httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r817513 - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities_22.html
Date Sun, 13 May 2012 21:38:31 GMT
Author: buildbot
Date: Sun May 13 21:38:30 2012
New Revision: 817513

Log:
Staging update by buildbot for httpd

Modified:
    websites/staging/httpd/trunk/content/   (props changed)
    websites/staging/httpd/trunk/content/security/vulnerabilities_22.html

Propchange: websites/staging/httpd/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Sun May 13 21:38:30 2012
@@ -1 +1 @@
-1337900
+1337987

Modified: websites/staging/httpd/trunk/content/security/vulnerabilities_22.html
==============================================================================
--- websites/staging/httpd/trunk/content/security/vulnerabilities_22.html (original)
+++ websites/staging/httpd/trunk/content/security/vulnerabilities_22.html Sun May 13 21:38:30 2012
@@ -88,176 +88,134 @@ populated by Apache Week. Please send co
 vulnerabilities to the <a href="/security_report.html">Security Team</a>.</p>
 <h1 id="2.2.22">Fixed in Apache httpd 2.2.22</h1>
 <dl>
-<dd><strong>low:</strong>  <strong><name name="CVE-2011-3607">mod_setenvif.htaccess
-  privilege escalation</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607">CVE-2011-3607</a> </dd>
-</dl>
+<dt>low: <name name="CVE-2011-3607">mod_setenvif.htaccess privilege escalation</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607">CVE-2011-3607</a></dt>
+<dd>
 <p>An integer overflow flaw was found which, when the mod_setenvif module is
 enabled, could allow local users to gain privileges via a.htaccess file.</p>
-<dl>
-<dt>Acknowledgements: This issue was reported by halfdog</dt>
-<dd>
-<p>Reported to security team: 4th October 2011<br></br>Issue public:
- 2nd November 2011<br></br>Update released:
- 31st January 2012<br></br></p>
-</dd>
-<dd>
-<p>Affected: 2.2.21, 2.2.20, 2.2.19, 2.2.18, 2.2.17, 2.2.16, 2.2.15,
- 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5,
- 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
-</dd>
-<dd>
-<p><strong>low:</strong>  <strong><name name="CVE-2012-0021">mod_log_config crash</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0021">CVE-2012-0021</a> </p>
-</dd>
-<dt>A flaw was found in mod_log_config. If the '%{cookiename}C' log format</dt>
-<dt>string is in use, a remote attacker could send a specific cookie causing a</dt>
-<dt>crash. This crash would only be a denial of service if using a threaded</dt>
-<dt>MPM.</dt>
-<dd>
-<p>Reported to security team: 30th December 2011<br></br>Issue public:
- 28th November 2011<br></br>Update released:
- 31st January 2012<br></br></p>
-</dd>
-<dd>
+<p>Acknowldegements: This issue was reported by halfdog</p>
+<p>Reported to security team:  4th October 2011</p>
+<p>Issue public:  2nd November 2011</p>
+<p>Update Released: 31st January 2012</p>
+<p>Affected: 2.2.21, 2.2.20, 2.2.19, 2.2.18, 2.2.17, 2.2.16, 2.2.15,<br/>
+            2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8,<br/>
+            2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0<br/></p>
+</dd>
+<dt>low: <name name="CVE-2012-0021">mod_log_config crash</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0021">CVE-2012-0021</a></dt>
+<dd>
+<p>A flaw was found in mod_log_config. If the '%{cookiename}C' log format
+string is in use, a remote attacker could send a specific cookie causing a
+crash. This crash would only be a denial of service if using a threaded
+MPM.</p>
+<p>Reported to security team: 30th December 2011</p>
+<p>Issue public: 28th November 2011</p>
+<p>Update released: 31st January 2012</p>
 <p>Affected: 2.2.21, 2.2.20, 2.2.19, 2.2.18, 2.2.17</p>
 </dd>
+<dt>low:<name name="CVE-2012-0031">scoreboard parent DoS</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031">CVE-2012-0031</a> </dt>
 <dd>
-<p><strong>low:</strong>  <strong><name name="CVE-2012-0031">scoreboard parent DoS</name></strong></p>
-<p><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031">CVE-2012-0031</a> 
-A flaw was found in the handling of the scoreboard. An unprivileged child
+<p>A flaw was found in the handling of the scoreboard. An unprivileged child
 process could cause the parent process to crash at shutdown rather than
 terminate cleanly.</p>
-</dd>
-<dt>Acknowledgements: This issue was reported by halfdog</dt>
-<dd>
-<p>Reported to security team: 30th December 2011<br></br>Issue public:
- 11th January 2012<br></br>Update released:
- 31st January 2012<br></br></p>
-</dd>
-<dd>
-<p>Affected: 2.2.21, 2.2.20, 2.2.19, 2.2.18, 2.2.17, 2.2.16, 2.2.15,
- 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5,
+<p>Acknowledgements: This issue was reported by halfdog<br></p>
+<p>Reported to security team: 30th December 2011</p>
+<p>Issue public: 11th January 2012</p>
+<p>Update released: 31st January 2012</p>
+<p>Affected: 2.2.21, 2.2.20, 2.2.19, 2.2.18, 2.2.17, 2.2.16, 2.2.15,<br />
+ 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5,<br />
  2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
+<dt>moderate: <name name="CVE-2011-4317">mod_proxy reverse proxy exposure</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317">CVE-2011-4317</a></dt>
 <dd>
-<p><strong>moderate:</strong>  <strong><name name="CVE-2011-4317">mod_proxy reverse proxy
-  exposure</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317">CVE-2011-4317</a> </p>
-</dd>
-</dl>
 <p>An additional exposure was found when using mod_proxy in reverse proxy
 mode. In certain configurations using RewriteRule with proxy flag or
 ProxyPassMatch, a remote attacker could cause the reverse proxy to connect
 to an arbitrary server, possibly disclosing sensitive information from
 internal web servers not directly accessible to attacker.</p>
-<dl>
-<dt>Acknowledgements: This issue was reported by Prutha Parikh of Qualys</dt>
-<dd>
-<p>Reported to security team: 20th October 2011<br></br>Issue public:
- 22nd January 2012<br></br>Update released:
- 31st January 2012<br></br></p>
+<p>Acknowledgements: This issue was reported by Prutha Parikh of Qualys</p>
+<p>Reported to security team: 20th October 2011</p>
+<p>Issue public: 22nd January 2012</p>
+<p>Update released: 31st January 2012
+Affected: 2.2.21, 2.2.20, 2.2.19, 2.2.18, 2.2.17, 2.2.16, 2.2.15,<br />
+ 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5,<br />
+ 2.2.4, 2.2.3, 2.2.2, 2.2.0<br />
+</p>
 </dd>
+<dt>moderate: <name name="CVE-2012-0053">error responses can expose cookies</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053">CVE-2012-0053</a></dt>
 <dd>
-<p>Affected: 2.2.21, 2.2.20, 2.2.19, 2.2.18, 2.2.17, 2.2.16, 2.2.15,
- 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5,
- 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
-</dd>
-<dd>
-<p><strong>moderate:</strong>  <strong><name name="CVE-2012-0053">error responses can
-  expose cookies</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053">CVE-2012-0053</a> </p>
-</dd>
-</dl>
 <p>A flaw was found in the default error response for status code 400. This
 flaw could be used by an attacker to expose "httpOnly" cookies when no
 custom ErrorDocument is specified.</p>
-<dl>
-<dt>Acknowledgements: This issue was reported by Norman Hippert</dt>
-<dd>
-<p>Reported to security team: 15th January 2012<br></br>Issue public:
- 23rd January 2012<br></br>Update released:
- 31st January 2012<br></br></p>
-</dd>
-<dd>
-<p>Affected: 2.2.21, 2.2.20, 2.2.19, 2.2.18, 2.2.17, 2.2.16, 2.2.15,
- 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5,
+<p>Acknowledgements: This issue was reported by Norman Hippert</p>
+<p>Reported to security team: 15th January 2012</p>
+<p>Issue public: 23rd January 2012</p>
+<p>Update released: 31st January 2012</p>
+<p>Affected: 2.2.21, 2.2.20, 2.2.19, 2.2.18, 2.2.17, 2.2.16, 2.2.15,<br />
+ 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5,<br />
  2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
+<dt>moderate: <name name="CVE-2011-3368">mod_proxy reverse proxy exposure</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368">CVE-2011-3368</a></dt>
 <dd>
-<p><strong>moderate:</strong>  <strong><name name="CVE-2011-3368">mod_proxy reverse proxy
-  exposure</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368">CVE-2011-3368</a> </p>
-</dd>
-</dl>
 <p>An exposure was found when using mod_proxy in reverse proxy mode. In
 certain configurations using RewriteRule with proxy flag or ProxyPassMatch,
 a remote attacker could cause the reverse proxy to connect to an arbitrary
 server, possibly disclosing sensitive information from internal web servers
 not directly accessible to attacker.</p>
-<dl>
-<dt>Acknowledgements: This issue was reported by Context Information Security</dt>
-<dt>Ltd</dt>
-<dd>
-<p>Reported to security team: 16th September 2011<br></br>Issue public:
- 5th October 2011<br></br>Update released:
- 31st January 2012<br></br></p>
-</dd>
-<dd>
-<p>Affected: 2.2.21, 2.2.20, 2.2.19, 2.2.18, 2.2.17, 2.2.16, 2.2.15,
- 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5,
- 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
+<p>Acknowledgements: This issue was reported by Context Information Security Ltd</p>
+<p>Reported to security team: 16th September 2011</p>
+<p>Issue public: 5th October 2011</p>
+<p>Update released: 31st January 2012</p>
+<p>Affected: 2.2.21, 2.2.20, 2.2.19, 2.2.18, 2.2.17, 2.2.16, 2.2.15,<br />
+2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5,<br />
+2.2.4, 2.2.3, 2.2.2, 2.2.0<br />
+</p>
 </dd>
 </dl>
 <h1 id="2.2.21">Fixed in Apache httpd 2.2.21</h1>
 <dl>
-<dd><strong>moderate:</strong>  <strong><name name="CVE-2011-3348">mod_proxy_ajp remote
-  DoS</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348">CVE-2011-3348</a> </dd>
-<dt>A flaw was found when mod_proxy_ajp is used together with</dt>
-<dt>mod_proxy_balancer. Given a specific configuration, a remote attacker could</dt>
-<dt>send certain malformed HTTP requests, putting a backend server into an</dt>
-<dt>error state until the retry timeout expired. This could lead to a temporary</dt>
-<dt>denial of service.</dt>
-<dd>
-<p>Reported to security team: 7th September 2011<br></br>Issue public:
- 14th September 2011<br></br>Update released:
- 14th September 2011<br></br></p>
-</dd>
+<dt>moderate: <name name="CVE-2011-3348">mod_proxy_ajp remote DoS</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348">CVE-2011-3348</a></dt>
 <dd>
-<p>Affected: 2.2.20, 2.2.19, 2.2.18, 2.2.17, 2.2.16, 2.2.15, 2.2.14,
- 2.2.13, 2.2.12</p>
+<p>A flaw was found when mod_proxy_ajp is used together with
+mod_proxy_balancer. Given a specific configuration, a remote attacker could
+send certain malformed HTTP requests, putting a backend server into an
+error state until the retry timeout expired. This could lead to a temporary
+denial of service.</p>
+<p>Reported to security team: 7th September 2011</p>
+<p>Issue public: 14th September 2011</p>
+<p>Update released: 14th September 2011</p>
+<p>Affected: 2.2.20, 2.2.19, 2.2.18, 2.2.17, 2.2.16, 2.2.15, 2.2.14,      <br />
+2.2.13, 2.2.12</p>
 </dd>
 </dl>
 <h1 id="2.2.20">Fixed in Apache httpd 2.2.20</h1>
 <dl>
-<dd><strong>important:</strong>  <strong><name name="CVE-2011-3192">Range header remote
-  DoS</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192">CVE-2011-3192</a> </dd>
-</dl>
+<dt><strong>important: <name name="CVE-2011-3192">Range header remote DoS</name></strong></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192">CVE-2011-3192</a></dt>
+<dd>
 <p>A flaw was found in the way the Apache HTTP Server handled Range HTTP
 headers. A remote attacker could use this flaw to cause httpd to use an
 excessive amount of memory and CPU time via HTTP requests with a
 specially-crafted Range header. This could be used in a denial of service
 attack.</p>
-<dl>
-<dt>Advisory: <a href="CVE-2011-3192.txt">CVE-2011-3192.txt</a> </dt>
-<dd>
-<p>Issue public: 20th August 2011<br></br>Update released:
- 30th August 2011<br></br></p>
-</dd>
-<dd>
-<p>Affected: 2.2.19, 2.2.18, 2.2.17, 2.2.16, 2.2.15, 2.2.14, 2.2.13,
- 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3,
- 2.2.2, 2.2.0</p>
+<p>Advisory: <a href="CVE-2011-3192.txt">CVE-2011-3192.txt</a> </p>
+<p>Issue public: 20th August 2011</p>
+<p>Update released: 30th August 2011</p>
+<p>Affected: 2.2.19, 2.2.18, 2.2.17, 2.2.16, 2.2.15, 2.2.14, 2.2.13,<br />
+          2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3,<br />
+          2.2.2, 2.2.0</p>
 </dd>
 </dl>
 <h1 id="2.2.19">Fixed in Apache httpd 2.2.19</h1>
 <dl>
-<dd><strong>moderate:</strong>  <strong><name name="CVE-2011-0419">apr_fnmatch flaw leads to
-  mod_autoindex remote DoS</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419">CVE-2011-0419</a> </dd>
-</dl>
+<dt>moderate: <name name="CVE-2011-0419">apr_fnmatch flaw leads to mod_autoindex remote DoS</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419">CVE-2011-0419</a></dt>
+<dd>
 <p>A flaw was found in the apr_fnmatch() function of the bundled APR library.
 Where mod_autoindex is enabled, and a directory indexed by mod_autoindex
 contained files with sufficiently long names, a remote attacker could send
@@ -267,83 +225,68 @@ could be used in a denial of service att
 directive disables processing of the client-supplied request query
 arguments, preventing this attack.</p>
 <p>Resolution: Update APR to release 1.4.5 (bundled with httpd 2.2.19)</p>
-<dl>
-<dt>Acknowledgements: This issue was reported by Maksymilian Arciemowicz</dt>
-<dd>
-<p>Reported to security team: 2nd March 2011<br></br>Issue public:
- 10th May 2011<br></br>Update released: 21st May 2011<br></br></p>
-</dd>
-<dd>
-<p>Affected: 2.2.18, 2.2.17, 2.2.16, 2.2.15, 2.2.14, 2.2.13, 2.2.12,
- 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
+<p>Acknowledgements: This issue was reported by Maksymilian Arciemowicz</p>
+<p>Reported to security team: 2nd March 2011</p>
+<p>Issue public: 10th May 2011</p>
+<p>Update released: 21st May 2011</p>
+<p>Affected: 2.2.18, 2.2.17, 2.2.16, 2.2.15, 2.2.14, 2.2.13, 2.2.12,<br />
+2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
 </dl>
 <h1 id="2.2.17">Fixed in Apache httpd 2.2.17</h1>
 <dl>
-<dd><strong>low:</strong>  <strong><name name="CVE-2009-3720">expat DoS</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720">CVE-2009-3720</a> </dd>
-<dt>A buffer over-read flaw was found in the bundled expat library. An attacker</dt>
-<dt>who is able to get Apache to parse an untrused XML document (for example</dt>
-<dt>through mod_dav) may be able to cause a crash. This crash would only be a</dt>
-<dt>denial of service if using the worker MPM.</dt>
-<dd>
-<p>Reported to security team: 21st August 2009<br></br>Issue public:
- 17th January 2009<br></br>Update released:
- 19th October 2010<br></br></p>
-</dd>
+<dt>low: <name name="CVE-2009-3720">expat DoS</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720">CVE-2009-3720</a></dt>
 <dd>
-<p>Affected: 2.2.16, 2.2.15, 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10,
+<p>A buffer over-read flaw was found in the bundled expat library. An attacker
+who is able to get Apache to parse an untrused XML document (for example
+through mod_dav) may be able to cause a crash. This crash would only be a
+denial of service if using the worker MPM.</p>
+<p>Reported to security team: 21st August 2009</p>
+<p>Issue public: 17th January 2009</p>
+<p>Update released: 19th October 2010</p>
+<p>Affected: 2.2.16, 2.2.15, 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10,<br />
  2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
+<dt>low: <name name="CVE-2009-3560">expat DoS</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560">CVE-2009-3560</a></dt>
 <dd>
-<p><strong>low:</strong>  <strong><name name="CVE-2009-3560">expat DoS</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560">CVE-2009-3560</a> </p>
-</dd>
-<dt>A buffer over-read flaw was found in the bundled expat library. An attacker</dt>
-<dt>who is able to get Apache to parse an untrused XML document (for example</dt>
-<dt>through mod_dav) may be able to cause a crash. This crash would only be a</dt>
-<dt>denial of service if using the worker MPM.</dt>
-<dd>
-<p>Issue public: 2nd December 2009<br></br>Update released:
- 19th October 2010<br></br></p>
-</dd>
-<dd>
-<p>Affected: 2.2.16, 2.2.15, 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10,
+<p>A buffer over-read flaw was found in the bundled expat library. An attacker
+who is able to get Apache to parse an untrused XML document (for example
+through mod_dav) may be able to cause a crash. This crash would only be a
+denial of service if using the worker MPM.</p>
+<p>Issue public: 2nd December 2009</p>
+<p>Update released: 19th October 2010</p>
+<p>Affected: 2.2.16, 2.2.15, 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10,<br />
  2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
+<dt>low: <name name="CVE-2010-1623">apr_bridage_split_line DoS</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623">CVE-2010-1623</a></dt>
 <dd>
-<p><strong>low:</strong>  <strong><name name="CVE-2010-1623">apr_bridage_split_line
-  DoS</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623">CVE-2010-1623</a> </p>
-</dd>
-<dt>A flaw was found in the apr_brigade_split_line() function of the bundled</dt>
-<dt>APR-util library, used to process non-SSL requests. A remote attacker could</dt>
-<dt>send requests, carefully crafting the timing of individual bytes, which</dt>
-<dt>would slowly consume memory, potentially leading to a denial of service.</dt>
-<dd>
-<p>Reported to security team: 3rd March 2010<br></br>Issue public:
- 1st October 2010<br></br>Update released:
- 19th October 2010<br></br></p>
-</dd>
-<dd>
-<p>Affected: 2.2.16, 2.2.15, 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10,
+<p>A flaw was found in the apr_brigade_split_line() function of the bundled
+APR-util library, used to process non-SSL requests. A remote attacker could
+send requests, carefully crafting the timing of individual bytes, which
+would slowly consume memory, potentially leading to a denial of service.</p>
+<p>Reported to security team: 3rd March 2010</p>
+<p>Issue public: 1st October 2010</p>
+<p>Update released: 19th October 2010</p>
+<p>Affected: 2.2.16, 2.2.15, 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10,<br />
  2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
 </dl>
 <h1 id="2.2.16">Fixed in Apache httpd 2.2.16</h1>
 <dl>
-<dd><strong>important:</strong>  <strong><name name="CVE-2010-2068">Timeout detection flaw
-  (mod_proxy_http)</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2068">CVE-2010-2068</a> </dd>
-</dl>
+<dt><strong>important <name name="CVE-2010-2068">Timeout detection flaw (mod_proxy_http)</name></strong></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2068">CVE-2010-2068</a></dt>
+<dd>
 <p>An information disclosure flaw was found in mod_proxy_http in versions
 2.2.9 through 2.2.15, 2.3.4-alpha and 2.3.5-alpha. Under certain timeout
 conditions, the server could return a response intended for another user.
 Only Windows, Netware and OS2 operating systems are affected. Only those
 configurations which trigger the use of proxy worker pools are affected.
 There was no vulnerability on earlier versions, as proxy pools were not yet
-introduced. The simplest workaround is to globally configure;</p>
-<p>SetEnv proxy-nokeepalive 1</p>
+introduced. </p>
+<p>The simplest workaround is to globally configure: "SetEnv proxy-nokeepalive 1"</p>
 <p>Source code patches are at;</p>
 <ul>
 <li>
@@ -357,23 +300,16 @@ introduced. The simplest workaround is t
 <ul>
 <li><a href="http://www.apache.org/dist/httpd/binaries/win32/mod_proxy_http-CVE-2010-2068.zip">http://www.apache.org/dist/httpd/binaries/win32/mod_proxy_http-CVE-2010-2068.zip</a> </li>
 </ul>
-<dl>
-<dt>Acknowledgements: We would like to thank Loren Anderson for the detailed</dt>
-<dt>analysis and reporting of this issue.</dt>
-<dd>
-<p>Issue public: 9th June 2010<br></br>Update released:
- 25th July 2010<br></br></p>
-</dd>
-<dd>
-<p>Affected: 2.3.5-alpha, 2.3.4-alpha, 2.2.15, 2.2.14, 2.2.13, 2.2.12,
+<p>Acknowledgements: We would like to thank Loren Anderson for the detailed
+analysis and reporting of this issue.</p>
+<p>Issue public: 9th June 2010</p>
+<p>Update released: 25th July 2010</p>
+<p>Affected: 2.3.5-alpha, 2.3.4-alpha, 2.2.15, 2.2.14, 2.2.13, 2.2.12,<br />
  2.2.11, 2.2.10, 2.2.9</p>
 </dd>
+<dt>low:  <name name="CVE-2010-1452">mod_cache and mod_dav DoS</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452">CVE-2010-1452</a></dt>
 <dd>
-<p><strong>low:</strong>  <strong><name name="CVE-2010-1452">mod_cache and mod_dav
-  DoS</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452">CVE-2010-1452</a> </p>
-</dd>
-</dl>
 <p>A flaw was found in the handling of requests by mod_cache and mod_dav. A
 malicious remote attacker could send a carefully crafted request and cause
 a httpd child process to crash. This crash would only be a denial of
@@ -382,23 +318,18 @@ is only affected by requests that are mo
 mod_cache is only affected if the uncommon
 "CacheIgnoreURLSessionIdentifiers" directive, introduced in version 2.2.14,
 is used.</p>
-<dl>
-<dt>Acknowledgements: This issue was reported by Mark Drayton.</dt>
-<dd>
-<p>Reported to security team: 4th May 2010<br></br>Issue public:
- 25th July 2010<br></br>Update released: 25th July 2010<br></br></p>
-</dd>
-<dd>
-<p>Affected: 2.2.15, 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9,
+<p>Acknowledgements: This issue was reported by Mark Drayton.</p>
+<p>Reported to security team: 4th May 2010</p>
+<p>Issue public: 25th July 2010</p>
+<p>Update released: 25th July 2010 Affected: 2.2.15, 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9,<br />
  2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
 </dl>
 <h1 id="2.2.15">Fixed in Apache httpd 2.2.15</h1>
 <dl>
-<dd><strong>important:</strong>  <strong><name name="CVE-2010-0425">mod_isapi module unload
-  flaw</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425">CVE-2010-0425</a> </dd>
-</dl>
+<dt><strong>important:</strong>  <strong><name name="CVE-2010-0425">mod_isapi module unload flaw</name></strong></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425">CVE-2010-0425</a></dt>
+<dd>
 <p>A flaw was found with within mod_isapi which would attempt to unload the
 ISAPI dll when it encountered various error states. This could leave the
 callbacks in an undefined state and result in a segfault. On Windows
@@ -406,23 +337,17 @@ platforms using mod_isapi, a remote atta
 to trigger this issue, and as win32 MPM runs only one process, this would
 result in a denial of service, and potentially allow arbitrary code
 execution.</p>
-<dl>
-<dt>Acknowledgements: We would like to thank Brett Gervasoni of Sense of</dt>
-<dt>Security for reporting and proposing a patch fix for this issue.</dt>
-<dd>
-<p>Reported to security team: 9th February 2010<br></br>Issue public:
- 2nd March 2010<br></br>Update released: 5th March 2010<br></br></p>
-</dd>
-<dd>
-<p>Affected: 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6,
+<p>Acknowledgements: We would like to thank Brett Gervasoni of Sense of
+Security for reporting and proposing a patch fix for this issue.</p>
+<p>Reported to security team: 9th February 2010</p>
+<p>Issue public: 2nd March 2010</p>
+<p>Update released: 5th March 2010</p>
+<p>Affected: 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6,<br />
  2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
+<dt>low <name name="CVE-2010-0434">Subrequest handling of request headers (mod_headers)</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434">CVE-2010-0434</a></dt>
 <dd>
-<p><strong>low:</strong>  <strong><name name="CVE-2010-0434">Subrequest handling of request
-  headers (mod_headers)</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434">CVE-2010-0434</a> </p>
-</dd>
-</dl>
 <p>A flaw in the core subrequest process code was fixed, to always provide a
 shallow copy of the headers_in array to the subrequest, instead of a
 pointer to the parent request's array as it had for requests without
@@ -434,520 +359,404 @@ memory allocated to the subrequest scope
 main request processing was finished, resulting in a segfault or in
 revealing data from another request on threaded servers, such as the worker
 or winnt MPMs.</p>
-<dl>
-<dt>Acknowledgements: We would like to thank Philip Pickett of VMware for</dt>
-<dt>reporting and proposing a fix for this issue.</dt>
-<dd>
-<p>Issue public: 9th December 2009<br></br>Update released:
- 5th March 2010<br></br></p>
-</dd>
-<dd>
-<p>Affected: 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6,
+<p>Acknowledgements: We would like to thank Philip Pickett of VMware for
+reporting and proposing a fix for this issue.</p>
+<p>Issue public: 9th December 2009</p>
+<p>Update released: 5th March 2010</p>
+<p>Affected: 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6,<br />
  2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
+<dt>moderate: <name name="CVE-2010-0408">mod_proxy_ajp DoS</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408">CVE-2010-0408</a></dt>
 <dd>
-<p><strong>moderate:</strong>  <strong><name name="CVE-2010-0408">mod_proxy_ajp
-  DoS</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408">CVE-2010-0408</a> </p>
-</dd>
-</dl>
 <p>mod_proxy_ajp would return the wrong status code if it encountered an
 error, causing a backend server to be put into an error state until the
 retry timeout expired. A remote attacker could send malicious requests to
 trigger this issue, resulting in denial of service.</p>
-<dl>
-<dt>Acknowledgements: We would like to thank Niku Toivola of Sulake Corporation</dt>
-<dt>for reporting and proposing a patch fix for this issue.</dt>
-<dd>
-<p>Reported to security team: 2nd February 2010<br></br>Issue public:
- 2nd March 2010<br></br>Update released: 5th March 2010<br></br></p>
-</dd>
-<dd>
-<p>Affected: 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6,
+<p>Acknowledgements: We would like to thank Niku Toivola of Sulake Corporation
+for reporting and proposing a patch fix for this issue.</p>
+<p>Reported to security team: 2nd February 2010</p>
+<p>Issue public: 2nd March 2010</p>
+<p>Update released: 5th March 2010<br></br></p>
+<p>Affected: 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6,<br />
  2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
 </dl>
 <h1 id="2.2.14">Fixed in Apache httpd 2.2.14</h1>
 <dl>
-<dd><strong>low:</strong>  <strong><name name="CVE-2009-3094">mod_proxy_ftp DoS</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094">CVE-2009-3094</a> </dd>
-<dt>A NULL pointer dereference flaw was found in the mod_proxy_ftp module. A</dt>
-<dt>malicious FTP server to which requests are being proxied could use this</dt>
-<dt>flaw to crash an httpd child process via a malformed reply to the EPSV or</dt>
-<dt>PASV commands, resulting in a limited denial of service.</dt>
-<dd>
-<p>Reported to security team: 4th September 2009<br></br>Issue public:
- 2nd August 2009<br></br>Update released: 5th October 2009<br></br></p>
-</dd>
+<dt>low: <name name="CVE-2009-3094">mod_proxy_ftp DoS</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094">CVE-2009-3094</a></dt>
 <dd>
-<p>Affected: 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5,
+<p>A NULL pointer dereference flaw was found in the mod_proxy_ftp module. A
+malicious FTP server to which requests are being proxied could use this
+flaw to crash an httpd child process via a malformed reply to the EPSV or
+PASV commands, resulting in a limited denial of service.</p>
+<p>Reported to security team: 4th September 2009</p>
+<p>Issue public: 2nd August 2009</p>
+<p>Update released: 5th October 2009</p>
+<p>Affected: 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5, <br />
  2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
+<dt>low: <name name="CVE-2009-3095">mod_proxy_ftp FTP command injection</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095">CVE-2009-3095</a></dt>
 <dd>
-<p><strong>low:</strong>  <strong><name name="CVE-2009-3095">mod_proxy_ftp FTP command
-  injection</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095">CVE-2009-3095</a> </p>
-</dd>
-<dt>A flaw was found in the mod_proxy_ftp module. In a reverse proxy</dt>
-<dt>configuration, a remote attacker could use this flaw to bypass intended</dt>
-<dt>access restrictions by creating a carefully-crafted HTTP Authorization</dt>
-<dt>header, allowing the attacker to send arbitrary commands to the FTP server.</dt>
-<dd>
-<p>Reported to security team: 3rd September 2009<br></br>Issue public:
- 3rd August 2009<br></br>Update released: 5th October 2009<br></br></p>
-</dd>
-<dd>
-<p>Affected: 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5,
+<p>A flaw was found in the mod_proxy_ftp module. In a reverse proxy
+configuration, a remote attacker could use this flaw to bypass intended
+access restrictions by creating a carefully-crafted HTTP Authorization
+header, allowing the attacker to send arbitrary commands to the FTP server.</p>
+<p>Reported to security team: 3rd September 2009</p>
+<p>Issue public: 3rd August 2009</p>
+<p>Update released: 5th October 2009</p>
+<p>Affected: 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5,<br />
  2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
+<dt>moderate: <name name="CVE-2009-2699">Solaris pollset DoS</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2699">CVE-2009-2699</a></dt>
 <dd>
-<p><strong>moderate:</strong>  <strong><name name="CVE-2009-2699">Solaris pollset
-  DoS</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2699">CVE-2009-2699</a> </p>
-</dd>
-<dt>Faulty error handling was found affecting Solaris pollset support (Event</dt>
-<dt>Port backend) caused by a bug in APR. A remote attacker could trigger this</dt>
-<dt>issue on Solaris servers which used prefork or event MPMs, resulting in a</dt>
-<dt>denial of service.</dt>
-<dd>
-<p>Reported to security team: 5th August 2009<br></br>Issue public:
- 23rd September 2009<br></br>Update released:
- 5th October 2009<br></br></p>
-</dd>
-<dd>
-<p>Affected: 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5,
+<p>Faulty error handling was found affecting Solaris pollset support (Event
+Port backend) caused by a bug in APR. A remote attacker could trigger this
+issue on Solaris servers which used prefork or event MPMs, resulting in a
+denial of service.</p>
+<p>Reported to security team: 5th August 2009</p>
+<p>Issue public: 23rd September 2009</p>
+<p>Update released: 5th October 2009</p>
+<p>Affected: 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5,<br />
  2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
 </dl>
 <h1 id="2.2.13">Fixed in Apache httpd 2.2.13</h1>
 <dl>
-<dd><strong>low:</strong>  <strong><name name="CVE-2009-2412">APR apr_palloc heap
-  overflow</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412">CVE-2009-2412</a> </dd>
-<dt>A flaw in apr_palloc() in the bundled copy of APR could cause heap</dt>
-<dt>overflows in programs that try to apr_palloc() a user controlled size. The</dt>
-<dt>Apache HTTP Server itself does not pass unsanitized user-provided sizes to</dt>
-<dt>this function, so it could only be triggered through some other application</dt>
-<dt>which uses apr_palloc() in a vulnerable way.</dt>
+<dt>low: <name name="CVE-2009-2412">APR apr_palloc heap overflow</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412">CVE-2009-2412</a></dt>
 <dd>
-<p>Reported to security team: 27th July 2009<br></br>Issue public:
- 4th August 2009<br></br>Update released: 9th August 2009<br></br></p>
-</dd>
-<dd>
-<p>Affected: 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4,
+<p>A flaw in apr_palloc() in the bundled copy of APR could cause heap
+overflows in programs that try to apr_palloc() a user controlled size. The
+Apache HTTP Server itself does not pass unsanitized user-provided sizes to
+this function, so it could only be triggered through some other application
+which uses apr_palloc() in a vulnerable way.</p>
+<p>Reported to security team: 27th July 2009</p>
+<p>Issue public: 4th August 2009</p>
+<p>Update released: 9th August 2009</p>
+<p>Affected: 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4,<br />
  2.2.3, 2.2.2, 2.2.0</p>
 </dd>
 </dl>
 <h1 id="2.2.12">Fixed in Apache httpd 2.2.12</h1>
 <dl>
-<dd><strong>important:</strong>  <strong><name name="CVE-2009-1890">mod_proxy reverse proxy
-  DoS</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890">CVE-2009-1890</a> </dd>
-<dt>A denial of service flaw was found in the mod_proxy module when it was used</dt>
-<dt>as a reverse proxy. A remote attacker could use this flaw to force a proxy</dt>
-<dt>process to consume large amounts of CPU time.</dt>
+<dt><strong>important <name name="CVE-2009-1890">mod_proxy reverse proxy DoS</name></strong></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890">CVE-2009-1890</a></dt>
 <dd>
-<p>Reported to security team: 30th June 2009<br></br>Issue public:
- 2nd July 2009<br></br>Update released: 27th July 2009<br></br></p>
-</dd>
-<dd>
-<p>Affected: 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3,
+<p>A denial of service flaw was found in the mod_proxy module when it was used
+as a reverse proxy. A remote attacker could use this flaw to force a proxy
+process to consume large amounts of CPU time.</p>
+<p>Reported to security team: 30th June 2009</p>
+<p>Issue public: 2nd July 2009</p>
+<p>Update released: 27th July 2009</p>
+<p>Affected: 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3,<br />
  2.2.2, 2.2.0</p>
 </dd>
+<dt><strong>important:</strong>  <strong><name name="CVE-2009-1191">mod_proxy_ajp information disclosure</name></strong></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191">CVE-2009-1191</a></dt>
 <dd>
-<p><strong>important:</strong>  <strong><name name="CVE-2009-1191">mod_proxy_ajp
-  information disclosure</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191">CVE-2009-1191</a> </p>
-</dd>
-<dt>An information disclosure flaw was found in mod_proxy_ajp in version 2.2.11</dt>
-<dt>only. In certain situations, if a user sent a carefully crafted HTTP</dt>
-<dt>request, the server could return a response intended for another user.</dt>
-<dd>
-<p>Reported to security team: 5th March 2009<br></br>Issue public:
- 21st April 2009<br></br>Update released: 27th July 2009<br></br></p>
-</dd>
-<dd>
+<p>An information disclosure flaw was found in mod_proxy_ajp in version 2.2.11
+only. In certain situations, if a user sent a carefully crafted HTTP
+request, the server could return a response intended for another user.</p>
+<p>Reported to security team: 5th March 2009</p>
+<p>Issue public: 21st April 2009</p>
+<p>Update released: 27th July 2009</p>
 <p>Affected: 2.2.11</p>
 </dd>
+<dt>low: <name name="CVE-2009-1891">mod_deflate DoS</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891">CVE-2009-1891</a></dt>
 <dd>
-<p><strong>low:</strong>  <strong><name name="CVE-2009-1891">mod_deflate DoS</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891">CVE-2009-1891</a> </p>
-</dd>
-<dt>A denial of service flaw was found in the mod_deflate module. This module</dt>
-<dt>continued to compress large files until compression was complete, even if</dt>
-<dt>the network connection that requested the content was closed before</dt>
-<dt>compression completed. This would cause mod_deflate to consume large</dt>
-<dt>amounts of CPU if mod_deflate was enabled for a large file.</dt>
-<dd>
-<p>Issue public: 26th June 2009<br></br>Update released:
- 27th July 2009<br></br></p>
-</dd>
-<dd>
-<p>Affected: 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3,
+<p>A denial of service flaw was found in the mod_deflate module. This module
+continued to compress large files until compression was complete, even if
+the network connection that requested the content was closed before
+compression completed. This would cause mod_deflate to consume large
+amounts of CPU if mod_deflate was enabled for a large file.</p>
+<p>Issue public: 26th June 2009</p>
+<p>Update released: 27th July 2009</p>
+<p>Affected: 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3,<br />
  2.2.2, 2.2.0</p>
 </dd>
+<dt>low: <name name="CVE-2009-1195">AllowOverride Options handling bypass</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195">CVE-2009-1195</a></dt>
 <dd>
-<p><strong>low:</strong>  <strong><name name="CVE-2009-1195">AllowOverride Options handling
-  bypass</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195">CVE-2009-1195</a> </p>
-</dd>
-<dt>A flaw was found in the handling of the "Options" and "AllowOverride"</dt>
-<dt>directives. In configurations using the "AllowOverride" directive with</dt>
-<dt>certain "Options=" arguments, local users were not restricted from</dt>
-<dt>executing commands from a Server-Side-Include script as intended.</dt>
-<dd>
-<p>Reported to security team: 9th March 2009<br></br>Issue public:
- 22nd April 2009<br></br>Update released: 27th July 2009<br></br></p>
-</dd>
-<dd>
-<p>Affected: 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3,
+<p>A flaw was found in the handling of the "Options" and "AllowOverride"
+directives. In configurations using the "AllowOverride" directive with
+certain "Options=" arguments, local users were not restricted from
+executing commands from a Server-Side-Include script as intended.</p>
+<p>Reported to security team: 9th March 2009</p>
+<p>Issue public: 22nd April 2009</p>
+<p>Update released: 27th July 2009</p>
+<p>Affected: 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3,<br />
  2.2.2, 2.2.0</p>
 </dd>
+<dt>moderate: <name name="CVE-2009-1956">APR-util off-by-one overflow</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956">CVE-2009-1956</a></dt>
 <dd>
-<p><strong>moderate:</strong>  <strong><name name="CVE-2009-1956">APR-util off-by-one
-  overflow</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956">CVE-2009-1956</a> </p>
-</dd>
-<dt>An off-by-one overflow flaw was found in the way the bundled copy of the</dt>
-<dt>APR-util library processed a variable list of arguments. An attacker could</dt>
-<dt>provide a specially-crafted string as input for the formatted output</dt>
-<dt>conversion routine, which could, on big-endian platforms, potentially lead</dt>
-<dt>to the disclosure of sensitive information or a denial of service.</dt>
-<dd>
-<p>Issue public: 24th April 2009<br></br>Update released:
- 72th  2009<br></br></p>
-</dd>
-<dd>
-<p>Affected: 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3,
+<p>An off-by-one overflow flaw was found in the way the bundled copy of the
+APR-util library processed a variable list of arguments. An attacker could
+provide a specially-crafted string as input for the formatted output
+conversion routine, which could, on big-endian platforms, potentially lead
+to the disclosure of sensitive information or a denial of service.</p>
+<p>Issue public: 24th April 2009</p>
+<p>Update released: 72th  2009</p>
+<p>Affected: 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3,<br />
  2.2.2, 2.2.0</p>
 </dd>
+<dt>moderate: <name name="CVE-2009-1955">APR-util XML DoS</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955">CVE-2009-1955</a></dt>
 <dd>
-<p><strong>moderate:</strong>  <strong><name name="CVE-2009-1955">APR-util XML DoS</name></strong></p>
-<p><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955">CVE-2009-1955</a> 
-A denial of service flaw was found in the bundled copy of the APR-util
+<p>A denial of service flaw was found in the bundled copy of the APR-util
 library Extensible Markup Language (XML) parser. A remote attacker could
 create a specially-crafted XML document that would cause excessive memory
 consumption when processed by the XML decoding engine.</p>
-</dd>
-<dd>
-<p>Issue public: 1st June 2009<br></br>Update released:
- 27th July 2009<br></br></p>
-</dd>
-<dd>
-<p>Affected: 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3,
+<p>Issue public: 1st June 2009</p>
+<p>Update released: 27th July 2009</p>
+<p>Affected: 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3,<br />
  2.2.2, 2.2.0</p>
 </dd>
+<dt>moderate: <name name="CVE-2009-0023">APR-util heap underwrite</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023">CVE-2009-0023</a></dt>
 <dd>
-<p><strong>moderate:</strong>  <strong><name name="CVE-2009-0023">APR-util heap
-  underwrite</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023">CVE-2009-0023</a> </p>
-</dd>
-<dt>A heap-based underwrite flaw was found in the way the bundled copy of the</dt>
-<dt>APR-util library created compiled forms of particular search patterns. An</dt>
-<dt>attacker could formulate a specially-crafted search keyword, that would</dt>
-<dt>overwrite arbitrary heap memory locations when processed by the pattern</dt>
-<dt>preparation engine.</dt>
-<dd>
-<p>Issue public: 1st June 2009<br></br>Update released:
- 27th July 2009<br></br></p>
-</dd>
-<dd>
-<p>Affected: 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3,
+<p>A heap-based underwrite flaw was found in the way the bundled copy of the
+APR-util library created compiled forms of particular search patterns. An
+attacker could formulate a specially-crafted search keyword, that would
+overwrite arbitrary heap memory locations when processed by the pattern
+preparation engine.</p>
+<p>Issue public: 1st June 2009</p>
+<p>Update released: 27th July 2009</p>
+<p>Affected: 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3,<br />
  2.2.2, 2.2.0</p>
 </dd>
 </dl>
 <h1 id="2.2.10">Fixed in Apache httpd 2.2.10</h1>
 <dl>
-<dd><strong>important:</strong>  <strong><name name="CVE-2010-2791">Timeout detection flaw
-  (mod_proxy_http)</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2791">CVE-2010-2791</a> </dd>
-</dl>
+<dt><strong>important:</strong>  <strong><name name="CVE-2010-2791">Timeout detection flaw (mod_proxy_http)</name></strong></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2791">CVE-2010-2791</a></dt>
+<dd>
 <p>An information disclosure flaw was found in mod_proxy_http in version 2.2.9
 only, on Unix platforms. Under certain timeout conditions, the server could
 return a response intended for another user. Only those configurations
 which trigger the use of proxy worker pools are affected. There was no
 vulnerability on earlier versions, as proxy pools were not yet introduced.
 The simplest workaround is to globally configure:</p>
-<dl>
-<dt>SetEnv proxy-nokeepalive 1</dt>
-<dd>
-<p>Issue public: 23rd July 2010<br></br>Update released:
- 31st October 2008<br></br></p>
-</dd>
-<dd>
+<p>SetEnv proxy-nokeepalive 1</p>
+<p>Issue public: 23rd July 2010</p>
+<p>Update released: 31st October 2008</p>
 <p>Affected: 2.2.9</p>
 </dd>
+<dt>low: <name name="CVE-2008-2939">mod_proxy_ftp globbing XSS</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939">CVE-2008-2939</a></dt>
 <dd>
-<p><strong>low:</strong>  <strong><name name="CVE-2008-2939">mod_proxy_ftp globbing
-  XSS</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939">CVE-2008-2939</a> </p>
-</dd>
-<dt>A flaw was found in the handling of wildcards in the path of a FTP URL with</dt>
-<dt>mod_proxy_ftp. If mod_proxy_ftp is enabled to support FTP-over-HTTP,</dt>
-<dt>requests containing globbing characters could lead to cross-site scripting</dt>
-<dt>(XSS) attacks.</dt>
-<dd>
-<p>Reported to security team: 28th July 2008<br></br>Issue public:
- 5th August 2008<br></br>Update released:
- 31st October 2008<br></br></p>
-</dd>
-<dd>
+<p>A flaw was found in the handling of wildcards in the path of a FTP URL with
+mod_proxy_ftp. If mod_proxy_ftp is enabled to support FTP-over-HTTP,
+requests containing globbing characters could lead to cross-site scripting
+(XSS) attacks.</p>
+<p>Reported to security team: 28th July 2008</p>
+<p>Issue public: 5th August 2008</p>
+<p>Update released: 31st October 2008</p>
 <p>Affected: 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
 </dl>
 <h1 id="2.2.9">Fixed in Apache httpd 2.2.9</h1>
 <dl>
-<dd><strong>low:</strong>  <strong><name name="CVE-2007-6420">mod_proxy_balancer
-  CSRF</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6420">CVE-2007-6420</a> </dd>
-<dt>The mod_proxy_balancer provided an administrative interface that could be</dt>
-<dt>vulnerable to cross-site request forgery (CSRF) attacks.</dt>
-<dd>
-<p>Reported to security team: 12th October 2007<br></br>Issue public:
- 9th January 2008<br></br>Update released: 14th June 2008<br></br></p>
-</dd>
+<dt>low: <name name="CVE-2007-6420">mod_proxy_balancer CSRF</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6420">CVE-2007-6420</a></dt>
 <dd>
+<p>The mod_proxy_balancer provided an administrative interface that could be
+vulnerable to cross-site request forgery (CSRF) attacks.</p>
+<p>Reported to security team: 12th October 2007</p>
+<p>Issue public: 9th January 2008</p>
+<p>Update released: 14th June 2008</p>
 <p>Affected: 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
+<dt>moderate: name name="CVE-2008-2364"&gt;mod_proxy_http DoS</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364">CVE-2008-2364</a></dt>
 <dd>
-<p><strong>moderate:</strong>  <strong><name name="CVE-2008-2364">mod_proxy_http
-  DoS</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364">CVE-2008-2364</a> </p>
-</dd>
-<dt>A flaw was found in the handling of excessive interim responses from an</dt>
-<dt>origin server when using mod_proxy_http. A remote attacker could cause a</dt>
-<dt>denial of service or high memory usage.</dt>
-<dd>
-<p>Reported to security team: 29th May 2008<br></br>Issue public:
- 10th June 2008<br></br>Update released: 14th June 2008<br></br></p>
-</dd>
-<dd>
+<p>A flaw was found in the handling of excessive interim responses from an
+origin server when using mod_proxy_http. A remote attacker could cause a
+denial of service or high memory usage.</p>
+<p>Reported to security team: 29th May 2008</p>
+<p>Issue public: 10th June 2008</p>
+<p>Update released: 14th June 2008</p>
 <p>Affected: 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
 </dl>
 <h1 id="2.2.8">Fixed in Apache httpd 2.2.8</h1>
 <dl>
-<dd><strong>low:</strong>  <strong><name name="CVE-2008-0005">mod_proxy_ftp UTF-7
-  XSS</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005">CVE-2008-0005</a> </dd>
-<dt>A workaround was added in the mod_proxy_ftp module. On sites where</dt>
-<dt>mod_proxy_ftp is enabled and a forward proxy is configured, a cross-site</dt>
-<dt>scripting attack is possible against Web browsers which do not correctly</dt>
-<dt>derive the response character set following the rules in RFC 2616.</dt>
-<dd>
-<p>Reported to security team: 15th December 2007<br></br>Issue public:
- 8th January 2008<br></br>Update released:
- 19th January 2008<br></br></p>
-</dd>
+<dt>low: <name name="CVE-2008-0005">mod_proxy_ftp UTF-7 XSS</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005">CVE-2008-0005</a></dt>
 <dd>
+<p>A workaround was added in the mod_proxy_ftp module. On sites where
+mod_proxy_ftp is enabled and a forward proxy is configured, a cross-site
+scripting attack is possible against Web browsers which do not correctly
+derive the response character set following the rules in RFC 2616.</p>
+<p>Reported to security team: 15th December 2007</p>
+<p>Issue public: 8th January 2008</p>
+<p>Update released: 19th January 2008</p>
 <p>Affected: 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
+<dt>low: <name name="CVE-2007-6422">mod_proxy_balancer DoS</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422">CVE-2007-6422</a></dt>
 <dd>
-<p><strong>low:</strong>  <strong><name name="CVE-2007-6422">mod_proxy_balancer
-  DoS</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422">CVE-2007-6422</a> </p>
-</dd>
-<dt>A flaw was found in the mod_proxy_balancer module. On sites where</dt>
-<dt>mod_proxy_balancer is enabled, an authorized user could send a carefully</dt>
-<dt>crafted request that would cause the Apache child process handling that</dt>
-<dt>request to crash. This could lead to a denial of service if using a</dt>
-<dt>threaded Multi-Processing Module.</dt>
-<dd>
-<p>Reported to security team: 12th December 2007<br></br>Issue public:
- 2nd January 2008<br></br>Update released:
- 19th January 2008<br></br></p>
-</dd>
-<dd>
+<p>A flaw was found in the mod_proxy_balancer module. On sites where
+mod_proxy_balancer is enabled, an authorized user could send a carefully
+crafted request that would cause the Apache child process handling that
+request to crash. This could lead to a denial of service if using a
+threaded Multi-Processing Module.</p>
+<p>Reported to security team: 12th December 2007</p>
+<p>Issue public: 2nd January 2008</p>
+<p>Update released: 19th January 2008</p>
 <p>Affected: 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
+<dt>low: <name name="CVE-2007-6421">mod_proxy_balancer XSS</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421">CVE-2007-6421</a></dt>
 <dd>
-<p><strong>low:</strong>  <strong><name name="CVE-2007-6421">mod_proxy_balancer
-  XSS</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421">CVE-2007-6421</a> </p>
-</dd>
-<dt>A flaw was found in the mod_proxy_balancer module. On sites where</dt>
-<dt>mod_proxy_balancer is enabled, a cross-site scripting attack against an</dt>
-<dt>authorized user is possible.</dt>
-<dd>
-<p>Reported to security team: 12th December 2007<br></br>Issue public:
- 2nd January 2008<br></br>Update released:
- 19th January 2008<br></br></p>
-</dd>
-<dd>
+<p>A flaw was found in the mod_proxy_balancer module. On sites where
+mod_proxy_balancer is enabled, a cross-site scripting attack against an
+authorized user is possible.</p>
+<p>Reported to security team: 12th December 2007</p>
+<p>Issue public: 2nd January 2008</p>
+<p>Update released: 19th January 2008</p>
 <p>Affected: 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
+<dt>moderate: <name name="CVE-2007-6388">mod_status XSS</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388">*CVE-2007-6388</a></dt>
 <dd>
-<p><strong>moderate:</strong>  <strong><name name="CVE-2007-6388">mod_status XSS</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388">CVE-2007-6388</a> </p>
-</dd>
-<dt>A flaw was found in the mod_status module. On sites where mod_status is</dt>
-<dt>enabled and the status pages were publicly accessible, a cross-site</dt>
-<dt>scripting attack is possible. Note that the server-status page is not</dt>
-<dt>enabled by default and it is best practice to not make this publicly</dt>
-<dt>available.</dt>
-<dd>
-<p>Reported to security team: 15th December 2007<br></br>Issue public:
- 2nd January 2008<br></br>Update released:
- 19th January 2008<br></br></p>
-</dd>
-<dd>
+<p>A flaw was found in the mod_status module. On sites where mod_status is
+enabled and the status pages were publicly accessible, a cross-site
+scripting attack is possible. Note that the server-status page is not
+enabled by default and it is best practice to not make this publicly
+available.</p>
+<p>Reported to security team: 15th December 2007</p>
+<p>Issue public: 2nd January 2008</p>
+<p>Update released: 19th January 2008</p>
 <p>Affected: 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
+<dt>moderate: <name name="CVE-2007-5000">mod_imagemap XSS</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000">CVE-2007-5000</a></dt>
 <dd>
-<p><strong>moderate:</strong>  <strong><name name="CVE-2007-5000">mod_imagemap XSS</name></strong></p>
-<p><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000">CVE-2007-5000</a> 
-A flaw was found in the mod_imagemap module. On sites where mod_imagemap is
+<p>A flaw was found in the mod_imagemap module. On sites where mod_imagemap is
 enabled and an imagemap file is publicly available, a cross-site scripting
 attack is possible.</p>
-</dd>
-<dd>
-<p>Reported to security team: 23rd October 2007<br></br>Issue public:
- 11th December 2007<br></br>Update released:
- 19th January 2008<br></br></p>
-</dd>
-<dd>
+<p>Reported to security team: 23rd October 2007</p>
+<p>Issue public: 11th December 2007</p>
+<p>Update released: 19th January 2008</p>
 <p>Affected: 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
 </dl>
 <h1 id="2.2.6">Fixed in Apache httpd 2.2.6</h1>
 <dl>
-<dd><strong>moderate:</strong>  <strong><name name="CVE-2007-3847">mod_proxy crash</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847">CVE-2007-3847</a> </dd>
-<dt>A flaw was found in the Apache HTTP Server mod_proxy module. On sites where</dt>
-<dt>a reverse proxy is configured, a remote attacker could send a carefully</dt>
-<dt>crafted request that would cause the Apache child process handling that</dt>
-<dt>request to crash. On sites where a forward proxy is configured, an attacker</dt>
-<dt>could cause a similar crash if a user could be persuaded to visit a</dt>
-<dt>malicious site using the proxy. This could lead to a denial of service if</dt>
-<dt>using a threaded Multi-Processing Module.</dt>
-<dd>
-<p>Issue public: 10th December 2006<br></br>Update released:
- 7th September 2007<br></br></p>
-</dd>
+<dt>moderate: <name name="CVE-2007-3847">mod_proxy crash</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847">CVE-2007-3847</a></dt>
 <dd>
+<p>A flaw was found in the Apache HTTP Server mod_proxy module. On sites where
+a reverse proxy is configured, a remote attacker could send a carefully
+crafted request that would cause the Apache child process handling that
+request to crash. On sites where a forward proxy is configured, an attacker
+could cause a similar crash if a user could be persuaded to visit a
+malicious site using the proxy. This could lead to a denial of service if
+using a threaded Multi-Processing Module.</p>
+<p>Issue public: 10th December 2006</p>
+<p>Update released: 7th September 2007</p>
 <p>Affected: 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
+<dt>moderate: <name name="CVE-2006-5752">mod_status cross-site scripting</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752">CVE-2006-5752</a></dt>
 <dd>
-<p><strong>moderate:</strong>  <strong><name name="CVE-2006-5752">mod_status cross-site
-  scripting</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752">CVE-2006-5752</a> </p>
-</dd>
-<dt>A flaw was found in the mod_status module. On sites where the server-status</dt>
-<dt>page is publicly accessible and ExtendedStatus is enabled this could lead</dt>
-<dt>to a cross-site scripting attack. Note that the server-status page is not</dt>
-<dt>enabled by default and it is best practice to not make this publicly</dt>
-<dt>available.</dt>
-<dd>
-<p>Reported to security team: 19th October 2006<br></br>Issue public:
- 20th June 2007<br></br>Update released:
- 7th September 2007<br></br></p>
-</dd>
-<dd>
+<p>A flaw was found in the mod_status module. On sites where the server-status
+page is publicly accessible and ExtendedStatus is enabled this could lead
+to a cross-site scripting attack. Note that the server-status page is not
+enabled by default and it is best practice to not make this publicly
+available.</p>
+<p>Reported to security team: 19th October 2006</p>
+<p>Issue public: 20th June 2007</p>
+<p>Update released: 7th September 2007</p>
 <p>Affected: 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
+<dt>moderate: <name name="CVE-2007-3304">Signals to arbitrary processes</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304">CVE-2007-3304</a></dt>
 <dd>
-<p><strong>moderate:</strong>  <strong><name name="CVE-2007-3304">Signals to arbitrary
-  processes</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304">CVE-2007-3304</a> </p>
-</dd>
-<dt>The Apache HTTP server did not verify that a process was an Apache child</dt>
-<dt>process before sending it signals. A local attacker with the ability to run</dt>
-<dt>scripts on the HTTP server could manipulate the scoreboard and cause</dt>
-<dt>arbitrary processes to be terminated which could lead to a denial of</dt>
-<dt>service.</dt>
-<dd>
-<p>Reported to security team: 15th May 2006<br></br>Issue public:
- 19th June 2007<br></br>Update released:
- 7th September 2007<br></br></p>
-</dd>
-<dd>
+<p>The Apache HTTP server did not verify that a process was an Apache child
+process before sending it signals. A local attacker with the ability to run
+scripts on the HTTP server could manipulate the scoreboard and cause
+arbitrary processes to be terminated which could lead to a denial of
+service.</p>
+<p>Reported to security team: 15th May 2006</p>
+<p>Issue public: 19th June 2007</p>
+<p>Update released: 7th September 2007</p>
 <p>Affected: 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
+<dt>moderate: <name name="CVE-2007-1862">mod_cache information leak</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862">CVE-2007-1862</a></dt>
 <dd>
-<p><strong>moderate:</strong>  <strong><name name="CVE-2007-1862">mod_cache information
-  leak</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862">CVE-2007-1862</a> </p>
-</dd>
-<dt>The recall_headers function in mod_mem_cache in Apache 2.2.4 did not</dt>
-<dt>properly copy all levels of header data, which can cause Apache to return</dt>
-<dt>HTTP headers containing previously used data, which could be used by remote</dt>
-<dt>attackers to obtain potentially sensitive information.</dt>
-<dd>
-<p>Reported to security team: 26th April 2007<br></br>Issue public:
- 1st June 2007<br></br>Update released: 7th September 2007<br></br></p>
-</dd>
-<dd>
+<p>The recall_headers function in mod_mem_cache in Apache 2.2.4 did not
+properly copy all levels of header data, which can cause Apache to return
+HTTP headers containing previously used data, which could be used by remote
+attackers to obtain potentially sensitive information.</p>
+<p>Reported to security team: 26th April 2007</p>
+<p>Issue public: 1st June 2007</p>
+<p>Update released: 7th September 2007</p>
 <p>Affected: 2.2.4</p>
 </dd>
+<dt>moderate: <name name="CVE-2007-1863">mod_cache proxy DoS</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863">CVE-2007-1863</a></dt>
 <dd>
-<p><strong>moderate:</strong>  <strong><name name="CVE-2007-1863">mod_cache proxy
-  DoS</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863">CVE-2007-1863</a> </p>
-</dd>
-<dt>A bug was found in the mod_cache module. On sites where caching is enabled,</dt>
-<dt>a remote attacker could send a carefully crafted request that would cause</dt>
-<dt>the Apache child process handling that request to crash. This could lead to</dt>
-<dt>a denial of service if using a threaded Multi-Processing Module.</dt>
-<dd>
-<p>Reported to security team: 2nd May 2007<br></br>Issue public:
- 18th June 2007<br></br>Update released:
- 7th September 2007<br></br></p>
-</dd>
-<dd>
+<p>A bug was found in the mod_cache module. On sites where caching is enabled,
+a remote attacker could send a carefully crafted request that would cause
+the Apache child process handling that request to crash. This could lead to
+a denial of service if using a threaded Multi-Processing Module.</p>
+<p>Reported to security team: 2nd May 2007</p>
+<p>Issue public: 18th June 2007</p>
+<p>Update released: 7th September 2007</p>
 <p>Affected: 2.2.4, 2.2.3, 2.2.2, 2.2.0</p>
 </dd>
 </dl>
 <h1 id="2.2.3">Fixed in Apache httpd 2.2.3</h1>
 <dl>
-<dd><strong>important:</strong>  <strong><name name="CVE-2006-3747">mod_rewrite off-by-one
-  error</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747">CVE-2006-3747</a> </dd>
-<dt>An off-by-one flaw exists in the Rewrite module, mod_rewrite. Depending on</dt>
-<dt>the manner in which Apache httpd was compiled, this software defect may</dt>
-<dt>result in a vulnerability which, in combination with certain types of</dt>
-<dt>Rewrite rules in the web server configuration files, could be triggered</dt>
-<dt>remotely. For vulnerable builds, the nature of the vulnerability can be</dt>
-<dt>denial of service (crashing of web server processes) or potentially allow</dt>
-<dt>arbitrary code execution.</dt>
-<dd>
-<p>Reported to security team: 21st July 2006<br></br>Issue public:
- 27th July 2006<br></br>Update released: 27th July 2006<br></br></p>
-</dd>
+<dt><strong>important: <name name="CVE-2006-3747">mod_rewrite off-by-one error</name></strong></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747">CVE-2006-3747</a></dt>
 <dd>
+<p>An off-by-one flaw exists in the Rewrite module, mod_rewrite. Depending on
+the manner in which Apache httpd was compiled, this software defect may
+result in a vulnerability which, in combination with certain types of
+Rewrite rules in the web server configuration files, could be triggered
+remotely. For vulnerable builds, the nature of the vulnerability can be
+denial of service (crashing of web server processes) or potentially allow
+arbitrary code execution.</p>
+<p>Reported to security team: 21st July 2006</p>
+<p>Issue public: 27th July 2006</p>
+<p>Update released: 27th July 2006</p>
 <p>Affected: 2.2.2, 2.2.0</p>
 </dd>
 </dl>
 <h1 id="2.2.2">Fixed in Apache httpd 2.2.2</h1>
 <dl>
-<dd><strong>low:</strong>  <strong><name name="CVE-2005-3357">mod_ssl access control
-  DoS</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357">CVE-2005-3357</a> </dd>
-<dt>A NULL pointer dereference flaw in mod_ssl was discovered affecting server</dt>
-<dt>configurations where an SSL virtual host is configured with access control</dt>
-<dt>and a custom 400 error document. A remote attacker could send a carefully</dt>
-<dt>crafted request to trigger this issue which would lead to a crash. This</dt>
-<dt>crash would only be a denial of service if using the worker MPM.</dt>
-<dd>
-<p>Reported to security team: 5th December 2005<br></br>Issue public:
- 12th December 2005<br></br>Update released: 1st May 2006<br></br></p>
-</dd>
+<dt>low: <name name="CVE-2005-3357">mod_ssl access control DoS</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357">CVE-2005-3357</a></dt>
 <dd>
+<p>A NULL pointer dereference flaw in mod_ssl was discovered affecting server
+configurations where an SSL virtual host is configured with access control
+and a custom 400 error document. A remote attacker could send a carefully
+crafted request to trigger this issue which would lead to a crash. This
+crash would only be a denial of service if using the worker MPM.</p>
+<p>Reported to security team: 5th December 2005</p>
+<p>Issue public: 12th December 2005</p>
+<p>Update released: 1st May 2006</p>
 <p>Affected: 2.2.0</p>
 </dd>
+<dt>moderate: <name name="CVE-2005-3352">mod_imap Referer Cross-Site Scripting</name></dt>
+<dt><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352">CVE-2005-3352</a></dt>
 <dd>
-<p><strong>moderate:</strong>  <strong><name name="CVE-2005-3352">mod_imap Referer
-  Cross-Site Scripting</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352">CVE-2005-3352</a> </p>
-</dd>
-<dt>A flaw in mod_imap when using the Referer directive with image maps. In</dt>
-<dt>certain site configurations a remote attacker could perform a cross-site</dt>
-<dt>scripting attack if a victim can be forced to visit a malicious URL using</dt>
-<dt>certain web browsers.</dt>
-<dd>
-<p>Reported to security team: 1st November 2005<br></br>Issue public:
- 12th December 2005<br></br>Update released: 1st May 2006<br></br></p>
-</dd>
-<dd>
+<p>A flaw in mod_imap when using the Referer directive with image maps. In
+certain site configurations a remote attacker could perform a cross-site
+scripting attack if a victim can be forced to visit a malicious URL using
+certain web browsers.</p>
+<p>Reported to security team: 1st November 2005</p>
+<p>Issue public: 12th December 2005</p>
+<p>Update released: 1st May 2006</p>
 <p>Affected: 2.2.0</p>
 </dd>
 </dl>



Mime
View raw message