Apache VCL is vulnerable to improper input verification. vulnerability level: severe.
Affected Versions include: 2.1, 2.2, 2.2.1, 2.3, and 2.3.1.
Solution:
Upgrade Apache VCL 2.3 and 2.3.1 to version 2.3.2 as soon as possible.Upgrade Apache VCL 2.2 and 2.2.1 to version 2.2.2 as soon as possible.Upgrade
Apache vulnerability repair
Today, I was commissioned by my colleagues to fix the Apache vulnerability on a server, mainly in the following aspects:
1. Apache httpd remote denial of service(Medium risk)
Solution: Set Apache HTTP
Recently, a foreign security researcher found a vulnerability on the Apache server that uses the Rewritelog () function in the modules/mappers/mod_rewrite.c file to incorrectly process certain escape sequences, as a result, malicious attackers can inject specially crafted HTTP requests into log files. If an HTTP request contains the escape sequence of the terminal simulator, attackers may be allowed to exec
Release date:Updated on:
Affected Systems:Apache Group Tomcat 6.0.33-6.0.37Description:--------------------------------------------------------------------------------Bugtraq id: 65769CVE (CAN) ID: CVE-2014-0033
Apache Tomcat is a popular open-source JSP application server program.
Tomcat 6.0.33-6.0.37 has a session fixation vulnerability in the implementation of disableURLRewriting. Attackers can exploi
Installation of the Apache Stress test toolInstallation of 1,apache BenchApache Bench tools are integrated in the HTTP software package and can be installed directly by Apache.When there are times when we don't need to use all the packages, we just need to install one of the components to install them,For example Apache
Apache Batik Information Leakage Vulnerability (CVE-2015-0250)
Release date:Updated on:
Affected Systems:Apache Group Batik Description:CVE (CAN) ID: CVE-2015-0250
Batik is a Java-based application toolkit that uses the SVG format for multiple purposes, such as viewing, controlling, or manipulating.
In versions earlier than Apache Batik 1.8, the XML external
Apache HTTP Server DoS Vulnerability (CVE-2016-1546)Apache HTTP Server DoS Vulnerability (CVE-2016-1546)
Release date:Updated on:Affected Systems:
Apache Group HTTP Server 2.4.18Apache Group HTTP Server 2.4.17
Description:
CVE (CAN) ID: CVE-2016-1546Apache HTTP Server
Release date:Updated on:
Affected Systems:Apache Group Camel Apache Group Camel Description:--------------------------------------------------------------------------------CVE (CAN) ID: CVE-2014-0002
Apache Camel is an open-source integration framework based on a known enterprise-level integration model.
The XSLT components of Apache Camel 2.11.0-2.11.3 and
Release date:Updated on:
Affected Systems:Debian Linux 6.0 xDescription:--------------------------------------------------------------------------------Bugtraq id: 55154
Apache HTTP Server (Apache) is an open source web Server of the Apache Software Foundation. It can run in most computer operating systems. It is widely used for its multi-platform and security,
Apache Cordova For Android Security Restriction Bypass Vulnerability (CVE-2014-3500)
Release date:Updated on:
Affected Systems:Apache Group Cordova Description:--------------------------------------------------------------------------------Bugtraq id: 69038CVE (CAN) ID: CVE-2014-3500Apache Cordova is a platform for building local mobile applications using HTML, CSS, and JavaScript.Android applications built
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.