Apache HTTP server is prone to a security-bypass vulnerability related to the handling of specific configuration directives. A local attacker may exploit this issue to execute arbitrary code within the context of the webserver process. This may result in elevated privileges or aid in further attacks. Versions prior to Apache 2.2.9 are vulnerable.
Updates are available. Please see http://httpd.apache.org/ for more Information.
Updated on 2015-03-25
- Cross-Site Scripting in Cherokee Error Pages
- bozohttpd Security Bypass Vulnerability
- Cherokee Terminal Escape Sequence in Logs Command Injection Vulnerability
- IBM WebSphere Application Server Administration Console DoS vulnerability
- IBM WebSphere Application Server Administration Directory Traversal Vulnerability