.i386.rpm\n\nx86_64:\nhttpd22-2.2.17-16.ep5.el4.x86_64.rpm\nhttpd22-apr-2.2.17-16.ep5.el4.x86_64.rpm\nhttpd22-apr-devel-2.2.17-16.ep5.el4.x86_64.rpm\nhttpd22-apr-util-2.2.17-16.ep5.el4.x86_64.rpm\nhttpd22-apr-util-devel-2.2.17-16.ep5.el4.x86_64.rpm\nhttpd22-debuginfo-2.2.17-16.ep5.el4.x86_64.rpm\nhttpd22-devel-2.2.17-16.ep5.el4.x86_64.rpm\nhttpd22-manual-2.2.17-16.ep5.el4.x86_64.rpm\nmod_ssl22-2.2.17-16.ep5.el4.x86_64.rpm\n\nJBoss Enterprise Web Server 1.0 for RHEL 5 Server:\n\nSource:\nhttpd-2.2.17-14.1.ep5.el5.src.rpm\n\ni386:\nhttpd-2.2.17-14.1.ep5.el5.i386.rpm\nhttpd-debuginfo-2.2.17-14.1.ep5.el5.i386.rpm\nhttpd-devel-2.2.17-14.1.ep5.el5.i386.rpm\nhttpd-manual-2.2.17-14.1.ep5.el5.i386.rpm\nmod_ssl-2.2.17-14.1.ep5.el5.i386.rpm\n\nx86_64:\nhttpd-2.2.17-14.1.ep5.el5.x86_64.rpm\nhttpd-debuginfo-2.2.17-14.1.ep5.el5.x86_64.rpm\nhttpd-devel-2.2.17-14.1.ep5.el5.x86_64.rpm\nhttpd-manual-2.2.17-14.1.ep5.el5.x86_64.rpm\nmod_ssl-2.2.17-14.1.ep5.el5.x86_64.rpm\n\nJBoss Enterprise Web Server 1.0 for RHEL 6 Server:\n\nSource:\nhttpd-2.2.17-13.2.ep5.el6.src.rpm\n\ni386:\nhttpd-2.2.17-13.2.ep5.el6.i386.rpm\nhttpd-debuginfo-2.2.17-13.2.ep5.el6.i386.rpm\nhttpd-devel-2.2.17-13.2.ep5.el6.i386.rpm\nhttpd-manual-2.2.17-13.2.ep5.el6.i386.rpm\nhttpd-tools-2.2.17-13.2.ep5.el6.i386.rpm\nmod_ssl-2.2.17-13.2.ep5.el6.i386.rpm\n\nx86_64:\nhttpd-2.2.17-13.2.ep5.el6.x86_64.rpm\nhttpd-debuginfo-2.2.17-13.2.ep5.el6.x86_64.rpm\nhttpd-devel-2.2.17-13.2.ep5.el6.x86_64.rpm\nhttpd-manual-2.2.17-13.2.ep5.el6.x86_64.rpm\nhttpd-tools-2.2.17-13.2.ep5.el6.x86_64.rpm\nmod_ssl-2.2.17-13.2.ep5.el6.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-3192.html\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2011 Red Hat, Inc. ----------------------------------------------------------------------\n\nOvum says ad hoc tools are out-dated. The best practice approach?\nFast vulnerability intelligence, threat handling, and setup in one tool. \n\nRead the new report on the Secunia VIM:\nhttp://secunia.com/products/corporate/vim/ovum_2011_request/ \n\n----------------------------------------------------------------------\n\nTITLE:\nHitachi Products ByteRange Filter Denial of Service Vulnerability\n\nSECUNIA ADVISORY ID:\nSA46229\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/46229/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46229\n\nRELEASE DATE:\n2011-10-30\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/46229/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/46229/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46229\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nHitachi has acknowledged a vulnerability in multiple Hitachi\nproducts, which can be exploited by malicious people to cause a DoS\n(Denial of Service). \n\nORIGINAL ADVISORY:\nHitachi (Japanese):\nhttp://www.hitachi.co.jp/Prod/comp/soft1/security/info/./vuls/HS11-020/index.html\nhttp://www.hitachi.co.jp/Prod/comp/soft1/security/info/./vuls/HS11-021/index.html\nhttp://www.hitachi.co.jp/Prod/comp/soft1/security/info/./vuls/HS11-022/index.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \nHP OpenView Network Node Manager (OV NNM) v7.53 running on HP-UX, Linux, and Solaris. \n\nApache-2.2.21.tar.gz is available using ftp. \n\nHost\n Account\n Password\n\nftp.usa.hp.com\n sb02704\n Secure12\n\nAfter downloading Apache-2.2.21.tar.gz optionally verify the SHA1 check sum:\nSHA1(Apache-2.2.21.tar)= 642721cac9a7c4d1e8e6033a5198071bbdd54840\nSHA1(Apache-2.2.21.tar.gz)= 87d0c04be6dd06b52f1b9c7c645ce39fad117a08\n\nThe Apache-2.2.21.tar archive contains a README.txt file with installation instructions",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-3192"
},
{
"db": "CERT/CC",
"id": "VU#405811"
},
{
"db": "BID",
"id": "49303"
},
{
"db": "VULMON",
"id": "CVE-2011-3192"
},
{
"db": "PACKETSTORM",
"id": "104618"
},
{
"db": "PACKETSTORM",
"id": "111915"
},
{
"db": "PACKETSTORM",
"id": "104936"
},
{
"db": "PACKETSTORM",
"id": "105792"
},
{
"db": "PACKETSTORM",
"id": "105889"
},
{
"db": "PACKETSTORM",
"id": "112043"
},
{
"db": "PACKETSTORM",
"id": "105356"
},
{
"db": "PACKETSTORM",
"id": "107135"
},
{
"db": "PACKETSTORM",
"id": "105281"
},
{
"db": "PACKETSTORM",
"id": "106388"
},
{
"db": "PACKETSTORM",
"id": "106557"
}
],
"trust": 2.97
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=17696",
"trust": 0.2,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2011-3192"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-3192",
"trust": 2.4
},
{
"db": "CERT/CC",
"id": "VU#405811",
"trust": 1.8
},
{
"db": "BID",
"id": "49303",
"trust": 1.3
},
{
"db": "SECUNIA",
"id": "46000",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "46126",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "45937",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "46125",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "45606",
"trust": 1.0
},
{
"db": "EXPLOIT-DB",
"id": "17696",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1025960",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "74721",
"trust": 1.0
},
{
"db": "HITACHI",
"id": "HS11-021",
"trust": 0.4
},
{
"db": "HITACHI",
"id": "HS11-020",
"trust": 0.4
},
{
"db": "HITACHI",
"id": "HS11-022",
"trust": 0.4
},
{
"db": "HITACHI",
"id": "HS11-019",
"trust": 0.3
},
{
"db": "JUNIPER",
"id": "JSA10642",
"trust": 0.3
},
{
"db": "SECUNIA",
"id": "46229",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2011-3192",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "104618",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "111915",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "104936",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105792",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105889",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "112043",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105356",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "107135",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105281",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "106388",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "106557",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#405811"
},
{
"db": "VULMON",
"id": "CVE-2011-3192"
},
{
"db": "BID",
"id": "49303"
},
{
"db": "PACKETSTORM",
"id": "104618"
},
{
"db": "PACKETSTORM",
"id": "111915"
},
{
"db": "PACKETSTORM",
"id": "104936"
},
{
"db": "PACKETSTORM",
"id": "105792"
},
{
"db": "PACKETSTORM",
"id": "105889"
},
{
"db": "PACKETSTORM",
"id": "112043"
},
{
"db": "PACKETSTORM",
"id": "105356"
},
{
"db": "PACKETSTORM",
"id": "107135"
},
{
"db": "PACKETSTORM",
"id": "105281"
},
{
"db": "PACKETSTORM",
"id": "106388"
},
{
"db": "PACKETSTORM",
"id": "106557"
},
{
"db": "NVD",
"id": "CVE-2011-3192"
}
]
},
"id": "VAR-201108-0132",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3003817384615385
},
"last_update_date": "2025-12-22T21:25:46.261000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Ubuntu Security Notice: apache2 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1199-1"
},
{
"title": "Cisco: Apache HTTPd Range Header Denial of Service Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20110830-apache"
},
{
"title": "Debian Security Advisories: DSA-2298-2 apache2 -- denial of service",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=7227b6751a2a5332a53278f1881d559f"
},
{
"title": "Amazon Linux AMI: ALAS-2011-001",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2011-001"
},
{
"title": "Red Hat: Moderate: httpd security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20120542 - Security Advisory"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2011-3192 "
},
{
"title": "MNCanyon",
"trust": 0.1,
"url": "https://github.com/MNCanyon/MNCanyon "
},
{
"title": "haproxy-ddos",
"trust": 0.1,
"url": "https://github.com/analytically/haproxy-ddos "
},
{
"title": "DDoS-Script",
"trust": 0.1,
"url": "https://github.com/Encapsulate/DDoS-Script "
},
{
"title": "Mind_help",
"trust": 0.1,
"url": "https://github.com/MNCanyon/Mind_help "
},
{
"title": "DC-p0t",
"trust": 0.1,
"url": "https://github.com/5p1n6a11/DC-p0t "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2011-3192"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-400",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-3192"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.apache.org/dist/httpd/announcement2.2.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html"
},
{
"trust": 1.3,
"url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=51714"
},
{
"trust": 1.3,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html"
},
{
"trust": 1.3,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"trust": 1.3,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html"
},
{
"trust": 1.1,
"url": "http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122d387dd@minotaur.apache.org%3e"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2011/aug/175"
},
{
"trust": 1.1,
"url": "http://blogs.oracle.com/security/entry/security_alert_for_cve_2011"
},
{
"trust": 1.0,
"url": "http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110826103531.998348f82@minotaur.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://osvdb.org/74721"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a18827"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080b90d73.shtml"
},
{
"trust": 1.0,
"url": "https://help.ecostruxureit.com/display/public/uadce725/security+fixes+in+struxureware+data+center+expert+v7.6.0"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-1199-1"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69396"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/46000"
},
{
"trust": 1.0,
"url": "http://support.apple.com/kb/ht5002"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html"
},
{
"trust": 1.0,
"url": "http://www.exploit-db.com/exploits/17696"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14762"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/46126"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3ccaapsnn2po-d-c4nqt_tes2rrwizr7urefhtkpwbc1b+k1dqc7g%40mail.gmail.com%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14824"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/45937"
},
{
"trust": 1.0,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00010.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2011//oct/msg00003.html"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0285.html"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2011:130"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2013:150"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2011-1294.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00006.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2011-1300.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/46125"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2011-1330.html"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=133477473521382\u0026w=2"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1025960"
},
{
"trust": 1.0,
"url": "http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122d387dd%40minotaur.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/45606"
},
{
"trust": 1.0,
"url": "http://www.kb.cert.org/vuls/id/405811"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2011-1369.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2011-1329.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/49303"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2011-1245.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00011.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html"
},
{
"trust": 1.0,
"url": "http://www.gossamer-threads.com/lists/apache/dev/401638"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3192"
},
{
"trust": 0.8,
"url": "http://blog.spiderlabs.com/2011/08/mitigation-of-apache-range-header-dos-attack.html"
},
{
"trust": 0.8,
"url": "http://www.apache.org/dist/httpd/changes_2.2.20"
},
{
"trust": 0.5,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0419"
},
{
"trust": 0.5,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c02964430"
},
{
"trust": 0.4,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/./vuls/hs11-020/index.html"
},
{
"trust": 0.4,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/./vuls/hs11-021/index.html"
},
{
"trust": 0.4,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/./vuls/hs11-022/index.html"
},
{
"trust": 0.4,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20110830-apache.shtml"
},
{
"trust": 0.4,
"url": "http://rhn.redhat.com/errata/rhsa-2011-1329.html"
},
{
"trust": 0.3,
"url": "http://kolab.org/pipermail/kolab-announce/2011/000102.html"
},
{
"trust": 0.3,
"url": "http://kolab.org/pipermail/kolab-announce/2011/000103.html"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10642\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/download.cgi"
},
{
"trust": 0.3,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?solutionid=sk65222"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/topics/security/alerts-086861.html#securityalerts"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/cve_2011_3192_and_cve"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/cve_2011_3192_denial_of"
},
{
"trust": 0.3,
"url": "http://marc.info/?l=apache-httpd-dev\u0026m=131418828705324\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.novell.com/support/viewcontent.do?externalid=7009621"
},
{
"trust": 0.3,
"url": "/archive/1/520376"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100148618"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03285138"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03315912"
},
{
"trust": 0.3,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03517954\u0026ac.admitted=1349807398574.876444892.199480143"
},
{
"trust": 0.3,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs11-019/index.html"
},
{
"trust": 0.3,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-201102e.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21512087"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/security/cve-2011-3192.txt"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2011-1300.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1330.html"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas2aae02620b9b78d9e862578fe003c799b"
},
{
"trust": 0.3,
"url": "http://www.xerox.com/download/security/security-bulletin/1284345-ee19-4bf3860908380/cert_xrx12-004_v1.01.pdf"
},
{
"trust": 0.3,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1623"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4409"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1468"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1148"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3182"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1467"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1471"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1452"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0734"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1470"
},
{
"trust": 0.2,
"url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2202"
},
{
"trust": 0.2,
"url": "http://h18000.www1.hp.com/products/servers/management/agents/index.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4645"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1945"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2068"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1928"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1938"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3436"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2483"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0014"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1464"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1153"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0195"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0037"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2192"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2791"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3189"
},
{
"trust": 0.2,
"url": "https://ftp.usa.hp.com/hprc/home"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/kb/docs/doc-11259"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3192.html"
},
{
"trust": 0.2,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3348"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewambalert.x?alertid=24024"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/support/tsd_cisco_worldwide_contacts.html"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/products_security_vulnerability_policy.html"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/docs/general/warranty/english/eu1ken_.html"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html"
},
{
"trust": 0.1,
"url": "http://www.cisco.com"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/public/sw-center/sw-usingswc.shtml"
},
{
"trust": 0.1,
"url": "http://intellishield.cisco.com/security/alertmanager/cvss"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1369.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3348"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumber=hpuxwsatw318"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46000"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/46000/"
},
{
"trust": 0.1,
"url": "http://secunia.com/company/jobs/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/46000/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/46229/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46229"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/46229/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/ovum_2011_request/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#405811"
},
{
"db": "BID",
"id": "49303"
},
{
"db": "PACKETSTORM",
"id": "104618"
},
{
"db": "PACKETSTORM",
"id": "111915"
},
{
"db": "PACKETSTORM",
"id": "104936"
},
{
"db": "PACKETSTORM",
"id": "105792"
},
{
"db": "PACKETSTORM",
"id": "105889"
},
{
"db": "PACKETSTORM",
"id": "112043"
},
{
"db": "PACKETSTORM",
"id": "105356"
},
{
"db": "PACKETSTORM",
"id": "107135"
},
{
"db": "PACKETSTORM",
"id": "105281"
},
{
"db": "PACKETSTORM",
"id": "106388"
},
{
"db": "PACKETSTORM",
"id": "106557"
},
{
"db": "NVD",
"id": "CVE-2011-3192"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#405811"
},
{
"db": "VULMON",
"id": "CVE-2011-3192"
},
{
"db": "BID",
"id": "49303"
},
{
"db": "PACKETSTORM",
"id": "104618"
},
{
"db": "PACKETSTORM",
"id": "111915"
},
{
"db": "PACKETSTORM",
"id": "104936"
},
{
"db": "PACKETSTORM",
"id": "105792"
},
{
"db": "PACKETSTORM",
"id": "105889"
},
{
"db": "PACKETSTORM",
"id": "112043"
},
{
"db": "PACKETSTORM",
"id": "105356"
},
{
"db": "PACKETSTORM",
"id": "107135"
},
{
"db": "PACKETSTORM",
"id": "105281"
},
{
"db": "PACKETSTORM",
"id": "106388"
},
{
"db": "PACKETSTORM",
"id": "106557"
},
{
"db": "NVD",
"id": "CVE-2011-3192"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-26T00:00:00",
"db": "CERT/CC",
"id": "VU#405811"
},
{
"date": "2011-08-29T00:00:00",
"db": "VULMON",
"id": "CVE-2011-3192"
},
{
"date": "2011-08-24T00:00:00",
"db": "BID",
"id": "49303"
},
{
"date": "2011-08-31T01:47:39",
"db": "PACKETSTORM",
"id": "104618"
},
{
"date": "2012-04-17T20:34:39",
"db": "PACKETSTORM",
"id": "111915"
},
{
"date": "2011-09-09T05:23:01",
"db": "PACKETSTORM",
"id": "104936"
},
{
"date": "2011-10-14T05:53:11",
"db": "PACKETSTORM",
"id": "105792"
},
{
"date": "2011-10-17T14:25:34",
"db": "PACKETSTORM",
"id": "105889"
},
{
"date": "2012-04-20T20:15:33",
"db": "PACKETSTORM",
"id": "112043"
},
{
"date": "2011-09-28T18:18:28",
"db": "PACKETSTORM",
"id": "105356"
},
{
"date": "2011-11-18T07:59:05",
"db": "PACKETSTORM",
"id": "107135"
},
{
"date": "2011-09-22T05:35:12",
"db": "PACKETSTORM",
"id": "105281"
},
{
"date": "2011-10-31T07:51:54",
"db": "PACKETSTORM",
"id": "106388"
},
{
"date": "2011-11-03T22:08:17",
"db": "PACKETSTORM",
"id": "106557"
},
{
"date": "2011-08-29T15:55:02.017000",
"db": "NVD",
"id": "CVE-2011-3192"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-19T00:00:00",
"db": "CERT/CC",
"id": "VU#405811"
},
{
"date": "2022-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2011-3192"
},
{
"date": "2015-05-07T17:20:00",
"db": "BID",
"id": "49303"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2011-3192"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "49303"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache HTTPD 1.3/2.x Range header DoS vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#405811"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "49303"
}
],
"trust": 0.3
}
}
CERTA-2011-AVI-564
Vulnerability from certfr_avis - Published: 2011-10-13 - Updated: 2011-10-13
Plusieurs vulnérabilités présentes dans Mac OS X ont été corrigées.
Description
De multiples vulnérabilités découvertes dans Mac OS X permettent à une personne malveillante d'exécuter du code arbitraire à distance avec potentiellement des privilèges élevés, de provoquer un déni de service, de contourner la politique de sécurité du système, de porter atteinte à la confidentialité et à l'intégrité des données ou encore de réaliser une injection de code indirecte.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Mac OS X v10.6.8 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Mac OS X Lion Server v10.7 et v10.7.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Mac OS X Server v10.7 et v10.7.1.",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Mac OS X Server v10.6.8 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s d\u00e9couvertes dans Mac OS X permettent \u00e0 une\npersonne malveillante d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance avec\npotentiellement des privil\u00e8ges \u00e9lev\u00e9s, de provoquer un d\u00e9ni de service,\nde contourner la politique de s\u00e9curit\u00e9 du syst\u00e8me, de porter atteinte \u00e0\nla confidentialit\u00e9 et \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es ou encore de r\u00e9aliser\nune injection de code indirecte.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-3216",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3216"
},
{
"name": "CVE-2011-3436",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3436"
},
{
"name": "CVE-2010-1634",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1634"
},
{
"name": "CVE-2011-3214",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3214"
},
{
"name": "CVE-2011-0187",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0187"
},
{
"name": "CVE-2011-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
},
{
"name": "CVE-2011-3228",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3228"
},
{
"name": "CVE-2011-0421",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0421"
},
{
"name": "CVE-2011-0259",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0259"
},
{
"name": "CVE-2011-3221",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3221"
},
{
"name": "CVE-2010-4172",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4172"
},
{
"name": "CVE-2011-3217",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3217"
},
{
"name": "CVE-2011-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3219"
},
{
"name": "CVE-2011-0534",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0534"
},
{
"name": "CVE-2011-0230",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0230"
},
{
"name": "CVE-2011-0229",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0229"
},
{
"name": "CVE-2011-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1471"
},
{
"name": "CVE-2011-3222",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3222"
},
{
"name": "CVE-2011-1466",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1466"
},
{
"name": "CVE-2011-0226",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0226"
},
{
"name": "CVE-2011-0013",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0013"
},
{
"name": "CVE-2011-0231",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0231"
},
{
"name": "CVE-2011-3213",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3213"
},
{
"name": "CVE-2009-4022",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-4022"
},
{
"name": "CVE-2011-1153",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1153"
},
{
"name": "CVE-2011-3218",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3218"
},
{
"name": "CVE-2011-2692",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2692"
},
{
"name": "CVE-2010-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4645"
},
{
"name": "CVE-2011-0249",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0249"
},
{
"name": "CVE-2011-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3212"
},
{
"name": "CVE-2011-0250",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0250"
},
{
"name": "CVE-2011-1092",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1092"
},
{
"name": "CVE-2011-3227",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3227"
},
{
"name": "CVE-2011-1469",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1469"
},
{
"name": "CVE-2010-2227",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2227"
},
{
"name": "CVE-2011-1910",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1910"
},
{
"name": "CVE-2011-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3220"
},
{
"name": "CVE-2011-0708",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0708"
},
{
"name": "CVE-2010-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3614"
},
{
"name": "CVE-2011-3224",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3224"
},
{
"name": "CVE-2011-3226",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3226"
},
{
"name": "CVE-2011-0260",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0260"
},
{
"name": "CVE-2011-2690",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2690"
},
{
"name": "CVE-2011-3215",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3215"
},
{
"name": "CVE-2010-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3613"
},
{
"name": "CVE-2011-1521",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1521"
},
{
"name": "CVE-2011-1467",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1467"
},
{
"name": "CVE-2011-1755",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1755"
},
{
"name": "CVE-2011-3246",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3246"
},
{
"name": "CVE-2011-3435",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3435"
},
{
"name": "CVE-2011-2691",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2691"
},
{
"name": "CVE-2011-3437",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3437"
},
{
"name": "CVE-2011-0251",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0251"
},
{
"name": "CVE-2011-1470",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1470"
},
{
"name": "CVE-2011-3225",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3225"
},
{
"name": "CVE-2011-0411",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0411"
},
{
"name": "CVE-2010-3718",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3718"
},
{
"name": "CVE-2011-2464",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2464"
},
{
"name": "CVE-2010-3436",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3436"
},
{
"name": "CVE-2010-0097",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0097"
},
{
"name": "CVE-2011-0707",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0707"
},
{
"name": "CVE-2011-0252",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0252"
},
{
"name": "CVE-2011-0224",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0224"
},
{
"name": "CVE-2010-2089",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2089"
},
{
"name": "CVE-2011-0420",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0420"
},
{
"name": "CVE-2010-1157",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1157"
},
{
"name": "CVE-2011-0419",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0419"
},
{
"name": "CVE-2011-1468",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1468"
},
{
"name": "CVE-2011-3223",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3223"
},
{
"name": "CVE-2011-0185",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0185"
}
],
"initial_release_date": "2011-10-13T00:00:00",
"last_revision_date": "2011-10-13T00:00:00",
"links": [
{
"title": "R\u00e9f\u00e9rence CVE CVE-2010-3436 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-3436"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-0708 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0708"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-1467 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1467"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-1910 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1910"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-3217 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3217"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-1153 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1153"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-3220 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3220"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2010-3614 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-3614"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-0420 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0420"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-0411 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0411"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-0224 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0224"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2010-3613 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-3613"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-3225 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3225"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-0249 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0249"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-3227 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3227"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-1521 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1521"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-0185 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0185"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-0252 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0252"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-0226 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0226"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2010-4645 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-4645"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-3213 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3213"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-3221 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3221"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-1471 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1471"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-3435 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3435"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-3218 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3218"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-0013 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0013"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2010-1634 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-1634"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-0250 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0250"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-3224 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3224"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-0259 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0259"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-2690 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-2690"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-3226 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3226"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-3216 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3216"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-3212 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3212"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2010-2089 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-2089"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2010-3718 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-3718"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-0260 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0260"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-3214 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3214"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2010-1157 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-1157"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-0707 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0707"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-3223 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3223"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-3246 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3246"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2010-2227 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-2227"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2010-4172 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-4172"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-3436 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3436"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-2691 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-2691"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-3437 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3437"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2009-4022 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2009-4022"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-0187 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0187"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-3192 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3192"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-1755 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1755"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2010-0097 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-0097"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-0419 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0419"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-1466 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1466"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-0421 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0421"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-0251 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0251"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-3219 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3219"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-0229 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0229"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-3222 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3222"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-0534 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0534"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-3228 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3228"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-3215 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3215"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-1092 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1092"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-0230 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0230"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-1470 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1470"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-0231 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0231"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-2692 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-2692"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-1468 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1468"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-2464 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-2464"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2011-1469 :",
"url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1469"
}
],
"reference": "CERTA-2011-AVI-564",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-10-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans Mac OS X ont \u00e9t\u00e9 corrig\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Mac OS X",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT5002 du 12 octobre 2011",
"url": "http://docs.info.apple.com/article.html?artnum=HT5002"
}
]
}
CERTA-2011-AVI-530
Vulnerability from certfr_avis - Published: 2011-09-21 - Updated: 2011-09-21
Une vulnérabilité dans les produits Oracle permet à un utilisateur malintentionné de provoquer un déni de service à distance.
Description
Une vulnérabilité dans les produits Oracle permet à un utilisateur malintentionné de provoquer un déni de service à distance dans certaines conditions.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | N/A | Oracle Application Server 10g Release 3, version 10.1.3.5.0 avec Apache installé ; | ||
| Oracle | N/A | Oracle Application Server 10g Release 2, version 10.1.2.3.0 avec Apache installé. | ||
| Oracle | N/A | Oracle Fusion Middleware 11g Release 1, versions 11.1.1.3.0, 11.1.1.4.0, 11.1.1.5.0 ; |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle Application Server 10g Release 3, version 10.1.3.5.0 avec Apache install\u00e9 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Application Server 10g Release 2, version 10.1.2.3.0 avec Apache install\u00e9.",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Fusion Middleware 11g Release 1, versions 11.1.1.3.0, 11.1.1.4.0, 11.1.1.5.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 dans les produits Oracle permet \u00e0 un utilisateur\nmalintentionn\u00e9 de provoquer un d\u00e9ni de service \u00e0 distance dans certaines\nconditions.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
}
],
"initial_release_date": "2011-09-21T00:00:00",
"last_revision_date": "2011-09-21T00:00:00",
"links": [
{
"title": "Avis CERTA-2011-AVI-516 :",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2011-AVI-516/index.html"
}
],
"reference": "CERTA-2011-AVI-530",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-09-21T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 dans les produits Oracle permet \u00e0 un utilisateur\nmalintentionn\u00e9 de provoquer un d\u00e9ni de service \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits Oracle",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle du 15 septembre 2011",
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html"
}
]
}
CERTFR-2014-AVI-357
Vulnerability from certfr_avis - Published: 2014-08-14 - Updated: 2014-08-14
De multiples vulnérabilités ont été corrigées dans les produits Juniper. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | NSM3000 | ||
| ESET | Security | Security Threat Response Manager | ||
| Juniper Networks | Secure Analytics | Juniper Secure Analytics | ||
| N/A | N/A | NSMExpress |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "NSM3000",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Security Threat Response Manager",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Juniper Secure Analytics",
"product": {
"name": "Secure Analytics",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "NSMExpress",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2012-0053",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0053"
},
{
"name": "CVE-2011-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
},
{
"name": "CVE-2014-0460",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0460"
},
{
"name": "CVE-2014-0063",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0063"
},
{
"name": "CVE-2013-4286",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4286"
},
{
"name": "CVE-2013-4002",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4002"
},
{
"name": "CVE-2013-5823",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5823"
},
{
"name": "CVE-2013-4590",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4590"
},
{
"name": "CVE-2012-5081",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5081"
},
{
"name": "CVE-2014-0061",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0061"
},
{
"name": "CVE-2013-2457",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2457"
},
{
"name": "CVE-2013-5803",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5803"
},
{
"name": "CVE-2012-0031",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0031"
},
{
"name": "CVE-2014-0114",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0114"
},
{
"name": "CVE-2014-0067",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0067"
},
{
"name": "CVE-2014-0411",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0411"
},
{
"name": "CVE-2013-2461",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2461"
},
{
"name": "CVE-2013-0443",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0443"
},
{
"name": "CVE-2014-0098",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0098"
},
{
"name": "CVE-2014-0453",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0453"
},
{
"name": "CVE-2013-0169",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0169"
},
{
"name": "CVE-2013-5802",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5802"
},
{
"name": "CVE-2014-0423",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0423"
},
{
"name": "CVE-2014-0224",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0224"
},
{
"name": "CVE-2013-0440",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0440"
},
{
"name": "CVE-2011-3368",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3368"
},
{
"name": "CVE-2013-4322",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4322"
},
{
"name": "CVE-2013-5780",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5780"
},
{
"name": "CVE-2014-0064",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0064"
},
{
"name": "CVE-2014-0065",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0065"
},
{
"name": "CVE-2013-2451",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2451"
},
{
"name": "CVE-2014-0107",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0107"
},
{
"name": "CVE-2013-2407",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2407"
},
{
"name": "CVE-2014-0033",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0033"
},
{
"name": "CVE-2014-0062",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0062"
},
{
"name": "CVE-2014-0060",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0060"
},
{
"name": "CVE-2010-5298",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-5298"
},
{
"name": "CVE-2013-5825",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5825"
},
{
"name": "CVE-2013-1537",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1537"
},
{
"name": "CVE-2014-0198",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0198"
},
{
"name": "CVE-2011-0419",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0419"
},
{
"name": "CVE-2013-5830",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5830"
},
{
"name": "CVE-2014-0066",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0066"
}
],
"initial_release_date": "2014-08-14T00:00:00",
"last_revision_date": "2014-08-14T00:00:00",
"links": [],
"reference": "CERTFR-2014-AVI-357",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2014-08-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eJuniper\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10642 du 13 ao\u00fbt 2014",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10642"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10643 du 13 ao\u00fbt 2014",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10643"
}
]
}
CERTA-2011-AVI-490
Vulnerability from certfr_avis - Published: 2011-09-01 - Updated: 2011-11-21
Une vulnérabilité présente dans Apache httpd permet à un utilisateur distant malintentionné de provoquer un déni de service.
Description
Une vulnérabilité relative à la gestion de certains paramètres d'en-tête HTTP est présente dans le serveur web Apache httpd. Elle permet à un utilisateur distant malintentionné de provoquer une consommation mémoire excessive du serveur au moyen d'une requête HTTP spécialement conçue.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Apache httpd versions 1.3.42 et ant\u00e9rieures.",
"product": {
"name": "N/A",
"vendor": {
"name": "Apache",
"scada": false
}
}
},
{
"description": "Apache httpd versions 2.2.19 et ant\u00e9rieures;",
"product": {
"name": "N/A",
"vendor": {
"name": "Apache",
"scada": false
}
}
},
{
"description": "Apache httpd versions 2.0.64 et ant\u00e9rieures;",
"product": {
"name": "N/A",
"vendor": {
"name": "Apache",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 relative \u00e0 la gestion de certains param\u00e8tres d\u0027en-t\u00eate\nHTTP est pr\u00e9sente dans le serveur web Apache httpd. Elle permet \u00e0 un\nutilisateur distant malintentionn\u00e9 de provoquer une consommation m\u00e9moire\nexcessive du serveur au moyen d\u0027une requ\u00eate HTTP sp\u00e9cialement con\u00e7ue.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
}
],
"initial_release_date": "2011-09-01T00:00:00",
"last_revision_date": "2011-11-21T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 HP c02997184 du 08 septembre 2011 :",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02997184"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 RedHat RHSA-2011:1245-1 31 ao\u00fbt 2011 :",
"url": "http://rhn.redhat.com/errata/RHSA-2011-1245.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA 2298 du 29 ao\u00fbt 2011 :",
"url": "http://www.debian.org/security/2011/dsa-2298"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20110830-apache du 09 septembre 2011 :",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20110830-apache.shtml"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM ISS Xforce 69396 du 23 ao\u00fbt 2011 :",
"url": "http://xforce.iss.net/xforce/xfdb/69396"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDVSA-2011:130 du 04 septembre 2011 :",
"url": "http://www.mandriva.com/fr/support/security/advisories/?dis=2010\u0026name=MDVSA-2011:130"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-1199-1 du 01 septembre 2011 :",
"url": "http://www.ubuntulinux.org/usn/usn-1199-1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Novell (Suse) CVE-2011-3192 du 06 septembre 2011 :",
"url": "http://support.novell.com/security/cve/CVE-2011-3192.html"
},
{
"title": "Alerte de s\u00e9curit\u00e9 Oracle du 15 septembre 2011 :",
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Hitachi HS11-019 du 05 septembre 2011 :",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS11-019/index.html"
}
],
"reference": "CERTA-2011-AVI-490",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-09-01T00:00:00.000000"
},
{
"description": "ajout des r\u00e9f\u00e9rences aux bulletins Cisco, Hitachi, HP, Mandriva, Novell (Suse), RedHat et Ubuntu.",
"revision_date": "2011-09-13T00:00:00.000000"
},
{
"description": "ajout de la r\u00e9f\u00e9rence au bulletin Oracle.",
"revision_date": "2011-11-21T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 pr\u00e9sente dans \u003cspan class=\"textit\"\u003eApache httpd\u003c/span\u003e\npermet \u00e0 un utilisateur distant malintentionn\u00e9 de provoquer un d\u00e9ni de\nservice.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans Apache httpd",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apache du 30 ao\u00fbt 2011",
"url": "http://httpd.apache.org/security/vulnerabilities_22.html#2.2.20"
}
]
}
CERTA-2011-AVI-586
Vulnerability from certfr_avis - Published: 2011-10-21 - Updated: 2011-10-21
De multiples vulnérabilités ont été corrigées dans les produits Oracle.
Description
De multiples vulnérabilités ont été corrigées dans les produits Oracle. Elles peuvent notamment être exploitées pour porter atteinte à la confidentialité, l'intégrité ou la disponibilité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | N/A | Oracle Siebel CRM Core and Apps, versions 8.0.0, 8.1.1 ; | ||
| Oracle | N/A | Oracle Sun Product Suite ; | ||
| Oracle | N/A | Oracle Application Server 10g Release 3, version 10.1.3.5.0 ; | ||
| Oracle | N/A | Oracle Agile Product Supplier Collaboration for Process, versions 5.2.2, 6.0.0.2, 6.0.0.3, 6.0.0.4 ; | ||
| Oracle | N/A | Oracle Outside In Technology, versions 8.3.5, 8.3.7 ; | ||
| Oracle | N/A | Oracle Database 11g Release 2, version 11.2.0.2 ; | ||
| Oracle | N/A | Oracle Application Server 10g Release 2, version 10.1.2.3.0 ; | ||
| Oracle | N/A | Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4, 10.2.0.5 ; | ||
| Oracle | N/A | Oracle E-Business Suite Release 11i, version 11.5.10.2 ; | ||
| Oracle | N/A | Oracle Clinical, Remote Data Capture, versions 4.6, 4.6.2 ; | ||
| Oracle | Weblogic | Oracle WebLogic Server, versions 9.2.4, 10.0.2, 11gR1 (10.3.3, 10.3.4, 10.3.5) ; | ||
| Oracle | N/A | Oracle Linux 5 ; | ||
| Oracle | N/A | Oracle Database 10g Release 1, version 10.1.0.5 ; | ||
| Oracle | N/A | Oracle Business Intelligence Enterprise Edition, versions 11.1.1.3, 11.1.1.5 ; | ||
| Oracle | N/A | Oracle Thesaurus Management System, versions 4.6.1, 4.6.2 ; | ||
| Oracle | N/A | Oracle E-Business Suite Release 12, versions 12.0.6, 12.1.2, 12.1.3 ; | ||
| Oracle | N/A | Oracle Sun Ray ; | ||
| Oracle | PeopleSoft | Oracle PeopleSoft Enterprise PeopleTools, versions 8.49, 8.50, 8.51 ; | ||
| Oracle | Weblogic | Oracle WebLogic Portal, versions 9.2.3.0, 10.0.1.0, 10.2.1.0, 10.3.2.0 ; | ||
| Oracle | N/A | Oracle Database 11g Release 1, version 11.1.0.7 ; | ||
| Oracle | N/A | Oracle Fusion Middleware 11g Release 1, versions 11.1.1.3.0, 11.1.1.4.0, 11.1.1.5.0 ; | ||
| Oracle | N/A | Oracle Identity Management 10g, versions 10.1.4.0.1, 10.1.4.3 ; | ||
| Oracle | PeopleSoft | Oracle PeopleSoft Enterprise HRMS, versions 8.9, 9.0, 9.1 ; |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle Siebel CRM Core and Apps, versions 8.0.0, 8.1.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Sun Product Suite ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Application Server 10g Release 3, version 10.1.3.5.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Agile Product Supplier Collaboration for Process, versions 5.2.2, 6.0.0.2, 6.0.0.3, 6.0.0.4 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Outside In Technology, versions 8.3.5, 8.3.7 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database 11g Release 2, version 11.2.0.2 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Application Server 10g Release 2, version 10.1.2.3.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4, 10.2.0.5 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle E-Business Suite Release 11i, version 11.5.10.2 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Clinical, Remote Data Capture, versions 4.6, 4.6.2 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle WebLogic Server, versions 9.2.4, 10.0.2, 11gR1 (10.3.3, 10.3.4, 10.3.5) ;",
"product": {
"name": "Weblogic",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Linux 5 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database 10g Release 1, version 10.1.0.5 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Business Intelligence Enterprise Edition, versions 11.1.1.3, 11.1.1.5 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Thesaurus Management System, versions 4.6.1, 4.6.2 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle E-Business Suite Release 12, versions 12.0.6, 12.1.2, 12.1.3 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Sun Ray ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle PeopleSoft Enterprise PeopleTools, versions 8.49, 8.50, 8.51 ;",
"product": {
"name": "PeopleSoft",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle WebLogic Portal, versions 9.2.3.0, 10.0.1.0, 10.2.1.0, 10.3.2.0 ;",
"product": {
"name": "Weblogic",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database 11g Release 1, version 11.1.0.7 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Fusion Middleware 11g Release 1, versions 11.1.1.3.0, 11.1.1.4.0, 11.1.1.5.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Identity Management 10g, versions 10.1.4.0.1, 10.1.4.3 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle PeopleSoft Enterprise HRMS, versions 8.9, 9.0, 9.1 ;",
"product": {
"name": "PeopleSoft",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits Oracle.\nElles peuvent notamment \u00eatre exploit\u00e9es pour porter atteinte \u00e0 la\nconfidentialit\u00e9, l\u0027int\u00e9grit\u00e9 ou la disponibilit\u00e9 des donn\u00e9es.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-2306",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2306"
},
{
"name": "CVE-2011-3532",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3532"
},
{
"name": "CVE-2011-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
},
{
"name": "CVE-2011-3536",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3536"
},
{
"name": "CVE-2011-2292",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2292"
},
{
"name": "CVE-2011-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2312"
},
{
"name": "CVE-2011-2301",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2301"
},
{
"name": "CVE-2011-3522",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3522"
},
{
"name": "CVE-2011-2313",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2313"
},
{
"name": "CVE-2011-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3517"
},
{
"name": "CVE-2011-2255",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2255"
},
{
"name": "CVE-2011-2316",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2316"
},
{
"name": "CVE-2011-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3515"
},
{
"name": "CVE-2011-3511",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3511"
},
{
"name": "CVE-2011-3507",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3507"
},
{
"name": "CVE-2011-3519",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3519"
},
{
"name": "CVE-2011-3513",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3513"
},
{
"name": "CVE-2011-3535",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3535"
},
{
"name": "CVE-2011-2320",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2320"
},
{
"name": "CVE-2011-2308",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2308"
},
{
"name": "CVE-2011-3510",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3510"
},
{
"name": "CVE-2011-2311",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2311"
},
{
"name": "CVE-2011-3518",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3518"
},
{
"name": "CVE-2011-3542",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3542"
},
{
"name": "CVE-2011-2304",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2304"
},
{
"name": "CVE-2011-3508",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3508"
},
{
"name": "CVE-2011-3534",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3534"
},
{
"name": "CVE-2011-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2309"
},
{
"name": "CVE-2011-3530",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3530"
},
{
"name": "CVE-2011-3559",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3559"
},
{
"name": "CVE-2011-3512",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3512"
},
{
"name": "CVE-2011-2302",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2302"
},
{
"name": "CVE-2011-3528",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3528"
},
{
"name": "CVE-2011-2315",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2315"
},
{
"name": "CVE-2011-3506",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3506"
},
{
"name": "CVE-2011-3523",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3523"
},
{
"name": "CVE-2011-2323",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2323"
},
{
"name": "CVE-2011-3526",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3526"
},
{
"name": "CVE-2011-2310",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2310"
},
{
"name": "CVE-2011-2319",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2319"
},
{
"name": "CVE-2011-3520",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3520"
},
{
"name": "CVE-2011-3533",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3533"
},
{
"name": "CVE-2011-2303",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2303"
},
{
"name": "CVE-2011-3543",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3543"
},
{
"name": "CVE-2011-3525",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3525"
},
{
"name": "CVE-2011-2322",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2322"
},
{
"name": "CVE-2011-2314",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2314"
},
{
"name": "CVE-2011-2237",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2237"
},
{
"name": "CVE-2011-3538",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3538"
},
{
"name": "CVE-2011-3527",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3527"
},
{
"name": "CVE-2011-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2327"
},
{
"name": "CVE-2011-3537",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3537"
},
{
"name": "CVE-2011-3539",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3539"
},
{
"name": "CVE-2011-2318",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2318"
},
{
"name": "CVE-2011-2286",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2286"
},
{
"name": "CVE-2011-3541",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3541"
},
{
"name": "CVE-2011-3529",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3529"
}
],
"initial_release_date": "2011-10-21T00:00:00",
"last_revision_date": "2011-10-21T00:00:00",
"links": [],
"reference": "CERTA-2011-AVI-586",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-10-21T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits Oracle.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Oracle",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle d\u0027octobre 2011",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html"
}
]
}
CERTA-2012-AVI-024
Vulnerability from certfr_avis - Published: 2012-01-18 - Updated: 2012-01-18
Plusieurs vulnérabilités présentes dans de nombreux produits Oracle ont été corrigées.
Description
Plusieurs vulnérabilités dans les produits Oracle peuvent être exploitées, à distance ou depuis le réseau local, afin de porter atteinte à la confidentialité ou à l'intégrité des données présentes sur le système, de réaliser un déni de service ou d'exécuter du code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | PeopleSoft | Oracle PeopleSoft Enterprise CRM version 8.9 ; | ||
| Oracle | N/A | Oracle Sun Product Suite ; | ||
| Oracle | N/A | Oracle Transportation Management versions 5.5, 6.0, 6.1, 6.2 ; | ||
| Oracle | Weblogic | Oracle WebLogic Server versions 9.2.4, 10.0.2, 11gR1 (10.3.3, 10.3.4, 10.3.5) ; | ||
| Oracle | N/A | Oracle Database 10g Release 2 versions 10.2.0.3, 10.2.0.4, 10.2.0.5 ; | ||
| Oracle | MySQL | Oracle MySQL Server, versions 5.0, 5.1, 5.5. | ||
| Oracle | PeopleSoft | Oracle PeopleSoft Enterprise HCM versions 8.9, 9.0, 9.1 ; | ||
| Oracle | N/A | Oracle Database 10g Release 1 version 10.1.0.5 ; | ||
| Oracle | N/A | Oracle Database 11g Release 2 versions 11.2.0.2, 11.2.0.3 ; | ||
| Oracle | N/A | Oracle VM VirtualBox version 4.1 ; | ||
| Oracle | N/A | Oracle Application Server 10g Release 3 version 10.1.3.5.0 ; | ||
| Oracle | N/A | Oracle E-Business Suite Release 11i version 11.5.10.2 ; | ||
| Oracle | N/A | Oracle JDEdwards version 8.98 ; | ||
| Oracle | N/A | Oracle Fusion Middleware 11g Release 1 versions 11.1.1.3.0, 11.1.1.4.0, 11.1.1.5.0 ; | ||
| Oracle | N/A | Oracle Outside In Technology versions 8.3.5, 8.3.7 ; | ||
| Oracle | PeopleSoft | Oracle PeopleSoft Enterprise PeopleTools version 8.52 ; | ||
| Oracle | N/A | Oracle Database 11g Release 1 version 11.1.0.7 ; | ||
| Oracle | N/A | Oracle Virtual Desktop Infrastructure version 3.2 ; | ||
| Oracle | N/A | Oracle E-Business Suite Release 12 versions 12.1.2, 12.1.3 ; |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle PeopleSoft Enterprise CRM version 8.9 ;",
"product": {
"name": "PeopleSoft",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Sun Product Suite ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Transportation Management versions 5.5, 6.0, 6.1, 6.2 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle WebLogic Server versions 9.2.4, 10.0.2, 11gR1 (10.3.3, 10.3.4, 10.3.5) ;",
"product": {
"name": "Weblogic",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database 10g Release 2 versions 10.2.0.3, 10.2.0.4, 10.2.0.5 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle MySQL Server, versions 5.0, 5.1, 5.5.",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle PeopleSoft Enterprise HCM versions 8.9, 9.0, 9.1 ;",
"product": {
"name": "PeopleSoft",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database 10g Release 1 version 10.1.0.5 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database 11g Release 2 versions 11.2.0.2, 11.2.0.3 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle VM VirtualBox version 4.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Application Server 10g Release 3 version 10.1.3.5.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle E-Business Suite Release 11i version 11.5.10.2 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle JDEdwards version 8.98 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Fusion Middleware 11g Release 1 versions 11.1.1.3.0, 11.1.1.4.0, 11.1.1.5.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Outside In Technology versions 8.3.5, 8.3.7 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle PeopleSoft Enterprise PeopleTools version 8.52 ;",
"product": {
"name": "PeopleSoft",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database 11g Release 1 version 11.1.0.7 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Virtual Desktop Infrastructure version 3.2 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle E-Business Suite Release 12 versions 12.1.2, 12.1.3 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s dans les produits Oracle peuvent \u00eatre\nexploit\u00e9es, \u00e0 distance ou depuis le r\u00e9seau local, afin de porter\natteinte \u00e0 la confidentialit\u00e9 ou \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es pr\u00e9sentes sur\nle syst\u00e8me, de r\u00e9aliser un d\u00e9ni de service ou d\u0027ex\u00e9cuter du code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2012-0487",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0487"
},
{
"name": "CVE-2012-0088",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0088"
},
{
"name": "CVE-2011-2321",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2321"
},
{
"name": "CVE-2011-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
},
{
"name": "CVE-2011-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3509"
},
{
"name": "CVE-2012-0109",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0109"
},
{
"name": "CVE-2012-0110",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0110"
},
{
"name": "CVE-2012-0115",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0115"
},
{
"name": "CVE-2012-0074",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0074"
},
{
"name": "CVE-2012-0078",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0078"
},
{
"name": "CVE-2012-0485",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0485"
},
{
"name": "CVE-2012-0118",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0118"
},
{
"name": "CVE-2011-2326",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2326"
},
{
"name": "CVE-2012-0491",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0491"
},
{
"name": "CVE-2012-0099",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0099"
},
{
"name": "CVE-2012-0098",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0098"
},
{
"name": "CVE-2012-0119",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0119"
},
{
"name": "CVE-2011-2271",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2271"
},
{
"name": "CVE-2012-0492",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0492"
},
{
"name": "CVE-2012-0096",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0096"
},
{
"name": "CVE-2012-0494",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0494"
},
{
"name": "CVE-2012-0117",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0117"
},
{
"name": "CVE-2012-0105",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0105"
},
{
"name": "CVE-2011-3568",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3568"
},
{
"name": "CVE-2012-0488",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0488"
},
{
"name": "CVE-2011-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3570"
},
{
"name": "CVE-2012-0116",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0116"
},
{
"name": "CVE-2012-0101",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0101"
},
{
"name": "CVE-2012-0489",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0489"
},
{
"name": "CVE-2012-0085",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0085"
},
{
"name": "CVE-2012-0094",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0094"
},
{
"name": "CVE-2012-0087",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0087"
},
{
"name": "CVE-2012-0114",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0114"
},
{
"name": "CVE-2012-0081",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0081"
},
{
"name": "CVE-2012-0072",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0072"
},
{
"name": "CVE-2012-0103",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0103"
},
{
"name": "CVE-2011-3565",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3565"
},
{
"name": "CVE-2011-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4517"
},
{
"name": "CVE-2012-0075",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0075"
},
{
"name": "CVE-2011-3566",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3566"
},
{
"name": "CVE-2011-3569",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3569"
},
{
"name": "CVE-2012-0097",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0097"
},
{
"name": "CVE-2012-0084",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0084"
},
{
"name": "CVE-2011-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3574"
},
{
"name": "CVE-2011-3531",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3531"
},
{
"name": "CVE-2011-3514",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3514"
},
{
"name": "CVE-2011-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3564"
},
{
"name": "CVE-2011-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4516"
},
{
"name": "CVE-2012-0079",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0079"
},
{
"name": "CVE-2011-3524",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3524"
},
{
"name": "CVE-2012-0076",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0076"
},
{
"name": "CVE-2012-0080",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0080"
},
{
"name": "CVE-2011-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3573"
},
{
"name": "CVE-2011-2325",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2325"
},
{
"name": "CVE-2011-2324",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2324"
},
{
"name": "CVE-2012-0486",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0486"
},
{
"name": "CVE-2012-0082",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0082"
},
{
"name": "CVE-2012-0091",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0091"
},
{
"name": "CVE-2012-0104",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0104"
},
{
"name": "CVE-2012-0089",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0089"
},
{
"name": "CVE-2012-0484",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0484"
},
{
"name": "CVE-2012-0113",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0113"
},
{
"name": "CVE-2012-0077",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0077"
},
{
"name": "CVE-2011-2317",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2317"
},
{
"name": "CVE-2012-0073",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0073"
},
{
"name": "CVE-2011-3571",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3571"
},
{
"name": "CVE-2012-0102",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0102"
},
{
"name": "CVE-2012-0100",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0100"
},
{
"name": "CVE-2012-0493",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0493"
},
{
"name": "CVE-2012-0120",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0120"
},
{
"name": "CVE-2012-0495",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0495"
},
{
"name": "CVE-2012-0490",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0490"
},
{
"name": "CVE-2012-0496",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0496"
},
{
"name": "CVE-2012-0112",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0112"
},
{
"name": "CVE-2011-5035",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-5035"
},
{
"name": "CVE-2012-0111",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0111"
},
{
"name": "CVE-2012-0083",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0083"
},
{
"name": "CVE-2011-2262",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2262"
}
],
"initial_release_date": "2012-01-18T00:00:00",
"last_revision_date": "2012-01-18T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Oracle Critical Patch Update du 17 janvier 2012 :",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html"
}
],
"reference": "CERTA-2012-AVI-024",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2012-01-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans de nombreux produits Oracle ont\n\u00e9t\u00e9 corrig\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Oracle",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle Critical Patch Update du 17 janvier 2012",
"url": null
}
]
}
CERTA-2011-AVI-560
Vulnerability from certfr_avis - Published: 2011-10-12 - Updated: 2011-10-12
Trois vulnérabilités dans Cadic Intégrale permettent d'exécuter du code arbitraire à distance, de réaliser un déni de service ou de contourner le mécanisme d'authentification.
Description
Trois vulnérabilités ont été découvertes dans Cadic Intégrale :
- le serveur Apache installé est sensible au problème du traitement du paramètre range (CVE-2011-3192), ce qui permet de réaliser un déni de service à distance ;
- un composant fourni avec Cadic Intégrale permet le dépôt de fichiers. Il est ainsi possible de prendre le contrôle à distance du serveur ou d'exécuter du code arbitraire ;
- il est possible, dans une configuration très particulière, de contourner le mécanisme d'authentification.
Solution
Des correctifs sont disponibles auprès de l'éditeur ou via le site du club.
Cadic Intégrale versions 2007 (5.4.x), 2009 (5.5.x) et 2011.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003e\u003cSPAN class=\"textit\"\u003eCadic Int\u00e9grale\u003c/SPAN\u003e versions 2007 (5.4.x), 2009 (5.5.x) et 2011.\u003c/P\u003e",
"content": "## Description\n\nTrois vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Cadic Int\u00e9grale :\n\n- le serveur Apache install\u00e9 est sensible au probl\u00e8me du traitement du\n param\u00e8tre range (CVE-2011-3192), ce qui permet de r\u00e9aliser un d\u00e9ni\n de service \u00e0 distance ;\n- un composant fourni avec Cadic Int\u00e9grale permet le d\u00e9p\u00f4t de\n fichiers. Il est ainsi possible de prendre le contr\u00f4le \u00e0 distance du\n serveur ou d\u0027ex\u00e9cuter du code arbitraire ;\n- il est possible, dans une configuration tr\u00e8s particuli\u00e8re, de\n contourner le m\u00e9canisme d\u0027authentification.\n\n## Solution\n\nDes correctifs sont disponibles aupr\u00e8s de l\u0027\u00e9diteur ou via le site du\nclub.\n",
"cves": [
{
"name": "CVE-2011-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
}
],
"initial_release_date": "2011-10-12T00:00:00",
"last_revision_date": "2011-10-12T00:00:00",
"links": [
{
"title": "Site du Club Cadic :",
"url": "http://club.cadic.fr/"
}
],
"reference": "CERTA-2011-AVI-560",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-10-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Trois vuln\u00e9rabilit\u00e9s dans \u003cspan class=\"textit\"\u003eCadic Int\u00e9grale\u003c/span\u003e\npermettent d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance, de r\u00e9aliser un d\u00e9ni\nde service ou de contourner le m\u00e9canisme d\u0027authentification.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans Cadic Int\u00e9grale",
"vendor_advisories": [
{
"published_at": null,
"title": "Soci\u00e9t\u00e9 Cadic",
"url": null
}
]
}
CERTA-2012-AVI-566
Vulnerability from certfr_avis - Published: 2012-10-11 - Updated: 2012-10-11
Des vulnérabilités ont été corrigées dans HP Secure Web Server. La plus critique d'entre elles permet à un attaquant d'accéder à du contenu non autorisé.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
HP Secure Web Server (SWS) pour OpenVMS version 2.2 et versions antérieures.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eHP Secure Web Server (SWS) pour OpenVMS version 2.2 et versions ant\u00e9rieures.\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
},
{
"name": "CVE-2012-0031",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0031"
},
{
"name": "CVE-2011-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3607"
},
{
"name": "CVE-2011-3368",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3368"
},
{
"name": "CVE-2011-4317",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4317"
},
{
"name": "CVE-2011-1928",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1928"
},
{
"name": "CVE-2011-0419",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0419"
}
],
"initial_release_date": "2012-10-11T00:00:00",
"last_revision_date": "2012-10-11T00:00:00",
"links": [],
"reference": "CERTA-2012-AVI-566",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2012-10-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Des vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan class=\"textit\"\u003eHP Secure\nWeb Server\u003c/span\u003e. La plus critique d\u0027entre elles permet \u00e0 un attaquant\nd\u0027acc\u00e9der \u00e0 du contenu non autoris\u00e9.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans HP Secure Web Server",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 HP c03517954 du 10 octobre 2012",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03517954"
}
]
}
CERTA-2012-AVI-023
Vulnerability from certfr_avis - Published: 2012-01-18 - Updated: 2012-01-18
Plusieurs vulnérabilités découvertes dans les produits IBM ont été corrigées par l'éditeur.
Description
Plusieurs vulnérabilités dans les produits IBM peuvent être exploitées par une personne malintentionnée afin de contourner la politique de sécurité, d'injecter du code indirect à distance, de réaliser un déni de service distant, d'élever ses privilèges ou encore d'exécuter du code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Rational License Key Server 8.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Application Server 6.1.x ;",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Application Server 7.0.x ;",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM HTTP Server 7.0.x.",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Application Server 8.0.x ;",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s dans les produits IBM peuvent \u00eatre exploit\u00e9es\npar une personne malintentionn\u00e9e afin de contourner la politique de\ns\u00e9curit\u00e9, d\u0027injecter du code indirect \u00e0 distance, de r\u00e9aliser un d\u00e9ni de\nservice distant, d\u0027\u00e9lever ses privil\u00e8ges ou encore d\u0027ex\u00e9cuter du code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
},
{
"name": "CVE-2009-1890",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1890"
},
{
"name": "CVE-2011-3348",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3348"
},
{
"name": "CVE-2009-3560",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3560"
},
{
"name": "CVE-2011-1389",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1389"
},
{
"name": "CVE-2010-0434",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0434"
},
{
"name": "CVE-2010-1623",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1623"
},
{
"name": "CVE-2009-3094",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3094"
},
{
"name": "CVE-2009-3095",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3095"
},
{
"name": "CVE-2010-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2068"
},
{
"name": "CVE-2010-1452",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1452"
},
{
"name": "CVE-2009-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
},
{
"name": "CVE-2009-1891",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1891"
},
{
"name": "CVE-2009-0023",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0023"
},
{
"name": "CVE-2009-1956",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1956"
},
{
"name": "CVE-2009-2412",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2412"
},
{
"name": "CVE-2011-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3607"
},
{
"name": "CVE-2009-1195",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1195"
},
{
"name": "CVE-2010-0408",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0408"
},
{
"name": "CVE-2011-3368",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3368"
},
{
"name": "CVE-2011-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3639"
},
{
"name": "CVE-2011-4317",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4317"
},
{
"name": "CVE-2009-3720",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3720"
},
{
"name": "CVE-2011-0419",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0419"
},
{
"name": "CVE-2009-1955",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1955"
}
],
"initial_release_date": "2012-01-18T00:00:00",
"last_revision_date": "2012-01-18T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM swg21577760 du 10 janvier 2012 :",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21577760"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM swg27014506 du 16 janvier 2012 :",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27014506"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM swg1PM54061 du 12 janvier 2012 :",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM54061"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM swg1PM48384 du 21 septembre 2011 :",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM48384"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM swg24031821 du 17 janvier 2012 :",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24031821"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM swg1PM50426 du 19 octobre 2011 :",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM50426"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM swg1PM45731 du 12 janvier 2012 :",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM45731"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM swg227022958 du 16 janvier 2012 :",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg227022958"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM swg1PM47852 du 14 septembre 2011 :",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM47852"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM swg227014463 du 16 janvier 2012 :",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg227014463"
}
],
"reference": "CERTA-2012-AVI-023",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2012-01-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s d\u00e9couvertes dans les produits IBM ont \u00e9t\u00e9\ncorrig\u00e9es par l\u0027\u00e9diteur.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": []
}
CERTA-2012-AVI-221
Vulnerability from certfr_avis - Published: 2012-04-18 - Updated: 2012-04-18
Une vulnérabilité a été corrigée dans HP Onboard Administrator. Son exploitation permet la réalisation d'un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
HP Onboard Administrator versions 3.50 et antérieures.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003e\u003cSPAN class=\"textit\"\u003eHP Onboard Administrator\u003c/SPAN\u003e versions 3.50 et ant\u00e9rieures.\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
}
],
"initial_release_date": "2012-04-18T00:00:00",
"last_revision_date": "2012-04-18T00:00:00",
"links": [],
"reference": "CERTA-2012-AVI-221",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2012-04-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eHP Onboard\nAdministrator\u003c/span\u003e. Son exploitation permet la r\u00e9alisation d\u0027un d\u00e9ni\nde service \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans HP Onboard Administrator",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 HP c03285138 du 17 avril 2012",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03285138"
}
]
}
CERTA-2012-AVI-713
Vulnerability from certfr_avis - Published: 2012-12-10 - Updated: 2012-12-10
Une vulnérabilité a été corrigée dans Avaya Experience Portal. Elle permet à un attaquant de provoquer un déni de service au moyen de requêtes HTTP spécialement conçues. La vulnérabilité concerne le composant Apache HTTP Server.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Avaya Experience Portal versions antérieures à 6.0 SP1
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eAvaya Experience Portal versions ant\u00e9rieures \u00e0 6.0 SP1\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
}
],
"initial_release_date": "2012-12-10T00:00:00",
"last_revision_date": "2012-12-10T00:00:00",
"links": [],
"reference": "CERTA-2012-AVI-713",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2012-12-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eAvaya\nExperience Portal\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer un\nd\u00e9ni de service au moyen de requ\u00eates HTTP sp\u00e9cialement con\u00e7ues. La\nvuln\u00e9rabilit\u00e9 concerne le composant \u003cspan class=\"textit\"\u003eApache HTTP\nServer\u003c/span\u003e.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans Avaya Experience Portal",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ASA-2011-281 du 21 septembre 2011",
"url": "https://downloads.avaya.com/css/P8/documents/100148618"
}
]
}
CERTA-2012-AVI-218
Vulnerability from certfr_avis - Published: 2012-04-18 - Updated: 2012-04-18
De multiples vulnérabilités ont été corrigées dans HP System Management Homepage. Leur exploitation permet, entre autres, d'exécuter du code arbitraire à distance et de réaliser des dénis de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
HP System Management Homepage versions antérieures à 7.0.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003e\u003cSPAN class=\"textit\"\u003eHP System Management Homepage\u003c/SPAN\u003e versions ant\u00e9rieures \u00e0 7.0.\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-2202",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2202"
},
{
"name": "CVE-2011-0195",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0195"
},
{
"name": "CVE-2011-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
},
{
"name": "CVE-2011-2483",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2483"
},
{
"name": "CVE-2011-3348",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3348"
},
{
"name": "CVE-2011-3210",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3210"
},
{
"name": "CVE-2011-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1471"
},
{
"name": "CVE-2010-1623",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1623"
},
{
"name": "CVE-2011-3182",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3182"
},
{
"name": "CVE-2010-0734",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0734"
},
{
"name": "CVE-2010-2791",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2791"
},
{
"name": "CVE-2011-3268",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3268"
},
{
"name": "CVE-2012-0135",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0135"
},
{
"name": "CVE-2011-1153",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1153"
},
{
"name": "CVE-2010-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4645"
},
{
"name": "CVE-2010-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2068"
},
{
"name": "CVE-2010-1452",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1452"
},
{
"name": "CVE-2011-3267",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3267"
},
{
"name": "CVE-2010-4409",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4409"
},
{
"name": "CVE-2011-1148",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1148"
},
{
"name": "CVE-2011-1467",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1467"
},
{
"name": "CVE-2011-3368",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3368"
},
{
"name": "CVE-2012-1993",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1993"
},
{
"name": "CVE-2011-2192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2192"
},
{
"name": "CVE-2011-3207",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3207"
},
{
"name": "CVE-2011-1470",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1470"
},
{
"name": "CVE-2011-1464",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1464"
},
{
"name": "CVE-2011-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3639"
},
{
"name": "CVE-2009-0037",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0037"
},
{
"name": "CVE-2010-3436",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3436"
},
{
"name": "CVE-2011-4317",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4317"
},
{
"name": "CVE-2011-1945",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1945"
},
{
"name": "CVE-2011-1928",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1928"
},
{
"name": "CVE-2011-3846",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3846"
},
{
"name": "CVE-2011-0014",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0014"
},
{
"name": "CVE-2011-0419",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0419"
},
{
"name": "CVE-2011-1468",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1468"
},
{
"name": "CVE-2011-1938",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1938"
},
{
"name": "CVE-2011-3189",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3189"
}
],
"initial_release_date": "2012-04-18T00:00:00",
"last_revision_date": "2012-04-18T00:00:00",
"links": [],
"reference": "CERTA-2012-AVI-218",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2012-04-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eHP System Management Homepage\u003c/span\u003e. Leur exploitation\npermet, entre autres, d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance et de\nr\u00e9aliser des d\u00e9nis de service.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans HP System Management Homepage",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 HP c03280632 du 16 avril 2012",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03280632"
}
]
}
CERTA-2011-AVI-494
Vulnerability from certfr_avis - Published: 2011-09-06 - Updated: 2011-09-06
Une vulnérabilité a été corrigée dans Hitachi Web Server, qui peut être exploitée pour provoquer un déni de service à distance.
Description
Une vulnérabilité a été corrigée dans Hitachi Web Server. L'envoi par un attaquant distant de requêtes http avec un en-tête spécialement conçu pourrait provoquer une saturation de la mémoire du serveur, et donc un déni de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Hitachi Web server pour Windows, HP-UX, AIX, Solaris et Linux versions 3.x et 4.x.",
"product": {
"name": "Web",
"vendor": {
"name": "Centreon",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans Hitachi Web Server. L\u0027envoi par un\nattaquant distant de requ\u00eates http avec un en-t\u00eate sp\u00e9cialement con\u00e7u\npourrait provoquer une saturation de la m\u00e9moire du serveur, et donc un\nd\u00e9ni de service.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
}
],
"initial_release_date": "2011-09-06T00:00:00",
"last_revision_date": "2011-09-06T00:00:00",
"links": [],
"reference": "CERTA-2011-AVI-494",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-09-06T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans Hitachi Web Server, qui peut \u00eatre\nexploit\u00e9e pour provoquer un d\u00e9ni de service \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans Hitachi Web Serveur",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Hitachi HS11-019 du 05 septembre 2011",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS11-019/index.html"
}
]
}
CERTA-2012-AVI-393
Vulnerability from certfr_avis - Published: 2012-07-18 - Updated: 2012-07-18
Soixante-dix sept vulnérabilités ont été corrigées dans les produits Oracle. Elles concernent de nombreux composants et peuvent pour certaines être exploitées à distance. Le CERTA recommande de mettre à jour vos produits Oracle dès que possible.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | N/A | Oracle E-Business Suite Release 12 versions 12.0.4, 12.0.6, 12.1.1, 12.1.2 et 12.1.3 ; | ||
| Oracle | N/A | Oracle Identity Management 10g version 10.1.4.3 ; | ||
| Oracle | N/A | Oracle Sun Product Suite ; | ||
| Oracle | N/A | Oracle Application Server 10g Release 3 version 10.1.3.5 ; | ||
| Oracle | N/A | Oracle Database 10g Release 2 versions 10.2.0.3, 10.2.0.4 et 10.2.0.5 ; | ||
| Oracle | N/A | Oracle Siebel CRM versions 8.1.1 et 8.2.2 ; | ||
| Oracle | PeopleSoft | Oracle PeopleSoft Enterprise HRMS versions 9.0 et 9.1 ; | ||
| Oracle | N/A | Oracle Transportation Management versions 5.5.06, 6.0, 6.1 et 6.2 ; | ||
| Oracle | N/A | Oracle JRockit versions R28.2.3 et antérieures, R27.7.2 et antérieures ; | ||
| Oracle | N/A | Enterprise Manager Grid Control 11g Release 1 version 11.1.0.1 ; | ||
| Oracle | N/A | Oracle Secure Backup versions 10.3.0.3 et 10.4.0.1 ; | ||
| Oracle | N/A | Oracle AutoVue versions 20.0.2 et 20.1 ; | ||
| Oracle | N/A | Oracle Outside In Technology versions 8.3.5 et 8.3.7; | ||
| Oracle | N/A | Enterprise Manager Plugin pour Database 12c Release 1 versions 12.1.0.1 et 12.1.0.2 ; | ||
| Oracle | N/A | Oracle Fusion Middleware 11g Release 2 version 11.1.2.0 ; | ||
| Oracle | N/A | Oracle Map Viewer versions 10.1.3.1, 11.1.1.5 et 11.1.1.6 ; | ||
| Oracle | N/A | Oracle Clinical Remote Data Capture Option versions 4.6, 4.6.2 et 4.6.3 ; | ||
| Oracle | N/A | Oracle Database 11g Release 2 versions 11.2.0.2 et 11.2.0.3 ; | ||
| Oracle | N/A | Enterprise Manager Grid Control 10g Release 1 version 10.2.0.5 ; | ||
| Oracle | PeopleSoft | Oracle PeopleSoft Enterprise PeopleTools versions 8.50, 8.51 et 8.52 ; | ||
| Oracle | N/A | Oracle E-Business Suite Release 11i version 11.5.10.2 ; | ||
| Oracle | N/A | Hyperion BI+ version 11.1.1.x ; | ||
| Oracle | N/A | Oracle Fusion Middleware 11g Release 1 versions 11.1.1.5 et 11.1.1.6 ; | ||
| Oracle | N/A | Oracle Database 11g Release 1 version 11.1.0.7 ; | ||
| Oracle | MySQL | Oracle MySQL Server versions 5.1 et 5.5. |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle E-Business Suite Release 12 versions 12.0.4, 12.0.6, 12.1.1, 12.1.2 et 12.1.3 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Identity Management 10g version 10.1.4.3 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Sun Product Suite ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Application Server 10g Release 3 version 10.1.3.5 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database 10g Release 2 versions 10.2.0.3, 10.2.0.4 et 10.2.0.5 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Siebel CRM versions 8.1.1 et 8.2.2 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle PeopleSoft Enterprise HRMS versions 9.0 et 9.1 ;",
"product": {
"name": "PeopleSoft",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Transportation Management versions 5.5.06, 6.0, 6.1 et 6.2 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle JRockit versions R28.2.3 et ant\u00e9rieures, R27.7.2 et ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Enterprise Manager Grid Control 11g Release 1 version 11.1.0.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Secure Backup versions 10.3.0.3 et 10.4.0.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle AutoVue versions 20.0.2 et 20.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Outside In Technology versions 8.3.5 et 8.3.7;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Enterprise Manager Plugin pour Database 12c Release 1 versions 12.1.0.1 et 12.1.0.2 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Fusion Middleware 11g Release 2 version 11.1.2.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Map Viewer versions 10.1.3.1, 11.1.1.5 et 11.1.1.6 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Clinical Remote Data Capture Option versions 4.6, 4.6.2 et 4.6.3 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database 11g Release 2 versions 11.2.0.2 et 11.2.0.3 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Enterprise Manager Grid Control 10g Release 1 version 10.2.0.5 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle PeopleSoft Enterprise PeopleTools versions 8.50, 8.51 et 8.52 ;",
"product": {
"name": "PeopleSoft",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle E-Business Suite Release 11i version 11.5.10.2 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Hyperion BI+ version 11.1.1.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Fusion Middleware 11g Release 1 versions 11.1.1.5 et 11.1.1.6 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database 11g Release 1 version 11.1.0.7 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle MySQL Server versions 5.1 et 5.5.",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2012-3118",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3118"
},
{
"name": "CVE-2012-1770",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1770"
},
{
"name": "CVE-2011-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
},
{
"name": "CVE-2012-1773",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1773"
},
{
"name": "CVE-2012-3124",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3124"
},
{
"name": "CVE-2012-1735",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1735"
},
{
"name": "CVE-2012-3110",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3110"
},
{
"name": "CVE-2012-1736",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1736"
},
{
"name": "CVE-2012-1759",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1759"
},
{
"name": "CVE-2012-1767",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1767"
},
{
"name": "CVE-2012-1766",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1766"
},
{
"name": "CVE-2012-1754",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1754"
},
{
"name": "CVE-2012-3114",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3114"
},
{
"name": "CVE-2012-1730",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1730"
},
{
"name": "CVE-2012-1739",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1739"
},
{
"name": "CVE-2012-1765",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1765"
},
{
"name": "CVE-2012-1727",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1727"
},
{
"name": "CVE-2012-3115",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3115"
},
{
"name": "CVE-2012-3113",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3113"
},
{
"name": "CVE-2012-1740",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1740"
},
{
"name": "CVE-2012-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3121"
},
{
"name": "CVE-2012-1689",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1689"
},
{
"name": "CVE-2012-1769",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1769"
},
{
"name": "CVE-2012-1768",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1768"
},
{
"name": "CVE-2012-1742",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1742"
},
{
"name": "CVE-2012-1762",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1762"
},
{
"name": "CVE-2012-3130",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3130"
},
{
"name": "CVE-2012-1732",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1732"
},
{
"name": "CVE-2012-3134",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3134"
},
{
"name": "CVE-2012-3126",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3126"
},
{
"name": "CVE-2012-1747",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1747"
},
{
"name": "CVE-2012-1733",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1733"
},
{
"name": "CVE-2012-3117",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3117"
},
{
"name": "CVE-2012-1744",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1744"
},
{
"name": "CVE-2012-1760",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1760"
},
{
"name": "CVE-2012-1772",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1772"
},
{
"name": "CVE-2012-3106",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3106"
},
{
"name": "CVE-2011-3562",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3562"
},
{
"name": "CVE-2012-3128",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3128"
},
{
"name": "CVE-2012-1715",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1715"
},
{
"name": "CVE-2012-3135",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3135"
},
{
"name": "CVE-2012-1728",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1728"
},
{
"name": "CVE-2012-1757",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1757"
},
{
"name": "CVE-2012-1749",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1749"
},
{
"name": "CVE-2012-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0563"
},
{
"name": "CVE-2012-1748",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1748"
},
{
"name": "CVE-2012-1687",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1687"
},
{
"name": "CVE-2012-1758",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1758"
},
{
"name": "CVE-2012-3112",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3112"
},
{
"name": "CVE-2012-1741",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1741"
},
{
"name": "CVE-2012-3109",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3109"
},
{
"name": "CVE-2012-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1752"
},
{
"name": "CVE-2012-1729",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1729"
},
{
"name": "CVE-2012-1771",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1771"
},
{
"name": "CVE-2012-3131",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3131"
},
{
"name": "CVE-2012-0540",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0540"
},
{
"name": "CVE-2012-1761",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1761"
},
{
"name": "CVE-2011-3368",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3368"
},
{
"name": "CVE-2012-1738",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1738"
},
{
"name": "CVE-2012-3125",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3125"
},
{
"name": "CVE-2008-4609",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4609"
},
{
"name": "CVE-2012-1756",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1756"
},
{
"name": "CVE-2012-1737",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1737"
},
{
"name": "CVE-2012-1764",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1764"
},
{
"name": "CVE-2012-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3111"
},
{
"name": "CVE-2012-3107",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3107"
},
{
"name": "CVE-2012-1753",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1753"
},
{
"name": "CVE-2012-3116",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3116"
},
{
"name": "CVE-2011-4358",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4358"
},
{
"name": "CVE-2011-4317",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4317"
},
{
"name": "CVE-2012-1734",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1734"
},
{
"name": "CVE-2012-1745",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1745"
},
{
"name": "CVE-2001-0323",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-0323"
},
{
"name": "CVE-2011-4885",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4885"
},
{
"name": "CVE-2011-2699",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2699"
},
{
"name": "CVE-2012-3120",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3120"
},
{
"name": "CVE-2012-3108",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3108"
},
{
"name": "CVE-2012-1750",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1750"
},
{
"name": "CVE-2012-3127",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3127"
},
{
"name": "CVE-2012-1746",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1746"
},
{
"name": "CVE-2012-3122",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3122"
},
{
"name": "CVE-2012-3119",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3119"
},
{
"name": "CVE-2012-3129",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3129"
},
{
"name": "CVE-2012-3123",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3123"
},
{
"name": "CVE-2011-0419",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0419"
},
{
"name": "CVE-2012-1743",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1743"
},
{
"name": "CVE-2012-1731",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1731"
}
],
"initial_release_date": "2012-07-18T00:00:00",
"last_revision_date": "2012-07-18T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujul2012-392727 du 17 juillet 2012 :",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
}
],
"reference": "CERTA-2012-AVI-393",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2012-07-18T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Soixante-dix sept vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits\n\u003cspan class=\"textit\"\u003eOracle\u003c/span\u003e. Elles concernent de nombreux\ncomposants et peuvent pour certaines \u00eatre exploit\u00e9es \u00e0 distance. Le\nCERTA recommande de mettre \u00e0 jour vos produits \u003cspan\nclass=\"textit\"\u003eOracle\u003c/span\u003e d\u00e8s que possible.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Oracle",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujul2012-392727 du 17 juillet 2012",
"url": null
}
]
}
CERTA-2011-AVI-618
Vulnerability from certfr_avis - Published: 2011-11-08 - Updated: 2011-11-08
Plusieurs vulnérabilités permettant à un utilisateur malintentionné de provoquer un déni de service à distance ont été découvertes dans HP OpenView Network Node Manager.
Description
Plusieurs vulnérabilités ont été découvertes dans HP OpenView Network Node Manager. Elles permettent à une personne malintentionnée de causer un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
HP OpenView Network Node Manager en version 7.53 pour système HP-UX, Linux et Solaris.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cp\u003eHP OpenView Network Node Manager en version 7.53 pour syst\u00e8me HP-UX, Linux et Solaris.\u003c/p\u003e",
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans HP OpenView Network\nNode Manager. Elles permettent \u00e0 une personne malintentionn\u00e9e de causer\nun d\u00e9ni de service \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
},
{
"name": "CVE-2011-3348",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3348"
},
{
"name": "CVE-2011-0419",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0419"
}
],
"initial_release_date": "2011-11-08T00:00:00",
"last_revision_date": "2011-11-08T00:00:00",
"links": [],
"reference": "CERTA-2011-AVI-618",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-11-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s permettant \u00e0 un utilisateur malintentionn\u00e9 de\nprovoquer un d\u00e9ni de service \u00e0 distance ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eHP OpenView Network Node Manager\u003c/span\u003e.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans HP OpenView Network Node Manager",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 HP c03011498 du 03 novembre 2011",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03011498"
}
]
}
CERTA-2011-AVI-488
Vulnerability from certfr_avis - Published: 2011-09-01 - Updated: 2011-09-21
Une vulnérabilité dans Cisco NX-OS peut être utilisée pour réaliser un déni de service à distance.
Description
Une vulnérabilitié a été corrigée dans Cisco NX-OS. Cette vulnérabilité affecte le serveur httpd Apache. Elle peut être utilisée à l'aide de requêtes HTTP spécialement conçues (utilisation de l'entête range avec des intervalles se chevauchant) pour provoquer un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Cisco | TelePresence VCS | Cisco TelePresence Video Communication Server (Cisco TelePresence VCS) ; | ||
| Cisco | N/A | Cisco Quad ; | ||
| Cisco | N/A | CiscoWorks LAN Management Solution. | ||
| Cisco | N/A | Cisco Mobility Services Engine ; | ||
| Cisco | N/A | Cisco Wireless Control System (WCS) ; | ||
| Cisco | N/A | Cisco Wild Area Application Services (WAAS) Software ; | ||
| Cisco | NX-OS | Cisco MDS 9000 NX-OS versions antérieures à la 4.2 ; | ||
| Cisco | N/A | Cisco Video Surveillance Manager (VSM) ; | ||
| Cisco | N/A | Cisco Network Collector ; | ||
| Cisco | N/A | CiscoWorks Common Services ; | ||
| Cisco | N/A | Cisco SAN-OS 3.x ; | ||
| Cisco | NX-OS | Cisco NX-OS Software pour Cisco Nexus 7000 Series Switches versions antérieures à la 5.1 ; | ||
| Cisco | N/A | Cisco Video Surveillance Operations Manager (VSOM) ; | ||
| Cisco | N/A | Tous les systèmes Cisco CTS TelePresence ; | ||
| Cisco | N/A | Management Center for Cisco Security Agent ; |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cisco TelePresence Video Communication Server (Cisco TelePresence VCS) ;",
"product": {
"name": "TelePresence VCS",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Quad ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "CiscoWorks LAN Management Solution.",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Mobility Services Engine ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Wireless Control System (WCS) ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Wild Area Application Services (WAAS) Software ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco MDS 9000 NX-OS versions ant\u00e9rieures \u00e0 la 4.2 ;",
"product": {
"name": "NX-OS",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Video Surveillance Manager (VSM) ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Network Collector ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "CiscoWorks Common Services ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco SAN-OS 3.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco NX-OS Software pour Cisco Nexus 7000 Series Switches versions ant\u00e9rieures \u00e0 la 5.1 ;",
"product": {
"name": "NX-OS",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Video Surveillance Operations Manager (VSOM) ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Tous les syst\u00e8mes Cisco CTS TelePresence ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Management Center for Cisco Security Agent ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne vuln\u00e9rabiliti\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans Cisco NX-OS. Cette vuln\u00e9rabilit\u00e9\naffecte le serveur httpd Apache. Elle peut \u00eatre utilis\u00e9e \u00e0 l\u0027aide de\nrequ\u00eates HTTP sp\u00e9cialement con\u00e7ues (utilisation de l\u0027ent\u00eate range avec\ndes intervalles se chevauchant) pour provoquer un d\u00e9ni de service \u00e0\ndistance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
}
],
"initial_release_date": "2011-09-01T00:00:00",
"last_revision_date": "2011-09-21T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco 20110830-apache du 30 ao\u00fbt 2011 :",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20110830-apache.shtml"
}
],
"reference": "CERTA-2011-AVI-488",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-09-01T00:00:00.000000"
},
{
"description": "modification du titre et ajout de syst\u00e8mes vuln\u00e9rables.",
"revision_date": "2011-09-21T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 dans Cisco NX-OS peut \u00eatre utilis\u00e9e pour r\u00e9aliser un\nd\u00e9ni de service \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits Cisco",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20110830-apache",
"url": null
}
]
}
CERTA-2012-AVI-316
Vulnerability from certfr_avis - Published: 2012-06-12 - Updated: 2012-06-12
Onze vulnérabilités ont été corrigées dans HP Onboard Administrator. L'exploitation de ces vulnérabilités peut mener à divers accès non autorisés à des données distantes et à des dénis de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Versions antérieures à HP Onboard Adminitrator v3.56.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eVersions ant\u00e9rieures \u00e0 HP Onboard Adminitrator v3.56.\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2012-0050",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0050"
},
{
"name": "CVE-2012-0053",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0053"
},
{
"name": "CVE-2011-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
},
{
"name": "CVE-2011-4619",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4619"
},
{
"name": "CVE-2012-2110",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2110"
},
{
"name": "CVE-2011-4576",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4576"
},
{
"name": "CVE-2012-0884",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0884"
},
{
"name": "CVE-2011-4108",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4108"
},
{
"name": "CVE-2012-1583",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1583"
},
{
"name": "CVE-2011-2691",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2691"
},
{
"name": "CVE-2011-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1473"
}
],
"initial_release_date": "2012-06-12T00:00:00",
"last_revision_date": "2012-06-12T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 HP c03315912 du 07 juin 2012 :",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03315912"
}
],
"reference": "CERTA-2012-AVI-316",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2012-06-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Onze vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan class=\"textit\"\u003eHP\nOnboard Administrator\u003c/span\u003e. L\u0027exploitation de ces vuln\u00e9rabilit\u00e9s peut\nmener \u00e0 divers acc\u00e8s non autoris\u00e9s \u00e0 des donn\u00e9es distantes et \u00e0 des\nd\u00e9nis de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans HP Onboard Administrator",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 HP du 07 juin 2012",
"url": null
}
]
}
GHSA-R3PV-69HM-FCJW
Vulnerability from github – Published: 2022-05-13 01:09 – Updated: 2025-04-11 03:50
VLAI?
Details
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
{
"affected": [],
"aliases": [
"CVE-2011-3192"
],
"database_specific": {
"cwe_ids": [
"CWE-400"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2011-08-29T15:55:00Z",
"severity": "HIGH"
},
"details": "The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.",
"id": "GHSA-r3pv-69hm-fcjw",
"modified": "2025-04-11T03:50:08Z",
"published": "2022-05-13T01:09:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3192"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14762"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14824"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18827"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69396"
},
{
"type": "WEB",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"type": "WEB",
"url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=51714"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0285.html"
},
{
"type": "WEB",
"url": "http://blogs.oracle.com/security/entry/security_alert_for_cve_2011"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00006.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00010.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00011.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html"
},
{
"type": "WEB",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122D387DD%40minotaur.apache.org%3e"
},
{
"type": "WEB",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122D387DD@minotaur.apache.org%3e"
},
{
"type": "WEB",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3cCAAPSnn2PO-d-C4nQt_TES2RRWiZr7urefhTKPWBC1b+K1Dqc7g%40mail.gmail.com%3e"
},
{
"type": "WEB",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3cCAAPSnn2PO-d-C4nQt_TES2RRWiZr7urefhTKPWBC1b+K1Dqc7g@mail.gmail.com%3e"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=133477473521382\u0026w=2"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"type": "WEB",
"url": "http://osvdb.org/74721"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2011/Aug/175"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/45606"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/45937"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/46000"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/46125"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/46126"
},
{
"type": "WEB",
"url": "http://securitytracker.com/id?1025960"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT5002"
},
{
"type": "WEB",
"url": "http://www.apache.org/dist/httpd/Announcement2.2.html"
},
{
"type": "WEB",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b90d73.shtml"
},
{
"type": "WEB",
"url": "http://www.exploit-db.com/exploits/17696"
},
{
"type": "WEB",
"url": "http://www.gossamer-threads.com/lists/apache/dev/401638"
},
{
"type": "WEB",
"url": "http://www.kb.cert.org/vuls/id/405811"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:130"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1245.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1294.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1300.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1329.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1330.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1369.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/49303"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-1199-1"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2011-3192
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2011-3192",
"description": "The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.",
"id": "GSD-2011-3192",
"references": [
"https://www.suse.com/security/cve/CVE-2011-3192.html",
"https://www.debian.org/security/2011/dsa-2298",
"https://access.redhat.com/errata/RHSA-2011:1369",
"https://access.redhat.com/errata/RHSA-2011:1330",
"https://access.redhat.com/errata/RHSA-2011:1329",
"https://access.redhat.com/errata/RHSA-2011:1300",
"https://access.redhat.com/errata/RHSA-2011:1294",
"https://access.redhat.com/errata/RHSA-2011:1245",
"https://alas.aws.amazon.com/cve/html/CVE-2011-3192.html",
"https://linux.oracle.com/cve/CVE-2011-3192.html",
"https://packetstormsecurity.com/files/cve/CVE-2011-3192"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2011-3192"
],
"details": "The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.",
"id": "GSD-2011-3192",
"modified": "2023-12-13T01:19:10.094148Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3192",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45606",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45606"
},
{
"name": "RHSA-2011:1369",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1369.html"
},
{
"name": "RHSA-2011:1329",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1329.html"
},
{
"name": "HPSBUX02707",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"name": "SUSE-SU-2011:1010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00011.html"
},
{
"name": "SSRT100966",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"name": "openSUSE-SU-2011:0993",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00006.html"
},
{
"name": "http://www.gossamer-threads.com/lists/apache/dev/401638",
"refsource": "CONFIRM",
"url": "http://www.gossamer-threads.com/lists/apache/dev/401638"
},
{
"name": "1025960",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025960"
},
{
"name": "[dev] 20110823 Re: DoS with mod_deflate \u0026 range requests",
"refsource": "MLIST",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3cCAAPSnn2PO-d-C4nQt_TES2RRWiZr7urefhTKPWBC1b+K1Dqc7g@mail.gmail.com%3e"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=732928",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html"
},
{
"name": "SSRT100624",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=133477473521382\u0026w=2"
},
{
"name": "17696",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/17696"
},
{
"name": "https://issues.apache.org/bugzilla/show_bug.cgi?id=51714",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=51714"
},
{
"name": "HPSBUX02702",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"name": "46000",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46000"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html"
},
{
"name": "http://blogs.oracle.com/security/entry/security_alert_for_cve_2011",
"refsource": "CONFIRM",
"url": "http://blogs.oracle.com/security/entry/security_alert_for_cve_2011"
},
{
"name": "HPSBOV02822",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"name": "SSRT100619",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"name": "20110830 Apache HTTPd Range Header Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b90d73.shtml"
},
{
"name": "USN-1199-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1199-1"
},
{
"name": "MDVSA-2011:130",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:130"
},
{
"name": "49303",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/49303"
},
{
"name": "74721",
"refsource": "OSVDB",
"url": "http://osvdb.org/74721"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "20110824 Re: Apache Killer",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0285.html"
},
{
"name": "APPLE-SA-2011-10-12-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"name": "oval:org.mitre.oval:def:14824",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14824"
},
{
"name": "[announce] 20110824 Advisory: Range header DoS vulnerability Apache HTTPD 1.3/2.x \\(CVE-2011-3192\\)",
"refsource": "MLIST",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122D387DD@minotaur.apache.org%3e"
},
{
"name": "RHSA-2011:1330",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1330.html"
},
{
"name": "apache-http-byterange-dos(69396)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69396"
},
{
"name": "46126",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46126"
},
{
"name": "RHSA-2011:1245",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1245.html"
},
{
"name": "oval:org.mitre.oval:def:18827",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18827"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html"
},
{
"name": "http://www.apache.org/dist/httpd/Announcement2.2.html",
"refsource": "CONFIRM",
"url": "http://www.apache.org/dist/httpd/Announcement2.2.html"
},
{
"name": "SSRT100626",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"name": "46125",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46125"
},
{
"name": "HPSBMU02766",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=133477473521382\u0026w=2"
},
{
"name": "VU#405811",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/405811"
},
{
"name": "20110820 Apache Killer",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2011/Aug/175"
},
{
"name": "SSRT100852",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
},
{
"name": "http://support.apple.com/kb/HT5002",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5002"
},
{
"name": "SUSE-SU-2011:1216",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html"
},
{
"name": "oval:org.mitre.oval:def:14762",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14762"
},
{
"name": "SUSE-SU-2011:1007",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00010.html"
},
{
"name": "HPSBMU02776",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
},
{
"name": "SUSE-SU-2011:1000",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html"
},
{
"name": "RHSA-2011:1294",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1294.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "SUSE-SU-2011:1229",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html"
},
{
"name": "HPSBMU02704",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"name": "RHSA-2011:1300",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1300.html"
},
{
"name": "SSRT100606",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"name": "45937",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45937"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [7/13] - /httpd/site/trunk/content/security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.20",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0.65",
"versionStartIncluding": "2.0.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:vmware:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:-:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3192"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[announce] 20110824 Advisory: Range header DoS vulnerability Apache HTTPD 1.3/2.x \\(CVE-2011-3192\\)",
"refsource": "MLIST",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122D387DD@minotaur.apache.org%3e"
},
{
"name": "17696",
"refsource": "EXPLOIT-DB",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/17696"
},
{
"name": "45606",
"refsource": "SECUNIA",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45606"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=732928",
"refsource": "CONFIRM",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928"
},
{
"name": "20110824 Re: Apache Killer",
"refsource": "FULLDISC",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0285.html"
},
{
"name": "https://issues.apache.org/bugzilla/show_bug.cgi?id=51714",
"refsource": "CONFIRM",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=51714"
},
{
"name": "http://www.gossamer-threads.com/lists/apache/dev/401638",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.gossamer-threads.com/lists/apache/dev/401638"
},
{
"name": "1025960",
"refsource": "SECTRACK",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1025960"
},
{
"name": "[dev] 20110823 Re: DoS with mod_deflate \u0026 range requests",
"refsource": "MLIST",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3cCAAPSnn2PO-d-C4nQt_TES2RRWiZr7urefhTKPWBC1b+K1Dqc7g@mail.gmail.com%3e"
},
{
"name": "20110820 Apache Killer",
"refsource": "FULLDISC",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2011/Aug/175"
},
{
"name": "49303",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/49303"
},
{
"name": "74721",
"refsource": "OSVDB",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/74721"
},
{
"name": "http://blogs.oracle.com/security/entry/security_alert_for_cve_2011",
"refsource": "CONFIRM",
"tags": [
"Broken Link"
],
"url": "http://blogs.oracle.com/security/entry/security_alert_for_cve_2011"
},
{
"name": "USN-1199-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1199-1"
},
{
"name": "RHSA-2011:1294",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1294.html"
},
{
"name": "http://www.apache.org/dist/httpd/Announcement2.2.html",
"refsource": "CONFIRM",
"tags": [
"Broken Link"
],
"url": "http://www.apache.org/dist/httpd/Announcement2.2.html"
},
{
"name": "46000",
"refsource": "SECUNIA",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/46000"
},
{
"name": "MDVSA-2011:130",
"refsource": "MANDRIVA",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:130"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html"
},
{
"name": "20110830 Apache HTTPd Range Header Denial of Service Vulnerability",
"refsource": "CISCO",
"tags": [
"Third Party Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b90d73.shtml"
},
{
"name": "45937",
"refsource": "SECUNIA",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/45937"
},
{
"name": "RHSA-2011:1245",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1245.html"
},
{
"name": "RHSA-2011:1300",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1300.html"
},
{
"name": "46126",
"refsource": "SECUNIA",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/46126"
},
{
"name": "VU#405811",
"refsource": "CERT-VN",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/405811"
},
{
"name": "RHSA-2011:1330",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1330.html"
},
{
"name": "46125",
"refsource": "SECUNIA",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/46125"
},
{
"name": "RHSA-2011:1329",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1329.html"
},
{
"name": "APPLE-SA-2011-10-12-3",
"refsource": "APPLE",
"tags": [
"Broken Link"
],
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html"
},
{
"name": "http://support.apple.com/kb/HT5002",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT5002"
},
{
"name": "SUSE-SU-2011:1000",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html"
},
{
"name": "openSUSE-SU-2011:0993",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00006.html"
},
{
"name": "HPSBUX02702",
"refsource": "HP",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"name": "SUSE-SU-2011:1010",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00011.html"
},
{
"name": "HPSBUX02707",
"refsource": "HP",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"name": "SUSE-SU-2011:1007",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00010.html"
},
{
"name": "RHSA-2011:1369",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1369.html"
},
{
"name": "SSRT100619",
"refsource": "HP",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"name": "SUSE-SU-2011:1216",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html"
},
{
"name": "SUSE-SU-2011:1229",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"name": "SSRT100966",
"refsource": "HP",
"tags": [
"Issue Tracking",
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "SSRT100852",
"refsource": "HP",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
},
{
"name": "SSRT100624",
"refsource": "HP",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133477473521382\u0026w=2"
},
{
"name": "apache-http-byterange-dos(69396)",
"refsource": "XF",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69396"
},
{
"name": "oval:org.mitre.oval:def:18827",
"refsource": "OVAL",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18827"
},
{
"name": "oval:org.mitre.oval:def:14824",
"refsource": "OVAL",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14824"
},
{
"name": "oval:org.mitre.oval:def:14762",
"refsource": "OVAL",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14762"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [7/13] - /httpd/site/trunk/content/security/json/",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2022-09-19T19:49Z",
"publishedDate": "2011-08-29T15:55Z"
}
}
}
FKIE_CVE-2011-3192
Vulnerability from fkie_nvd - Published: 2011-08-29 15:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0285.html | Broken Link | |
| secalert@redhat.com | http://blogs.oracle.com/security/entry/security_alert_for_cve_2011 | Broken Link | |
| secalert@redhat.com | http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html | Broken Link | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00006.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00010.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00011.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122D387DD%40minotaur.apache.org%3e | ||
| secalert@redhat.com | http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3cCAAPSnn2PO-d-C4nQt_TES2RRWiZr7urefhTKPWBC1b+K1Dqc7g%40mail.gmail.com%3e | ||
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=131551295528105&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=131731002122529&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=132033751509019&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=133477473521382&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=133951357207000&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=134987041210674&w=2 | Issue Tracking, Mailing List | |
| secalert@redhat.com | http://osvdb.org/74721 | Broken Link | |
| secalert@redhat.com | http://seclists.org/fulldisclosure/2011/Aug/175 | Exploit, Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/45606 | Not Applicable, Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/45937 | Not Applicable | |
| secalert@redhat.com | http://secunia.com/advisories/46000 | Not Applicable | |
| secalert@redhat.com | http://secunia.com/advisories/46125 | Not Applicable | |
| secalert@redhat.com | http://secunia.com/advisories/46126 | Not Applicable | |
| secalert@redhat.com | http://securitytracker.com/id?1025960 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://support.apple.com/kb/HT5002 | Third Party Advisory | |
| secalert@redhat.com | http://www.apache.org/dist/httpd/Announcement2.2.html | Broken Link | |
| secalert@redhat.com | http://www.cisco.com/en/US/products/products_security_advisory09186a0080b90d73.shtml | Third Party Advisory | |
| secalert@redhat.com | http://www.exploit-db.com/exploits/17696 | Exploit, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.gossamer-threads.com/lists/apache/dev/401638 | Third Party Advisory | |
| secalert@redhat.com | http://www.kb.cert.org/vuls/id/405811 | Third Party Advisory, US Government Resource | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2011:130 | Broken Link | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | Broken Link | |
| secalert@redhat.com | http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html | Third Party Advisory | |
| secalert@redhat.com | http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html | Third Party Advisory | |
| secalert@redhat.com | http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | Third Party Advisory | |
| secalert@redhat.com | http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2011-1245.html | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2011-1294.html | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2011-1300.html | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2011-1329.html | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2011-1330.html | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2011-1369.html | Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/49303 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1199-1 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=732928 | Exploit, Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/69396 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 | Third Party Advisory | |
| secalert@redhat.com | https://issues.apache.org/bugzilla/show_bug.cgi?id=51714 | Exploit, Issue Tracking, Vendor Advisory | |
| secalert@redhat.com | https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14762 | Third Party Advisory | |
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14824 | Third Party Advisory | |
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18827 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0285.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://blogs.oracle.com/security/entry/security_alert_for_cve_2011 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00006.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00010.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00011.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122D387DD%40minotaur.apache.org%3e | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3cCAAPSnn2PO-d-C4nQt_TES2RRWiZr7urefhTKPWBC1b+K1Dqc7g%40mail.gmail.com%3e | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=131551295528105&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=131731002122529&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=132033751509019&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=133477473521382&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=133951357207000&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=134987041210674&w=2 | Issue Tracking, Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/74721 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2011/Aug/175 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/45606 | Not Applicable, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/45937 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/46000 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/46125 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/46126 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1025960 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5002 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.apache.org/dist/httpd/Announcement2.2.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cisco.com/en/US/products/products_security_advisory09186a0080b90d73.shtml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.exploit-db.com/exploits/17696 | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gossamer-threads.com/lists/apache/dev/401638 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/405811 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:130 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-1245.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-1294.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-1300.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-1329.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-1330.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-1369.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/49303 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1199-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=732928 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/69396 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.apache.org/bugzilla/show_bug.cgi?id=51714 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14762 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14824 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18827 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | http_server | * | |
| apache | http_server | * | |
| opensuse | opensuse | 11.3 | |
| opensuse | opensuse | 11.4 | |
| suse | linux_enterprise_server | 10 | |
| suse | linux_enterprise_server | 10 | |
| suse | linux_enterprise_server | 10 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_software_development_kit | 10 | |
| suse | linux_enterprise_software_development_kit | 10 | |
| suse | linux_enterprise_software_development_kit | 11 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 10.10 | |
| canonical | ubuntu_linux | 11.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8032B39-37CC-4B9F-8D09-A0171E66BE47",
"versionEndExcluding": "2.0.65",
"versionStartIncluding": "2.0.35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43A849EE-9D31-4289-84AF-E6831294297F",
"versionEndExcluding": "2.2.20",
"versionStartIncluding": "2.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5646FDE9-CF21-46A9-B89D-F5BBDB4249AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:-:*:*:*",
"matchCriteriaId": "105187A7-2AFE-46F9-B0A9-F09C7E10BFBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:*",
"matchCriteriaId": "79A35457-EAA3-4BF9-A4DA-B2E414A75A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*",
"matchCriteriaId": "D1D7B467-58DD-45F1-9F1F-632620DF072A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:-:*:*",
"matchCriteriaId": "A44C3422-0D42-473E-ABB4-279D7494EE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:vmware:*:*",
"matchCriteriaId": "A6B7CDCA-6F39-4113-B5D3-3AA9D7F3D809",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp3:*:*:*:*:*:*",
"matchCriteriaId": "3DB8A616-865B-4E70-BA2E-BE5F0BA7A351",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*",
"matchCriteriaId": "436EF2ED-FDBB-4B64-8EC4-33C3E4253F06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp1:*:*:*:*:*:*",
"matchCriteriaId": "E8C91701-DF37-4F7B-AB9A-B1BFDB4991F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
"matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "87614B58-24AB-49FB-9C84-E8DDBA16353B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EF49D26F-142E-468B-87C1-BABEA445255C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086."
},
{
"lang": "es",
"value": "El filtro byterange en el Servidor Apache HTTP v1.3.x, v2.0.x hasta v2.0.64, y v2.2.x hasta v2.2.19 permite a tacantes remotos provocar una denegaci\u00f3n de servicio (consumo de memoria y CPU) a trav\u00e9s de una cabecera Range que expresa m\u00faltiple rangos de solapamiento, como se explot\u00f3 en Agosto 2011, una vulnerabilidad diferente que CVE-2007-0086."
}
],
"id": "CVE-2011-3192",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-08-29T15:55:02.017",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0285.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://blogs.oracle.com/security/entry/security_alert_for_cve_2011"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00006.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00010.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00011.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html"
},
{
"source": "secalert@redhat.com",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122D387DD%40minotaur.apache.org%3e"
},
{
"source": "secalert@redhat.com",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3cCAAPSnn2PO-d-C4nQt_TES2RRWiZr7urefhTKPWBC1b+K1Dqc7g%40mail.gmail.com%3e"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133477473521382\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/74721"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2011/Aug/175"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45606"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/45937"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/46000"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/46125"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/46126"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1025960"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT5002"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.apache.org/dist/httpd/Announcement2.2.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b90d73.shtml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/17696"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.gossamer-threads.com/lists/apache/dev/401638"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/405811"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:130"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1245.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1294.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1300.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1329.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1330.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1369.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/49303"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1199-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69396"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=51714"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14762"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14824"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18827"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0285.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://blogs.oracle.com/security/entry/security_alert_for_cve_2011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122D387DD%40minotaur.apache.org%3e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3cCAAPSnn2PO-d-C4nQt_TES2RRWiZr7urefhTKPWBC1b+K1Dqc7g%40mail.gmail.com%3e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133477473521382\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/74721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2011/Aug/175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/45937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/46000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/46125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/46126"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1025960"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT5002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.apache.org/dist/httpd/Announcement2.2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b90d73.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/17696"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.gossamer-threads.com/lists/apache/dev/401638"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/405811"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1245.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1294.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1300.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1329.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1330.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1369.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/49303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1199-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=51714"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14762"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14824"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18827"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
OPENSUSE-SU-2024:10268-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
apache2-2.4.23-4.1 on GA media
Notes
Title of the patch
apache2-2.4.23-4.1 on GA media
Description of the patch
These are all security issues fixed in the apache2-2.4.23-4.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10268
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "apache2-2.4.23-4.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the apache2-2.4.23-4.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10268",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10268-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-0023 page",
"url": "https://www.suse.com/security/cve/CVE-2009-0023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1191 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1191/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1195 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1195/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1890 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1891 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1955 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1956 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-2412 page",
"url": "https://www.suse.com/security/cve/CVE-2009-2412/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-2699 page",
"url": "https://www.suse.com/security/cve/CVE-2009-2699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3094 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3095 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3555 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3560 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3560/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3720 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0408 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0408/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0425 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0425/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0434 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0434/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1452 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1452/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1623 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1623/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2068 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-1176 page",
"url": "https://www.suse.com/security/cve/CVE-2011-1176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3192 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3192/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3368 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3368/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3607 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3607/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-4317 page",
"url": "https://www.suse.com/security/cve/CVE-2011-4317/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0021 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0031 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0031/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0053 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-2687 page",
"url": "https://www.suse.com/security/cve/CVE-2012-2687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3499 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3502 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3502/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1896 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1896/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-2249 page",
"url": "https://www.suse.com/security/cve/CVE-2013-2249/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5704 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6438 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6438/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0098 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0117 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0117/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0118 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0118/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0226 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0226/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0231 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0231/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-3523 page",
"url": "https://www.suse.com/security/cve/CVE-2014-3523/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-3581 page",
"url": "https://www.suse.com/security/cve/CVE-2014-3581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-3583 page",
"url": "https://www.suse.com/security/cve/CVE-2014-3583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8109 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8109/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0228 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0228/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0253 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0253/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4000 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4979 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4979/"
}
],
"title": "apache2-2.4.23-4.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10268-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.23-4.1.aarch64",
"product": {
"name": "apache2-2.4.23-4.1.aarch64",
"product_id": "apache2-2.4.23-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.23-4.1.aarch64",
"product": {
"name": "apache2-devel-2.4.23-4.1.aarch64",
"product_id": "apache2-devel-2.4.23-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-doc-2.4.23-4.1.aarch64",
"product": {
"name": "apache2-doc-2.4.23-4.1.aarch64",
"product_id": "apache2-doc-2.4.23-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.23-4.1.aarch64",
"product": {
"name": "apache2-event-2.4.23-4.1.aarch64",
"product_id": "apache2-event-2.4.23-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.23-4.1.aarch64",
"product": {
"name": "apache2-example-pages-2.4.23-4.1.aarch64",
"product_id": "apache2-example-pages-2.4.23-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.23-4.1.aarch64",
"product": {
"name": "apache2-prefork-2.4.23-4.1.aarch64",
"product_id": "apache2-prefork-2.4.23-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.23-4.1.aarch64",
"product": {
"name": "apache2-utils-2.4.23-4.1.aarch64",
"product_id": "apache2-utils-2.4.23-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.23-4.1.aarch64",
"product": {
"name": "apache2-worker-2.4.23-4.1.aarch64",
"product_id": "apache2-worker-2.4.23-4.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.23-4.1.ppc64le",
"product": {
"name": "apache2-2.4.23-4.1.ppc64le",
"product_id": "apache2-2.4.23-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.23-4.1.ppc64le",
"product": {
"name": "apache2-devel-2.4.23-4.1.ppc64le",
"product_id": "apache2-devel-2.4.23-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-doc-2.4.23-4.1.ppc64le",
"product": {
"name": "apache2-doc-2.4.23-4.1.ppc64le",
"product_id": "apache2-doc-2.4.23-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.23-4.1.ppc64le",
"product": {
"name": "apache2-event-2.4.23-4.1.ppc64le",
"product_id": "apache2-event-2.4.23-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.23-4.1.ppc64le",
"product": {
"name": "apache2-example-pages-2.4.23-4.1.ppc64le",
"product_id": "apache2-example-pages-2.4.23-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.23-4.1.ppc64le",
"product": {
"name": "apache2-prefork-2.4.23-4.1.ppc64le",
"product_id": "apache2-prefork-2.4.23-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.23-4.1.ppc64le",
"product": {
"name": "apache2-utils-2.4.23-4.1.ppc64le",
"product_id": "apache2-utils-2.4.23-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.23-4.1.ppc64le",
"product": {
"name": "apache2-worker-2.4.23-4.1.ppc64le",
"product_id": "apache2-worker-2.4.23-4.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.23-4.1.s390x",
"product": {
"name": "apache2-2.4.23-4.1.s390x",
"product_id": "apache2-2.4.23-4.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.23-4.1.s390x",
"product": {
"name": "apache2-devel-2.4.23-4.1.s390x",
"product_id": "apache2-devel-2.4.23-4.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-doc-2.4.23-4.1.s390x",
"product": {
"name": "apache2-doc-2.4.23-4.1.s390x",
"product_id": "apache2-doc-2.4.23-4.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.23-4.1.s390x",
"product": {
"name": "apache2-event-2.4.23-4.1.s390x",
"product_id": "apache2-event-2.4.23-4.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.23-4.1.s390x",
"product": {
"name": "apache2-example-pages-2.4.23-4.1.s390x",
"product_id": "apache2-example-pages-2.4.23-4.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.23-4.1.s390x",
"product": {
"name": "apache2-prefork-2.4.23-4.1.s390x",
"product_id": "apache2-prefork-2.4.23-4.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.23-4.1.s390x",
"product": {
"name": "apache2-utils-2.4.23-4.1.s390x",
"product_id": "apache2-utils-2.4.23-4.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.23-4.1.s390x",
"product": {
"name": "apache2-worker-2.4.23-4.1.s390x",
"product_id": "apache2-worker-2.4.23-4.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.23-4.1.x86_64",
"product": {
"name": "apache2-2.4.23-4.1.x86_64",
"product_id": "apache2-2.4.23-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.23-4.1.x86_64",
"product": {
"name": "apache2-devel-2.4.23-4.1.x86_64",
"product_id": "apache2-devel-2.4.23-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-doc-2.4.23-4.1.x86_64",
"product": {
"name": "apache2-doc-2.4.23-4.1.x86_64",
"product_id": "apache2-doc-2.4.23-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.23-4.1.x86_64",
"product": {
"name": "apache2-event-2.4.23-4.1.x86_64",
"product_id": "apache2-event-2.4.23-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.23-4.1.x86_64",
"product": {
"name": "apache2-example-pages-2.4.23-4.1.x86_64",
"product_id": "apache2-example-pages-2.4.23-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.23-4.1.x86_64",
"product": {
"name": "apache2-prefork-2.4.23-4.1.x86_64",
"product_id": "apache2-prefork-2.4.23-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.23-4.1.x86_64",
"product": {
"name": "apache2-utils-2.4.23-4.1.x86_64",
"product_id": "apache2-utils-2.4.23-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.23-4.1.x86_64",
"product": {
"name": "apache2-worker-2.4.23-4.1.x86_64",
"product_id": "apache2-worker-2.4.23-4.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64"
},
"product_reference": "apache2-2.4.23-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le"
},
"product_reference": "apache2-2.4.23-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x"
},
"product_reference": "apache2-2.4.23-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64"
},
"product_reference": "apache2-2.4.23-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.23-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64"
},
"product_reference": "apache2-devel-2.4.23-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.23-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le"
},
"product_reference": "apache2-devel-2.4.23-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.23-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x"
},
"product_reference": "apache2-devel-2.4.23-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.23-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64"
},
"product_reference": "apache2-devel-2.4.23-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.23-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64"
},
"product_reference": "apache2-doc-2.4.23-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.23-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le"
},
"product_reference": "apache2-doc-2.4.23-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.23-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x"
},
"product_reference": "apache2-doc-2.4.23-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.23-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64"
},
"product_reference": "apache2-doc-2.4.23-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.23-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64"
},
"product_reference": "apache2-event-2.4.23-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.23-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le"
},
"product_reference": "apache2-event-2.4.23-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.23-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x"
},
"product_reference": "apache2-event-2.4.23-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.23-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64"
},
"product_reference": "apache2-event-2.4.23-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64"
},
"product_reference": "apache2-example-pages-2.4.23-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le"
},
"product_reference": "apache2-example-pages-2.4.23-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x"
},
"product_reference": "apache2-example-pages-2.4.23-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.23-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64"
},
"product_reference": "apache2-prefork-2.4.23-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le"
},
"product_reference": "apache2-prefork-2.4.23-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x"
},
"product_reference": "apache2-prefork-2.4.23-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.23-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64"
},
"product_reference": "apache2-utils-2.4.23-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le"
},
"product_reference": "apache2-utils-2.4.23-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x"
},
"product_reference": "apache2-utils-2.4.23-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64"
},
"product_reference": "apache2-utils-2.4.23-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64"
},
"product_reference": "apache2-worker-2.4.23-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le"
},
"product_reference": "apache2-worker-2.4.23-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x"
},
"product_reference": "apache2-worker-2.4.23-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
},
"product_reference": "apache2-worker-2.4.23-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-0023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-0023"
}
],
"notes": [
{
"category": "general",
"text": "The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the Apache HTTP Server, (2) the SVNMasterURI directive in the mod_dav_svn module in the Apache HTTP Server, (3) the mod_apreq2 module for the Apache HTTP Server, or (4) an application that uses the libapreq2 library, which triggers a heap-based buffer underflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-0023",
"url": "https://www.suse.com/security/cve/CVE-2009-0023"
},
{
"category": "external",
"summary": "SUSE Bug 510301 for CVE-2009-0023",
"url": "https://bugzilla.suse.com/510301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-0023"
},
{
"cve": "CVE-2009-1191",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1191"
}
],
"notes": [
{
"category": "general",
"text": "mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1191",
"url": "https://www.suse.com/security/cve/CVE-2009-1191"
},
{
"category": "external",
"summary": "SUSE Bug 521943 for CVE-2009-1191",
"url": "https://bugzilla.suse.com/521943"
},
{
"category": "external",
"summary": "SUSE Bug 539571 for CVE-2009-1191",
"url": "https://bugzilla.suse.com/539571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-1191"
},
{
"cve": "CVE-2009-1195",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1195"
}
],
"notes": [
{
"category": "general",
"text": "The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1195",
"url": "https://www.suse.com/security/cve/CVE-2009-1195"
},
{
"category": "external",
"summary": "SUSE Bug 512583 for CVE-2009-1195",
"url": "https://bugzilla.suse.com/512583"
},
{
"category": "external",
"summary": "SUSE Bug 513080 for CVE-2009-1195",
"url": "https://bugzilla.suse.com/513080"
},
{
"category": "external",
"summary": "SUSE Bug 539571 for CVE-2009-1195",
"url": "https://bugzilla.suse.com/539571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-1195"
},
{
"cve": "CVE-2009-1890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1890"
}
],
"notes": [
{
"category": "general",
"text": "The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1890",
"url": "https://www.suse.com/security/cve/CVE-2009-1890"
},
{
"category": "external",
"summary": "SUSE Bug 519194 for CVE-2009-1890",
"url": "https://bugzilla.suse.com/519194"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2009-1890"
},
{
"cve": "CVE-2009-1891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1891"
}
],
"notes": [
{
"category": "general",
"text": "The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1891",
"url": "https://www.suse.com/security/cve/CVE-2009-1891"
},
{
"category": "external",
"summary": "SUSE Bug 521906 for CVE-2009-1891",
"url": "https://bugzilla.suse.com/521906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2009-1891"
},
{
"cve": "CVE-2009-1955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1955"
}
],
"notes": [
{
"category": "general",
"text": "The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1955",
"url": "https://www.suse.com/security/cve/CVE-2009-1955"
},
{
"category": "external",
"summary": "SUSE Bug 509825 for CVE-2009-1955",
"url": "https://bugzilla.suse.com/509825"
},
{
"category": "external",
"summary": "SUSE Bug 510301 for CVE-2009-1955",
"url": "https://bugzilla.suse.com/510301"
},
{
"category": "external",
"summary": "SUSE Bug 529591 for CVE-2009-1955",
"url": "https://bugzilla.suse.com/529591"
},
{
"category": "external",
"summary": "SUSE Bug 992541 for CVE-2009-1955",
"url": "https://bugzilla.suse.com/992541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2009-1955"
},
{
"cve": "CVE-2009-1956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1956"
}
],
"notes": [
{
"category": "general",
"text": "Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1956",
"url": "https://www.suse.com/security/cve/CVE-2009-1956"
},
{
"category": "external",
"summary": "SUSE Bug 510301 for CVE-2009-1956",
"url": "https://bugzilla.suse.com/510301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-1956"
},
{
"cve": "CVE-2009-2412",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-2412"
}
],
"notes": [
{
"category": "general",
"text": "Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows. NOTE: some of these details are obtained from third party information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-2412",
"url": "https://www.suse.com/security/cve/CVE-2009-2412"
},
{
"category": "external",
"summary": "SUSE Bug 528714 for CVE-2009-2412",
"url": "https://bugzilla.suse.com/528714"
},
{
"category": "external",
"summary": "SUSE Bug 529591 for CVE-2009-2412",
"url": "https://bugzilla.suse.com/529591"
},
{
"category": "external",
"summary": "SUSE Bug 802057 for CVE-2009-2412",
"url": "https://bugzilla.suse.com/802057"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-2412"
},
{
"cve": "CVE-2009-2699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-2699"
}
],
"notes": [
{
"category": "general",
"text": "The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library before 1.3.9, as used in the Apache HTTP Server before 2.2.14 and other products, does not properly handle errors, which allows remote attackers to cause a denial of service (daemon hang) via unspecified HTTP requests, related to the prefork and event MPMs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-2699",
"url": "https://www.suse.com/security/cve/CVE-2009-2699"
},
{
"category": "external",
"summary": "SUSE Bug 1078450 for CVE-2009-2699",
"url": "https://bugzilla.suse.com/1078450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2009-2699"
},
{
"cve": "CVE-2009-3094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3094"
}
],
"notes": [
{
"category": "general",
"text": "The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3094",
"url": "https://www.suse.com/security/cve/CVE-2009-3094"
},
{
"category": "external",
"summary": "SUSE Bug 538322 for CVE-2009-3094",
"url": "https://bugzilla.suse.com/538322"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3094"
},
{
"cve": "CVE-2009-3095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3095"
}
],
"notes": [
{
"category": "general",
"text": "The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3095",
"url": "https://www.suse.com/security/cve/CVE-2009-3095"
},
{
"category": "external",
"summary": "SUSE Bug 538322 for CVE-2009-3095",
"url": "https://bugzilla.suse.com/538322"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3095"
},
{
"cve": "CVE-2009-3555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3555"
}
],
"notes": [
{
"category": "general",
"text": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3555",
"url": "https://www.suse.com/security/cve/CVE-2009-3555"
},
{
"category": "external",
"summary": "SUSE Bug 1077582 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/1077582"
},
{
"category": "external",
"summary": "SUSE Bug 459468 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/459468"
},
{
"category": "external",
"summary": "SUSE Bug 552497 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/552497"
},
{
"category": "external",
"summary": "SUSE Bug 553641 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/553641"
},
{
"category": "external",
"summary": "SUSE Bug 554069 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/554069"
},
{
"category": "external",
"summary": "SUSE Bug 554084 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/554084"
},
{
"category": "external",
"summary": "SUSE Bug 554085 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/554085"
},
{
"category": "external",
"summary": "SUSE Bug 555177 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/555177"
},
{
"category": "external",
"summary": "SUSE Bug 557168 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/557168"
},
{
"category": "external",
"summary": "SUSE Bug 564507 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/564507"
},
{
"category": "external",
"summary": "SUSE Bug 566041 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/566041"
},
{
"category": "external",
"summary": "SUSE Bug 584292 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/584292"
},
{
"category": "external",
"summary": "SUSE Bug 586567 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/586567"
},
{
"category": "external",
"summary": "SUSE Bug 588996 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/588996"
},
{
"category": "external",
"summary": "SUSE Bug 590826 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/590826"
},
{
"category": "external",
"summary": "SUSE Bug 592589 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/592589"
},
{
"category": "external",
"summary": "SUSE Bug 594415 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/594415"
},
{
"category": "external",
"summary": "SUSE Bug 604782 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/604782"
},
{
"category": "external",
"summary": "SUSE Bug 614753 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/614753"
},
{
"category": "external",
"summary": "SUSE Bug 622073 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/622073"
},
{
"category": "external",
"summary": "SUSE Bug 623905 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/623905"
},
{
"category": "external",
"summary": "SUSE Bug 629905 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/629905"
},
{
"category": "external",
"summary": "SUSE Bug 642531 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/642531"
},
{
"category": "external",
"summary": "SUSE Bug 646073 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/646073"
},
{
"category": "external",
"summary": "SUSE Bug 646906 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/646906"
},
{
"category": "external",
"summary": "SUSE Bug 648140 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/648140"
},
{
"category": "external",
"summary": "SUSE Bug 648950 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/648950"
},
{
"category": "external",
"summary": "SUSE Bug 659926 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/659926"
},
{
"category": "external",
"summary": "SUSE Bug 670152 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/670152"
},
{
"category": "external",
"summary": "SUSE Bug 704832 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/704832"
},
{
"category": "external",
"summary": "SUSE Bug 728876 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/728876"
},
{
"category": "external",
"summary": "SUSE Bug 729181 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/729181"
},
{
"category": "external",
"summary": "SUSE Bug 753357 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/753357"
},
{
"category": "external",
"summary": "SUSE Bug 791794 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/791794"
},
{
"category": "external",
"summary": "SUSE Bug 799454 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/799454"
},
{
"category": "external",
"summary": "SUSE Bug 815621 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/815621"
},
{
"category": "external",
"summary": "SUSE Bug 905347 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/905347"
},
{
"category": "external",
"summary": "SUSE Bug 979060 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/979060"
},
{
"category": "external",
"summary": "SUSE Bug 986238 for CVE-2009-3555",
"url": "https://bugzilla.suse.com/986238"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3555"
},
{
"cve": "CVE-2009-3560",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3560"
}
],
"notes": [
{
"category": "general",
"text": "The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-2009-2625 and CVE-2009-3720.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3560",
"url": "https://www.suse.com/security/cve/CVE-2009-3560"
},
{
"category": "external",
"summary": "SUSE Bug 550666 for CVE-2009-3560",
"url": "https://bugzilla.suse.com/550666"
},
{
"category": "external",
"summary": "SUSE Bug 558892 for CVE-2009-3560",
"url": "https://bugzilla.suse.com/558892"
},
{
"category": "external",
"summary": "SUSE Bug 561561 for CVE-2009-3560",
"url": "https://bugzilla.suse.com/561561"
},
{
"category": "external",
"summary": "SUSE Bug 581162 for CVE-2009-3560",
"url": "https://bugzilla.suse.com/581162"
},
{
"category": "external",
"summary": "SUSE Bug 581765 for CVE-2009-3560",
"url": "https://bugzilla.suse.com/581765"
},
{
"category": "external",
"summary": "SUSE Bug 611931 for CVE-2009-3560",
"url": "https://bugzilla.suse.com/611931"
},
{
"category": "external",
"summary": "SUSE Bug 694595 for CVE-2009-3560",
"url": "https://bugzilla.suse.com/694595"
},
{
"category": "external",
"summary": "SUSE Bug 725950 for CVE-2009-3560",
"url": "https://bugzilla.suse.com/725950"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3560"
},
{
"cve": "CVE-2009-3720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3720"
}
],
"notes": [
{
"category": "general",
"text": "The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3720",
"url": "https://www.suse.com/security/cve/CVE-2009-3720"
},
{
"category": "external",
"summary": "SUSE Bug 534721 for CVE-2009-3720",
"url": "https://bugzilla.suse.com/534721"
},
{
"category": "external",
"summary": "SUSE Bug 550664 for CVE-2009-3720",
"url": "https://bugzilla.suse.com/550664"
},
{
"category": "external",
"summary": "SUSE Bug 550666 for CVE-2009-3720",
"url": "https://bugzilla.suse.com/550666"
},
{
"category": "external",
"summary": "SUSE Bug 558892 for CVE-2009-3720",
"url": "https://bugzilla.suse.com/558892"
},
{
"category": "external",
"summary": "SUSE Bug 561561 for CVE-2009-3720",
"url": "https://bugzilla.suse.com/561561"
},
{
"category": "external",
"summary": "SUSE Bug 581162 for CVE-2009-3720",
"url": "https://bugzilla.suse.com/581162"
},
{
"category": "external",
"summary": "SUSE Bug 581765 for CVE-2009-3720",
"url": "https://bugzilla.suse.com/581765"
},
{
"category": "external",
"summary": "SUSE Bug 611931 for CVE-2009-3720",
"url": "https://bugzilla.suse.com/611931"
},
{
"category": "external",
"summary": "SUSE Bug 725950 for CVE-2009-3720",
"url": "https://bugzilla.suse.com/725950"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3720"
},
{
"cve": "CVE-2010-0408",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0408"
}
],
"notes": [
{
"category": "general",
"text": "The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service (backend server outage) via a crafted request, related to use of a 500 error code instead of the appropriate 400 error code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0408",
"url": "https://www.suse.com/security/cve/CVE-2010-0408"
},
{
"category": "external",
"summary": "SUSE Bug 586572 for CVE-2010-0408",
"url": "https://bugzilla.suse.com/586572"
},
{
"category": "external",
"summary": "SUSE Bug 601151 for CVE-2010-0408",
"url": "https://bugzilla.suse.com/601151"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-0408"
},
{
"cve": "CVE-2010-0425",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0425"
}
],
"notes": [
{
"category": "general",
"text": "modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and \"orphaned callback pointers.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0425",
"url": "https://www.suse.com/security/cve/CVE-2010-0425"
},
{
"category": "external",
"summary": "SUSE Bug 1078450 for CVE-2010-0425",
"url": "https://bugzilla.suse.com/1078450"
},
{
"category": "external",
"summary": "SUSE Bug 586572 for CVE-2010-0425",
"url": "https://bugzilla.suse.com/586572"
},
{
"category": "external",
"summary": "SUSE Bug 601151 for CVE-2010-0425",
"url": "https://bugzilla.suse.com/601151"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2010-0425"
},
{
"cve": "CVE-2010-0434",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0434"
}
],
"notes": [
{
"category": "general",
"text": "The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0434",
"url": "https://www.suse.com/security/cve/CVE-2010-0434"
},
{
"category": "external",
"summary": "SUSE Bug 586572 for CVE-2010-0434",
"url": "https://bugzilla.suse.com/586572"
},
{
"category": "external",
"summary": "SUSE Bug 601151 for CVE-2010-0434",
"url": "https://bugzilla.suse.com/601151"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-0434"
},
{
"cve": "CVE-2010-1452",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1452"
}
],
"notes": [
{
"category": "general",
"text": "The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1452",
"url": "https://www.suse.com/security/cve/CVE-2010-1452"
},
{
"category": "external",
"summary": "SUSE Bug 627030 for CVE-2010-1452",
"url": "https://bugzilla.suse.com/627030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-1452"
},
{
"cve": "CVE-2010-1623",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1623"
}
],
"notes": [
{
"category": "general",
"text": "Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1623",
"url": "https://www.suse.com/security/cve/CVE-2010-1623"
},
{
"category": "external",
"summary": "SUSE Bug 650435 for CVE-2010-1623",
"url": "https://bugzilla.suse.com/650435"
},
{
"category": "external",
"summary": "SUSE Bug 693778 for CVE-2010-1623",
"url": "https://bugzilla.suse.com/693778"
},
{
"category": "external",
"summary": "SUSE Bug 725950 for CVE-2010-1623",
"url": "https://bugzilla.suse.com/725950"
},
{
"category": "external",
"summary": "SUSE Bug 997229 for CVE-2010-1623",
"url": "https://bugzilla.suse.com/997229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-1623"
},
{
"cve": "CVE-2010-2068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2068"
}
],
"notes": [
{
"category": "general",
"text": "mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2068",
"url": "https://www.suse.com/security/cve/CVE-2010-2068"
},
{
"category": "external",
"summary": "SUSE Bug 627030 for CVE-2010-2068",
"url": "https://bugzilla.suse.com/627030"
},
{
"category": "external",
"summary": "SUSE Bug 627387 for CVE-2010-2068",
"url": "https://bugzilla.suse.com/627387"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-2068"
},
{
"cve": "CVE-2011-1176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-1176"
}
],
"notes": [
{
"category": "general",
"text": "The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-1176",
"url": "https://www.suse.com/security/cve/CVE-2011-1176"
},
{
"category": "external",
"summary": "SUSE Bug 681176 for CVE-2011-1176",
"url": "https://bugzilla.suse.com/681176"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-1176"
},
{
"cve": "CVE-2011-3192",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3192"
}
],
"notes": [
{
"category": "general",
"text": "The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3192",
"url": "https://www.suse.com/security/cve/CVE-2011-3192"
},
{
"category": "external",
"summary": "SUSE Bug 713966 for CVE-2011-3192",
"url": "https://bugzilla.suse.com/713966"
},
{
"category": "external",
"summary": "SUSE Bug 714306 for CVE-2011-3192",
"url": "https://bugzilla.suse.com/714306"
},
{
"category": "external",
"summary": "SUSE Bug 716634 for CVE-2011-3192",
"url": "https://bugzilla.suse.com/716634"
},
{
"category": "external",
"summary": "SUSE Bug 718106 for CVE-2011-3192",
"url": "https://bugzilla.suse.com/718106"
},
{
"category": "external",
"summary": "SUSE Bug 722545 for CVE-2011-3192",
"url": "https://bugzilla.suse.com/722545"
},
{
"category": "external",
"summary": "SUSE Bug 726139 for CVE-2011-3192",
"url": "https://bugzilla.suse.com/726139"
},
{
"category": "external",
"summary": "SUSE Bug 732051 for CVE-2011-3192",
"url": "https://bugzilla.suse.com/732051"
},
{
"category": "external",
"summary": "SUSE Bug 983778 for CVE-2011-3192",
"url": "https://bugzilla.suse.com/983778"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2011-3192"
},
{
"cve": "CVE-2011-3368",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3368"
}
],
"notes": [
{
"category": "general",
"text": "The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3368",
"url": "https://www.suse.com/security/cve/CVE-2011-3368"
},
{
"category": "external",
"summary": "SUSE Bug 722545 for CVE-2011-3368",
"url": "https://bugzilla.suse.com/722545"
},
{
"category": "external",
"summary": "SUSE Bug 723308 for CVE-2011-3368",
"url": "https://bugzilla.suse.com/723308"
},
{
"category": "external",
"summary": "SUSE Bug 728876 for CVE-2011-3368",
"url": "https://bugzilla.suse.com/728876"
},
{
"category": "external",
"summary": "SUSE Bug 729181 for CVE-2011-3368",
"url": "https://bugzilla.suse.com/729181"
},
{
"category": "external",
"summary": "SUSE Bug 754831 for CVE-2011-3368",
"url": "https://bugzilla.suse.com/754831"
},
{
"category": "external",
"summary": "SUSE Bug 791794 for CVE-2011-3368",
"url": "https://bugzilla.suse.com/791794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-3368"
},
{
"cve": "CVE-2011-3607",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3607"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3607",
"url": "https://www.suse.com/security/cve/CVE-2011-3607"
},
{
"category": "external",
"summary": "SUSE Bug 728876 for CVE-2011-3607",
"url": "https://bugzilla.suse.com/728876"
},
{
"category": "external",
"summary": "SUSE Bug 729181 for CVE-2011-3607",
"url": "https://bugzilla.suse.com/729181"
},
{
"category": "external",
"summary": "SUSE Bug 729183 for CVE-2011-3607",
"url": "https://bugzilla.suse.com/729183"
},
{
"category": "external",
"summary": "SUSE Bug 806721 for CVE-2011-3607",
"url": "https://bugzilla.suse.com/806721"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-3607"
},
{
"cve": "CVE-2011-4317",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-4317"
}
],
"notes": [
{
"category": "general",
"text": "The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-4317",
"url": "https://www.suse.com/security/cve/CVE-2011-4317"
},
{
"category": "external",
"summary": "SUSE Bug 722545 for CVE-2011-4317",
"url": "https://bugzilla.suse.com/722545"
},
{
"category": "external",
"summary": "SUSE Bug 728876 for CVE-2011-4317",
"url": "https://bugzilla.suse.com/728876"
},
{
"category": "external",
"summary": "SUSE Bug 729181 for CVE-2011-4317",
"url": "https://bugzilla.suse.com/729181"
},
{
"category": "external",
"summary": "SUSE Bug 791794 for CVE-2011-4317",
"url": "https://bugzilla.suse.com/791794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2011-4317"
},
{
"cve": "CVE-2012-0021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0021"
}
],
"notes": [
{
"category": "general",
"text": "The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not properly handle a %{}C format string, which allows remote attackers to cause a denial of service (daemon crash) via a cookie that lacks both a name and a value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0021",
"url": "https://www.suse.com/security/cve/CVE-2012-0021"
},
{
"category": "external",
"summary": "SUSE Bug 1078450 for CVE-2012-0021",
"url": "https://bugzilla.suse.com/1078450"
},
{
"category": "external",
"summary": "SUSE Bug 743744 for CVE-2012-0021",
"url": "https://bugzilla.suse.com/743744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0021"
},
{
"cve": "CVE-2012-0031",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0031"
}
],
"notes": [
{
"category": "general",
"text": "scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0031",
"url": "https://www.suse.com/security/cve/CVE-2012-0031"
},
{
"category": "external",
"summary": "SUSE Bug 741243 for CVE-2012-0031",
"url": "https://bugzilla.suse.com/741243"
},
{
"category": "external",
"summary": "SUSE Bug 806721 for CVE-2012-0031",
"url": "https://bugzilla.suse.com/806721"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0031"
},
{
"cve": "CVE-2012-0053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0053"
}
],
"notes": [
{
"category": "general",
"text": "protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0053",
"url": "https://www.suse.com/security/cve/CVE-2012-0053"
},
{
"category": "external",
"summary": "SUSE Bug 743743 for CVE-2012-0053",
"url": "https://bugzilla.suse.com/743743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0053"
},
{
"cve": "CVE-2012-2687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-2687"
}
],
"notes": [
{
"category": "general",
"text": "Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-2687",
"url": "https://www.suse.com/security/cve/CVE-2012-2687"
},
{
"category": "external",
"summary": "SUSE Bug 777260 for CVE-2012-2687",
"url": "https://bugzilla.suse.com/777260"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2012-2687"
},
{
"cve": "CVE-2012-3499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3499"
}
],
"notes": [
{
"category": "general",
"text": "Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3499",
"url": "https://www.suse.com/security/cve/CVE-2012-3499"
},
{
"category": "external",
"summary": "SUSE Bug 806458 for CVE-2012-3499",
"url": "https://bugzilla.suse.com/806458"
},
{
"category": "external",
"summary": "SUSE Bug 807511 for CVE-2012-3499",
"url": "https://bugzilla.suse.com/807511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-3499"
},
{
"cve": "CVE-2012-3502",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3502"
}
],
"notes": [
{
"category": "general",
"text": "The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp module and (2) mod_proxy_http.c in the mod_proxy_http module in the Apache HTTP Server 2.4.x before 2.4.3 does not properly determine the situations that require closing a back-end connection, which allows remote attackers to obtain sensitive information in opportunistic circumstances by reading a response that was intended for a different client.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3502",
"url": "https://www.suse.com/security/cve/CVE-2012-3502"
},
{
"category": "external",
"summary": "SUSE Bug 777119 for CVE-2012-3502",
"url": "https://bugzilla.suse.com/777119"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-3502"
},
{
"cve": "CVE-2013-1896",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1896"
}
],
"notes": [
{
"category": "general",
"text": "mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1896",
"url": "https://www.suse.com/security/cve/CVE-2013-1896"
},
{
"category": "external",
"summary": "SUSE Bug 829056 for CVE-2013-1896",
"url": "https://bugzilla.suse.com/829056"
},
{
"category": "external",
"summary": "SUSE Bug 829057 for CVE-2013-1896",
"url": "https://bugzilla.suse.com/829057"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-1896"
},
{
"cve": "CVE-2013-2249",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-2249"
}
],
"notes": [
{
"category": "general",
"text": "mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-2249",
"url": "https://www.suse.com/security/cve/CVE-2013-2249"
},
{
"category": "external",
"summary": "SUSE Bug 831113 for CVE-2013-2249",
"url": "https://bugzilla.suse.com/831113"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-2249"
},
{
"cve": "CVE-2013-5704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5704"
}
],
"notes": [
{
"category": "general",
"text": "The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass \"RequestHeader unset\" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states \"this is not a security issue in httpd as such.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5704",
"url": "https://www.suse.com/security/cve/CVE-2013-5704"
},
{
"category": "external",
"summary": "SUSE Bug 871310 for CVE-2013-5704",
"url": "https://bugzilla.suse.com/871310"
},
{
"category": "external",
"summary": "SUSE Bug 914535 for CVE-2013-5704",
"url": "https://bugzilla.suse.com/914535"
},
{
"category": "external",
"summary": "SUSE Bug 930944 for CVE-2013-5704",
"url": "https://bugzilla.suse.com/930944"
},
{
"category": "external",
"summary": "SUSE Bug 938728 for CVE-2013-5704",
"url": "https://bugzilla.suse.com/938728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2013-5704"
},
{
"cve": "CVE-2013-6438",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6438"
}
],
"notes": [
{
"category": "general",
"text": "The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6438",
"url": "https://www.suse.com/security/cve/CVE-2013-6438"
},
{
"category": "external",
"summary": "SUSE Bug 869105 for CVE-2013-6438",
"url": "https://bugzilla.suse.com/869105"
},
{
"category": "external",
"summary": "SUSE Bug 869106 for CVE-2013-6438",
"url": "https://bugzilla.suse.com/869106"
},
{
"category": "external",
"summary": "SUSE Bug 887765 for CVE-2013-6438",
"url": "https://bugzilla.suse.com/887765"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6438"
},
{
"cve": "CVE-2014-0098",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0098"
}
],
"notes": [
{
"category": "general",
"text": "The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0098",
"url": "https://www.suse.com/security/cve/CVE-2014-0098"
},
{
"category": "external",
"summary": "SUSE Bug 869106 for CVE-2014-0098",
"url": "https://bugzilla.suse.com/869106"
},
{
"category": "external",
"summary": "SUSE Bug 887765 for CVE-2014-0098",
"url": "https://bugzilla.suse.com/887765"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-0098"
},
{
"cve": "CVE-2014-0117",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0117"
}
],
"notes": [
{
"category": "general",
"text": "The mod_proxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service (child-process crash) via a crafted HTTP Connection header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0117",
"url": "https://www.suse.com/security/cve/CVE-2014-0117"
},
{
"category": "external",
"summary": "SUSE Bug 887767 for CVE-2014-0117",
"url": "https://bugzilla.suse.com/887767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-0117"
},
{
"cve": "CVE-2014-0118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0118"
}
],
"notes": [
{
"category": "general",
"text": "The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses to a much larger size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0118",
"url": "https://www.suse.com/security/cve/CVE-2014-0118"
},
{
"category": "external",
"summary": "SUSE Bug 1078450 for CVE-2014-0118",
"url": "https://bugzilla.suse.com/1078450"
},
{
"category": "external",
"summary": "SUSE Bug 887769 for CVE-2014-0118",
"url": "https://bugzilla.suse.com/887769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-0118"
},
{
"cve": "CVE-2014-0226",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0226"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0226",
"url": "https://www.suse.com/security/cve/CVE-2014-0226"
},
{
"category": "external",
"summary": "SUSE Bug 887765 for CVE-2014-0226",
"url": "https://bugzilla.suse.com/887765"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-0226"
},
{
"cve": "CVE-2014-0231",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0231"
}
],
"notes": [
{
"category": "general",
"text": "The mod_cgid module in the Apache HTTP Server before 2.4.10 does not have a timeout mechanism, which allows remote attackers to cause a denial of service (process hang) via a request to a CGI script that does not read from its stdin file descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0231",
"url": "https://www.suse.com/security/cve/CVE-2014-0231"
},
{
"category": "external",
"summary": "SUSE Bug 887768 for CVE-2014-0231",
"url": "https://bugzilla.suse.com/887768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-0231"
},
{
"cve": "CVE-2014-3523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-3523"
}
],
"notes": [
{
"category": "general",
"text": "Memory leak in the winnt_accept function in server/mpm/winnt/child.c in the WinNT MPM in the Apache HTTP Server 2.4.x before 2.4.10 on Windows, when the default AcceptFilter is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-3523",
"url": "https://www.suse.com/security/cve/CVE-2014-3523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-3523"
},
{
"cve": "CVE-2014-3581",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-3581"
}
],
"notes": [
{
"category": "general",
"text": "The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-3581",
"url": "https://www.suse.com/security/cve/CVE-2014-3581"
},
{
"category": "external",
"summary": "SUSE Bug 899836 for CVE-2014-3581",
"url": "https://bugzilla.suse.com/899836"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-3581"
},
{
"cve": "CVE-2014-3583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-3583"
}
],
"notes": [
{
"category": "general",
"text": "The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service (buffer over-read and daemon crash) via long response headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-3583",
"url": "https://www.suse.com/security/cve/CVE-2014-3583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-3583"
},
{
"cve": "CVE-2014-8109",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8109"
}
],
"notes": [
{
"category": "general",
"text": "mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging multiple Require directives, as demonstrated by a configuration that specifies authorization for one group to access a certain directory, and authorization for a second group to access a second directory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8109",
"url": "https://www.suse.com/security/cve/CVE-2014-8109"
},
{
"category": "external",
"summary": "SUSE Bug 909715 for CVE-2014-8109",
"url": "https://bugzilla.suse.com/909715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-8109"
},
{
"cve": "CVE-2015-0228",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0228"
}
],
"notes": [
{
"category": "general",
"text": "The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0228",
"url": "https://www.suse.com/security/cve/CVE-2015-0228"
},
{
"category": "external",
"summary": "SUSE Bug 918352 for CVE-2015-0228",
"url": "https://bugzilla.suse.com/918352"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-0228"
},
{
"cve": "CVE-2015-0253",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0253"
}
],
"notes": [
{
"category": "general",
"text": "The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) by sending a request that lacks a method to an installation that enables the INCLUDES filter and has an ErrorDocument 400 directive specifying a local URI.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0253",
"url": "https://www.suse.com/security/cve/CVE-2015-0253"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-0253"
},
{
"cve": "CVE-2015-4000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4000"
}
],
"notes": [
{
"category": "general",
"text": "The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the \"Logjam\" issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4000",
"url": "https://www.suse.com/security/cve/CVE-2015-4000"
},
{
"category": "external",
"summary": "SUSE Bug 1074631 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/1074631"
},
{
"category": "external",
"summary": "SUSE Bug 1211968 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/1211968"
},
{
"category": "external",
"summary": "SUSE Bug 931600 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/931600"
},
{
"category": "external",
"summary": "SUSE Bug 931698 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/931698"
},
{
"category": "external",
"summary": "SUSE Bug 931723 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/931723"
},
{
"category": "external",
"summary": "SUSE Bug 931845 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/931845"
},
{
"category": "external",
"summary": "SUSE Bug 932026 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/932026"
},
{
"category": "external",
"summary": "SUSE Bug 932483 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/932483"
},
{
"category": "external",
"summary": "SUSE Bug 934789 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/934789"
},
{
"category": "external",
"summary": "SUSE Bug 935033 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/935033"
},
{
"category": "external",
"summary": "SUSE Bug 935540 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/935540"
},
{
"category": "external",
"summary": "SUSE Bug 935979 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/935979"
},
{
"category": "external",
"summary": "SUSE Bug 937202 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/937202"
},
{
"category": "external",
"summary": "SUSE Bug 937766 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/937766"
},
{
"category": "external",
"summary": "SUSE Bug 938248 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938248"
},
{
"category": "external",
"summary": "SUSE Bug 938432 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938432"
},
{
"category": "external",
"summary": "SUSE Bug 938895 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938895"
},
{
"category": "external",
"summary": "SUSE Bug 938905 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938905"
},
{
"category": "external",
"summary": "SUSE Bug 938906 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938906"
},
{
"category": "external",
"summary": "SUSE Bug 938913 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938913"
},
{
"category": "external",
"summary": "SUSE Bug 938945 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/938945"
},
{
"category": "external",
"summary": "SUSE Bug 943664 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/943664"
},
{
"category": "external",
"summary": "SUSE Bug 944729 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/944729"
},
{
"category": "external",
"summary": "SUSE Bug 945582 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/945582"
},
{
"category": "external",
"summary": "SUSE Bug 955589 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/955589"
},
{
"category": "external",
"summary": "SUSE Bug 980406 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/980406"
},
{
"category": "external",
"summary": "SUSE Bug 990592 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/990592"
},
{
"category": "external",
"summary": "SUSE Bug 994144 for CVE-2015-4000",
"url": "https://bugzilla.suse.com/994144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-4000"
},
{
"cve": "CVE-2016-4979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4979"
}
],
"notes": [
{
"category": "general",
"text": "The Apache HTTP Server 2.4.18 through 2.4.20, when mod_http2 and mod_ssl are enabled, does not properly recognize the \"SSLVerifyClient require\" directive for HTTP/2 request authorization, which allows remote attackers to bypass intended access restrictions by leveraging the ability to send multiple requests over a single connection and aborting a renegotiation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4979",
"url": "https://www.suse.com/security/cve/CVE-2016-4979"
},
{
"category": "external",
"summary": "SUSE Bug 987365 for CVE-2016-4979",
"url": "https://bugzilla.suse.com/987365"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:apache2-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-devel-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-doc-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-event-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-example-pages-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-prefork-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-utils-2.4.23-4.1.x86_64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.aarch64",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.ppc64le",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.s390x",
"openSUSE Tumbleweed:apache2-worker-2.4.23-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-4979"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…