You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by bu...@apache.org on 2012/05/06 16:18:10 UTC
svn commit: r816029 [20/23] - in /websites/staging/httpd/trunk/content: ./
apreq/ apreq/docs/ apreq/docs/libapreq2/ contributors/ css/ dev/
dev/images/ dev/whiteboard/ docs-project/ docs/ images/ info/
info/css-security/ library/ mod_fcgid/ mod_ftp/ mo...
Added: websites/staging/httpd/trunk/content/security/vulnerabilities-httpd.xml
==============================================================================
--- websites/staging/httpd/trunk/content/security/vulnerabilities-httpd.xml (added)
+++ websites/staging/httpd/trunk/content/security/vulnerabilities-httpd.xml Sun May 6 14:18:02 2012
@@ -0,0 +1,4073 @@
+<security updated="20120418">
+
+<issue fixed="2.4.2" reported="20120214" public="20120302" released="20120417">
+<cve name="CVE-2012-0883"/>
+<severity level="4">low</severity>
+<title>insecure LD_LIBRARY_PATH handling</title>
+<description><p>
+Insecure handling of LD_LIBRARY_PATH was found that could
+lead to the current working directory to be searched for DSOs.
+This could allow a local user to execute code as root if an
+administrator runs apachectl from an untrusted directory.
+</p>
+</description>
+<affects prod="httpd" version="2.4.1"/>
+</issue>
+
+<issue fixed="2.2.22" reported="20111004" public="20111102" released="20120131">
+<cve name="CVE-2011-3607"/>
+<severity level="4">low</severity>
+<title>mod_setenvif .htaccess privilege escalation</title>
+<description><p>
+An integer overflow flaw was found which, when the mod_setenvif module
+is enabled, could allow local users to gain privileges via a .htaccess
+file.
+</p>
+</description>
+<acknowledgements>
+This issue was reported by halfdog
+</acknowledgements>
+<affects prod="httpd" version="2.2.21"/>
+<affects prod="httpd" version="2.2.20"/>
+<affects prod="httpd" version="2.2.19"/>
+<affects prod="httpd" version="2.2.18"/>
+<affects prod="httpd" version="2.2.17"/>
+<affects prod="httpd" version="2.2.16"/>
+<affects prod="httpd" version="2.2.15"/>
+<affects prod="httpd" version="2.2.14"/>
+<affects prod="httpd" version="2.2.13"/>
+<affects prod="httpd" version="2.2.12"/>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.22" reported="20111020" public="20120122" released="20120131">
+<cve name="CVE-2011-4317"/>
+<severity level="3">moderate</severity>
+<title>mod_proxy reverse proxy exposure </title>
+<description><p>
+An additional exposure was found when using mod_proxy in reverse proxy
+mode. In certain configurations using RewriteRule with proxy flag or
+ProxyPassMatch, a remote attacker could cause the reverse proxy to
+connect to an arbitrary server, possibly disclosing sensitive
+information from internal web servers not directly accessible to
+attacker.
+</p>
+</description>
+<acknowledgements>
+This issue was reported by Prutha Parikh of Qualys
+</acknowledgements>
+<affects prod="httpd" version="2.2.21"/>
+<affects prod="httpd" version="2.2.20"/>
+<affects prod="httpd" version="2.2.19"/>
+<affects prod="httpd" version="2.2.18"/>
+<affects prod="httpd" version="2.2.17"/>
+<affects prod="httpd" version="2.2.16"/>
+<affects prod="httpd" version="2.2.15"/>
+<affects prod="httpd" version="2.2.14"/>
+<affects prod="httpd" version="2.2.13"/>
+<affects prod="httpd" version="2.2.12"/>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.22" reported="20111230" public="20111128" released="20120131">
+<cve name="CVE-2012-0021"/>
+<severity level="4">low</severity>
+<title>mod_log_config crash</title>
+<description><p>
+A flaw was found in mod_log_config. If the '%{cookiename}C' log format string
+is in use, a remote attacker could send a specific cookie causing a crash.
+This crash would only be a denial of service if using a threaded MPM.
+</p>
+</description>
+<affects prod="httpd" version="2.2.21"/>
+<affects prod="httpd" version="2.2.20"/>
+<affects prod="httpd" version="2.2.19"/>
+<affects prod="httpd" version="2.2.18"/>
+<affects prod="httpd" version="2.2.17"/>
+</issue>
+
+<issue fixed="2.2.22" reported="20111230" public="20120111" released="20120131">
+<cve name="CVE-2012-0031"/>
+<severity level="4">low</severity>
+<title>scoreboard parent DoS</title>
+<description><p>
+A flaw was found in the handling of the scoreboard. An
+unprivileged child process could cause the parent process to crash at
+shutdown rather than terminate cleanly.
+</p>
+</description>
+<acknowledgements>
+This issue was reported by halfdog
+</acknowledgements>
+<affects prod="httpd" version="2.2.21"/>
+<affects prod="httpd" version="2.2.20"/>
+<affects prod="httpd" version="2.2.19"/>
+<affects prod="httpd" version="2.2.18"/>
+<affects prod="httpd" version="2.2.17"/>
+<affects prod="httpd" version="2.2.16"/>
+<affects prod="httpd" version="2.2.15"/>
+<affects prod="httpd" version="2.2.14"/>
+<affects prod="httpd" version="2.2.13"/>
+<affects prod="httpd" version="2.2.12"/>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.22" reported="20120115" public="20120123" released="20120131">
+<cve name="CVE-2012-0053"/>
+<severity level="3">moderate</severity>
+<title>error responses can expose cookies</title>
+<description><p>
+A flaw was found in the default error response for status code 400. This flaw could
+be used by an attacker to expose "httpOnly" cookies
+when no custom ErrorDocument is specified.
+</p>
+</description>
+<acknowledgements>
+This issue was reported by Norman Hippert
+</acknowledgements>
+<affects prod="httpd" version="2.2.21"/>
+<affects prod="httpd" version="2.2.20"/>
+<affects prod="httpd" version="2.2.19"/>
+<affects prod="httpd" version="2.2.18"/>
+<affects prod="httpd" version="2.2.17"/>
+<affects prod="httpd" version="2.2.16"/>
+<affects prod="httpd" version="2.2.15"/>
+<affects prod="httpd" version="2.2.14"/>
+<affects prod="httpd" version="2.2.13"/>
+<affects prod="httpd" version="2.2.12"/>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.22" reported="20110916" public="20111005" released="20120131">
+<cve name="CVE-2011-3368"/>
+<severity level="3">moderate</severity>
+<title>mod_proxy reverse proxy exposure</title>
+<description><p>
+An exposure was found when using mod_proxy in reverse proxy mode.
+In certain configurations using RewriteRule with proxy flag or
+ProxyPassMatch, a remote attacker could cause the reverse proxy to
+connect to an arbitrary server, possibly disclosing sensitive
+information from internal web servers not directly accessible to
+attacker.</p>
+</description>
+<acknowledgements>
+This issue was reported by Context Information Security Ltd
+</acknowledgements>
+<affects prod="httpd" version="2.2.21"/>
+<affects prod="httpd" version="2.2.20"/>
+<affects prod="httpd" version="2.2.19"/>
+<affects prod="httpd" version="2.2.18"/>
+<affects prod="httpd" version="2.2.17"/>
+<affects prod="httpd" version="2.2.16"/>
+<affects prod="httpd" version="2.2.15"/>
+<affects prod="httpd" version="2.2.14"/>
+<affects prod="httpd" version="2.2.13"/>
+<affects prod="httpd" version="2.2.12"/>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.0.65-dev" reported="20110916" public="20111005" released="">
+<cve name="CVE-2011-3368"/>
+<severity level="3">moderate</severity>
+<title>mod_proxy reverse proxy exposure</title>
+<description><p>
+An exposure was found when using mod_proxy in reverse proxy mode.
+In certain configurations using RewriteRule with proxy flag or
+ProxyPassMatch, a remote attacker could cause the reverse proxy to
+connect to an arbitrary server, possibly disclosing sensitive
+information from internal web servers not directly accessible to
+attacker.</p>
+</description>
+<acknowledgements>
+This issue was reported by Context Information Security Ltd
+</acknowledgements>
+<affects prod="httpd" version="2.0.64"/>
+<affects prod="httpd" version="2.0.63"/>
+<affects prod="httpd" version="2.0.61"/>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+<affects prod="httpd" version="2.0.36"/>
+<affects prod="httpd" version="2.0.35"/>
+</issue>
+
+<issue fixed="1.3-never" reported="20110916" public="20111005" released="">
+<cve name="CVE-2011-3368"/>
+<severity level="3">moderate</severity>
+<title>mod_proxy reverse proxy exposure</title>
+<description><p>
+An exposure was found when using mod_proxy in reverse proxy mode.
+In certain configurations using RewriteRule with proxy flag,
+a remote attacker could cause the reverse proxy to
+connect to an arbitrary server, possibly disclosing sensitive
+information from internal web servers not directly accessible to
+attacker.</p>
+<p>No update of 1.3 will be released. Patches will be published to
+<a href="http://archive.apache.org/dist/httpd/patches/apply_to_1.3.42/"
+>http://archive.apache.org/dist/httpd/patches/apply_to_1.3.42/</a></p>
+</description>
+<acknowledgements>
+This issue was reported by Context Information Security Ltd
+</acknowledgements>
+<affects prod="httpd" version="1.3.42"/>
+<affects prod="httpd" version="1.3.41"/>
+<affects prod="httpd" version="1.3.39"/>
+<affects prod="httpd" version="1.3.37"/>
+<affects prod="httpd" version="1.3.36"/>
+<affects prod="httpd" version="1.3.35"/>
+<affects prod="httpd" version="1.3.34"/>
+<affects prod="httpd" version="1.3.33"/>
+<affects prod="httpd" version="1.3.32"/>
+<affects prod="httpd" version="1.3.31"/>
+<affects prod="httpd" version="1.3.29"/>
+<affects prod="httpd" version="1.3.28"/>
+<affects prod="httpd" version="1.3.27"/>
+<affects prod="httpd" version="1.3.26"/>
+<affects prod="httpd" version="1.3.24"/>
+<affects prod="httpd" version="1.3.22"/>
+<affects prod="httpd" version="1.3.20"/>
+<affects prod="httpd" version="1.3.19"/>
+<affects prod="httpd" version="1.3.17"/>
+<affects prod="httpd" version="1.3.14"/>
+<affects prod="httpd" version="1.3.12"/>
+<affects prod="httpd" version="1.3.11"/>
+<affects prod="httpd" version="1.3.9"/>
+<affects prod="httpd" version="1.3.6"/>
+<affects prod="httpd" version="1.3.4"/>
+<affects prod="httpd" version="1.3.3"/>
+<affects prod="httpd" version="1.3.2"/>
+</issue>
+
+<issue fixed="2.2.21" reported="20110907" public="20110914" released="20110914">
+<cve name="CVE-2011-3348"/>
+<severity level="3">moderate</severity>
+<title>mod_proxy_ajp remote DoS</title>
+<description><p>
+A flaw was found when mod_proxy_ajp is used together with
+mod_proxy_balancer. Given a specific configuration, a remote attacker
+could send certain malformed HTTP requests, putting a backend server
+into an error state until the retry timeout expired.
+This could lead to a temporary denial of service.</p>
+</description>
+<affects prod="httpd" version="2.2.20"/>
+<affects prod="httpd" version="2.2.19"/>
+<affects prod="httpd" version="2.2.18"/>
+<affects prod="httpd" version="2.2.17"/>
+<affects prod="httpd" version="2.2.16"/>
+<affects prod="httpd" version="2.2.15"/>
+<affects prod="httpd" version="2.2.14"/>
+<affects prod="httpd" version="2.2.13"/>
+<affects prod="httpd" version="2.2.12"/>
+</issue>
+
+<issue fixed="2.2.20" reported="20110820" public="20110820" released="20110830">
+<cve name="CVE-2011-3192"/>
+<severity level="2">important</severity>
+<title>Range header remote DoS</title>
+<description><p>
+A flaw was found in the way the Apache HTTP Server handled Range HTTP
+headers. A remote attacker could use this flaw to cause httpd to use
+an excessive amount of memory and CPU time via HTTP requests with a
+specially-crafted Range header. This could be used in a denial of
+service attack. </p>
+<p>
+Advisory: <a href="CVE-2011-3192.txt">CVE-2011-3192.txt</a>
+</p>
+</description>
+<affects prod="httpd" version="2.2.19"/>
+<affects prod="httpd" version="2.2.18"/>
+<affects prod="httpd" version="2.2.17"/>
+<affects prod="httpd" version="2.2.16"/>
+<affects prod="httpd" version="2.2.15"/>
+<affects prod="httpd" version="2.2.14"/>
+<affects prod="httpd" version="2.2.13"/>
+<affects prod="httpd" version="2.2.12"/>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.0.65-dev" reported="20110820" public="20110820" released="20110830">
+<cve name="CVE-2011-3192"/>
+<severity level="2">important</severity>
+<title>Range header remote DoS</title>
+<description><p>
+A flaw was found in the way the Apache HTTP Server handled Range HTTP
+headers. A remote attacker could use this flaw to cause httpd to use
+an excessive amount of memory and CPU time via HTTP requests with a
+specially-crafted Range header. This could be used in a denial of
+service attack. </p>
+<p>
+Advisory: <a href="CVE-2011-3192.txt">CVE-2011-3192.txt</a>
+</p>
+</description>
+<affects prod="httpd" version="2.0.64"/>
+<affects prod="httpd" version="2.0.63"/>
+<affects prod="httpd" version="2.0.61"/>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+<affects prod="httpd" version="2.0.36"/>
+<affects prod="httpd" version="2.0.35"/>
+</issue>
+
+<issue fixed="2.2.19" reported="20110302" public="20110510" released="20110521">
+<cve name="CVE-2011-0419"/>
+<severity level="3">moderate</severity>
+<title>apr_fnmatch flaw leads to mod_autoindex remote DoS</title>
+<description><p>
+A flaw was found in the apr_fnmatch() function of the bundled APR
+library. Where mod_autoindex is enabled, and a directory indexed by
+mod_autoindex contained files with sufficiently long names, a
+remote attacker could send a carefully crafted request which would
+cause excessive CPU usage. This could be used in a denial of service
+attack.
+</p><p>
+Workaround: Setting the 'IgnoreClient' option to the 'IndexOptions'
+directive disables processing of the client-supplied request query
+arguments, preventing this attack.
+</p><p>
+Resolution: Update APR to release 1.4.5 (bundled with httpd 2.2.19)
+</p>
+</description>
+<acknowledgements>
+This issue was reported by Maksymilian Arciemowicz
+</acknowledgements>
+<affects prod="httpd" version="2.2.18"/>
+<affects prod="httpd" version="2.2.17"/>
+<affects prod="httpd" version="2.2.16"/>
+<affects prod="httpd" version="2.2.15"/>
+<affects prod="httpd" version="2.2.14"/>
+<affects prod="httpd" version="2.2.13"/>
+<affects prod="httpd" version="2.2.12"/>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.0.65-dev" reported="20110302" public="20110510" released="20110521">
+<cve name="CVE-2011-0419"/>
+<severity level="3">moderate</severity>
+<title>apr_fnmatch flaw leads to mod_autoindex remote DoS</title>
+<description><p>
+A flaw was found in the apr_fnmatch() function of the bundled APR
+library. Where mod_autoindex is enabled, and a directory indexed by
+mod_autoindex contained files with sufficiently long names, a
+remote attacker could send a carefully crafted request which would
+cause excessive CPU usage. This could be used in a denial of service
+attack.
+</p><p>
+Workaround: Setting the 'IgnoreClient' option to the 'IndexOptions'
+directive disables processing of the client-supplied request query
+arguments, preventing this attack.
+</p><p>
+Resolution: Update APR to release 0.9.20 (to be bundled with httpd 2.0.65)
+</p>
+</description>
+<acknowledgements>
+This issue was reported by Maksymilian Arciemowicz
+</acknowledgements>
+<affects prod="httpd" version="2.0.64"/>
+<affects prod="httpd" version="2.0.63"/>
+<affects prod="httpd" version="2.0.61"/>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+<affects prod="httpd" version="2.0.36"/>
+<affects prod="httpd" version="2.0.35"/>
+</issue>
+
+<issue fixed="2.2.17" reported="20090821" public="20090117" released="20101019">
+<cve name="CVE-2009-3720"/>
+<severity level="4">low</severity>
+<title>expat DoS</title>
+<description><p>
+A buffer over-read flaw was found in the bundled expat
+library. An attacker who is able to get Apache to parse
+an untrused XML document (for example through mod_dav) may
+be able to cause a crash. This crash would only
+be a denial of service if using the worker MPM.
+</p>
+</description>
+<affects prod="httpd" version="2.2.16"/>
+<affects prod="httpd" version="2.2.15"/>
+<affects prod="httpd" version="2.2.14"/>
+<affects prod="httpd" version="2.2.13"/>
+<affects prod="httpd" version="2.2.12"/>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.0.64" reported="20090821" public="20090117" released="20101019">
+<cve name="CVE-2009-3720"/>
+<severity level="4">low</severity>
+<title>expat DoS</title>
+<description><p>
+A buffer over-read flaw was found in the bundled expat
+library. An attacker who is able to get Apache to parse
+an untrused XML document (for example through mod_dav) may
+be able to cause a crash. This crash would only
+be a denial of service if using the worker MPM.
+</p>
+</description>
+<affects prod="httpd" version="2.0.63"/>
+<affects prod="httpd" version="2.0.61"/>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+<affects prod="httpd" version="2.0.36"/>
+<affects prod="httpd" version="2.0.35"/>
+</issue>
+
+<issue fixed="2.2.17" public="20091202" released="20101019">
+<cve name="CVE-2009-3560"/>
+<severity level="4">low</severity>
+<title>expat DoS</title>
+<description><p>
+A buffer over-read flaw was found in the bundled expat
+library. An attacker who is able to get Apache to parse
+an untrused XML document (for example through mod_dav) may
+be able to cause a crash. This crash would only
+be a denial of service if using the worker MPM.
+</p>
+</description>
+<affects prod="httpd" version="2.2.16"/>
+<affects prod="httpd" version="2.2.15"/>
+<affects prod="httpd" version="2.2.14"/>
+<affects prod="httpd" version="2.2.13"/>
+<affects prod="httpd" version="2.2.12"/>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.0.64" public="20091202" released="20101019">
+<cve name="CVE-2009-3560"/>
+<severity level="4">low</severity>
+<title>expat DoS</title>
+<description><p>
+A buffer over-read flaw was found in the bundled expat
+library. An attacker who is able to get Apache to parse
+an untrused XML document (for example through mod_dav) may
+be able to cause a crash. This crash would only
+be a denial of service if using the worker MPM.
+</p>
+</description>
+<affects prod="httpd" version="2.0.63"/>
+<affects prod="httpd" version="2.0.61"/>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+<affects prod="httpd" version="2.0.36"/>
+<affects prod="httpd" version="2.0.35"/>
+</issue>
+
+<issue fixed="2.2.17" reported="20100303" public="20101001" released="20101019">
+<cve name="CVE-2010-1623"/>
+<severity level="4">low</severity>
+<title>apr_bridage_split_line DoS</title>
+<description><p>
+A flaw was found in the apr_brigade_split_line() function of the bundled
+APR-util library, used to process non-SSL requests. A remote attacker
+could send requests, carefully crafting the timing of individual bytes,
+which would slowly consume memory, potentially leading to a denial of
+service.
+</p>
+</description>
+<affects prod="httpd" version="2.2.16"/>
+<affects prod="httpd" version="2.2.15"/>
+<affects prod="httpd" version="2.2.14"/>
+<affects prod="httpd" version="2.2.13"/>
+<affects prod="httpd" version="2.2.12"/>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.0.64" reported="20100303" public="20101001" released="20101019">
+<cve name="CVE-2010-1623"/>
+<severity level="4">low</severity>
+<title>apr_bridage_split_line DoS</title>
+<description><p>
+A flaw was found in the apr_brigade_split_line() function of the bundled
+APR-util library, used to process non-SSL requests. A remote attacker
+could send requests, carefully crafting the timing of individual bytes,
+which would slowly consume memory, potentially leading to a denial of
+service.
+</p>
+</description>
+<affects prod="httpd" version="2.0.63"/>
+<affects prod="httpd" version="2.0.61"/>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+<affects prod="httpd" version="2.0.36"/>
+<affects prod="httpd" version="2.0.35"/>
+</issue>
+
+<issue fixed="2.2.16" reported="20100504" public="20100725" released="20100725">
+<cve name="CVE-2010-1452"/>
+<severity level="4">low</severity>
+<title>mod_cache and mod_dav DoS</title>
+<description><p>
+A flaw was found in the handling of requests by mod_cache and mod_dav.
+A malicious remote attacker could send a carefully crafted request and
+cause a httpd child process to crash. This crash would only
+be a denial of service if using the worker MPM. This issue is further
+mitigated as mod_dav is only affected by requests that are most likely
+to be authenticated, and mod_cache is only affected if the uncommon
+"CacheIgnoreURLSessionIdentifiers" directive, introduced in
+version 2.2.14, is used.
+</p>
+</description>
+<acknowledgements>
+This issue was reported by Mark Drayton.
+</acknowledgements>
+<affects prod="httpd" version="2.2.15"/>
+<affects prod="httpd" version="2.2.14"/>
+<affects prod="httpd" version="2.2.13"/>
+<affects prod="httpd" version="2.2.12"/>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+
+<issue fixed="2.0.64" reported="20100504" public="20100725" released="20101019">
+<cve name="CVE-2010-1452"/>
+<severity level="4">low</severity>
+<title>mod_dav DoS</title>
+<description><p>
+A flaw was found in the handling of requests by mod_dav. A malicious remote
+attacker could send a carefully crafted request and cause a httpd child process
+to crash. This crash would only be a denial of service if using the worker MPM.
+This issue is further mitigated as mod_dav is only affected by requests that are
+most likely to be authenticated.
+</p>
+</description>
+<acknowledgements>
+This issue was reported by Mark Drayton.
+</acknowledgements>
+<affects prod="httpd" version="2.0.63"/>
+<affects prod="httpd" version="2.0.61"/>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+<affects prod="httpd" version="2.0.36"/>
+<affects prod="httpd" version="2.0.35"/>
+</issue>
+
+
+<issue fixed="2.2.16" reported="20100609" public="20100609" released="20100725">
+<cve name="CVE-2010-2068"/>
+<severity level="2">important</severity>
+<title>Timeout detection flaw (mod_proxy_http)</title>
+<description><p>
+An information disclosure flaw was found in mod_proxy_http in versions
+2.2.9 through 2.2.15, 2.3.4-alpha and 2.3.5-alpha. Under certain timeout
+conditions, the server could return a response intended for another user.
+Only Windows, Netware and OS2 operating systems are affected. Only those
+configurations which trigger the use of proxy worker pools are affected.
+There was no vulnerability on earlier versions, as proxy pools were not
+yet introduced. The simplest workaround is to globally configure;</p>
+<p>SetEnv proxy-nokeepalive 1</p>
+<p>Source code patches are at;</p>
+<ul>
+<li><a href="http://www.apache.org/dist/httpd/patches/apply_to_2.2.15/CVE-2010-2068-r953616.patch"
+>http://www.apache.org/dist/httpd/patches/apply_to_2.2.15/CVE-2010-2068-r953616.patch</a></li>
+<li><a href="http://www.apache.org/dist/httpd/patches/apply_to_2.3.5/CVE-2010-2068-r953418.patch"
+>http://www.apache.org/dist/httpd/patches/apply_to_2.3.5/CVE-2010-2068-r953418.patch</a></li>
+</ul>
+<p>Binary replacement modules are at</p>
+<ul>
+<li><a href="http://www.apache.org/dist/httpd/binaries/win32/mod_proxy_http-CVE-2010-2068.zip"
+>http://www.apache.org/dist/httpd/binaries/win32/mod_proxy_http-CVE-2010-2068.zip</a></li>
+</ul>
+</description>
+<acknowledgements>
+We would like to thank Loren Anderson for the detailed analysis and
+reporting of this issue.
+</acknowledgements>
+<affects prod="httpd" version="2.3.5-alpha"/>
+<affects prod="httpd" version="2.3.4-alpha"/>
+<affects prod="httpd" version="2.2.15"/>
+<affects prod="httpd" version="2.2.14"/>
+<affects prod="httpd" version="2.2.13"/>
+<affects prod="httpd" version="2.2.12"/>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+</issue>
+
+
+<issue fixed="2.2.15" reported="20091209" public="20091209" released="20100305">
+<cve name="CVE-2010-0434"/>
+<severity level="4">low</severity>
+<title>Subrequest handling of request headers (mod_headers)</title>
+<description><p>
+A flaw in the core subrequest process code was fixed, to always provide a shallow copy of the headers_in
+array to the subrequest, instead of a pointer to the parent request's array
+as it had for requests without request bodies. This meant all modules such
+as mod_headers which may manipulate the input headers for a subrequest would
+poison the parent request in two ways, one by modifying the parent request,
+which might not be intended, and second by leaving pointers to modified header
+fields in memory allocated to the subrequest scope, which could be freed
+before the main request processing was finished, resulting in a segfault or
+in revealing data from another request on threaded servers, such as the worker
+or winnt MPMs.
+</p></description>
+<acknowledgements>
+We would like to thank Philip Pickett of VMware for reporting and proposing a
+fix for this issue.
+</acknowledgements>
+<affects prod="httpd" version="2.2.14"/>
+<affects prod="httpd" version="2.2.13"/>
+<affects prod="httpd" version="2.2.12"/>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.15" reported="20100209" public="20100302" released="20100305">
+<cve name="CVE-2010-0425"/>
+<severity level="2">important</severity>
+<title>mod_isapi module unload flaw</title>
+<description><p>
+A flaw was found with within mod_isapi which would attempt to unload the ISAPI dll when it
+encountered various error states. This could leave the callbacks in an
+undefined state and result in a segfault. On Windows platforms using mod_isapi, a
+remote attacker could send a malicious request to trigger this issue, and as win32 MPM runs only one
+process, this would result in a denial of service, and potentially allow
+arbitrary code execution.
+</p></description>
+<acknowledgements>
+We would like to thank Brett Gervasoni of Sense of Security for reporting and
+proposing a patch fix for this issue.
+</acknowledgements>
+<affects prod="httpd" version="2.2.14"/>
+<affects prod="httpd" version="2.2.13"/>
+<affects prod="httpd" version="2.2.12"/>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.15" reported="20100202" public="20100302" released="20100305">
+<cve name="CVE-2010-0408"/>
+<severity level="3">moderate</severity>
+<title>mod_proxy_ajp DoS</title>
+<description><p>
+mod_proxy_ajp would return the wrong status code if it encountered
+an error, causing a backend server to be put into an error state until
+the retry timeout expired. A remote attacker could send malicious requests
+to trigger this issue, resulting in denial of service.
+</p></description>
+<acknowledgements>
+We would like to thank Niku Toivola of Sulake Corporation for reporting and
+proposing a patch fix for this issue.
+</acknowledgements>
+<affects prod="httpd" version="2.2.14"/>
+<affects prod="httpd" version="2.2.13"/>
+<affects prod="httpd" version="2.2.12"/>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.14" reported="20090805" public="20090923" released="20091005">
+<cve name="CVE-2009-2699"/>
+<severity level="3">moderate</severity>
+<title>Solaris pollset DoS</title>
+<description><p>Faulty error handling was found affecting Solaris pollset support
+(Event Port backend) caused by a bug in APR. A remote attacker
+could trigger this issue on Solaris servers which used prefork or
+event MPMs, resulting in a denial of service.
+</p></description>
+<affects prod="httpd" version="2.2.13"/>
+<affects prod="httpd" version="2.2.12"/>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.14" reported="20090904" public="20090802" released="20091005">
+<cve name="CVE-2009-3094"/>
+<severity level="4">low</severity>
+<title>mod_proxy_ftp DoS</title>
+<description><p>
+A NULL pointer dereference flaw was found in the mod_proxy_ftp
+module. A malicious FTP server to which requests are being proxied
+could use this flaw to crash an httpd child process via a malformed
+reply to the EPSV or PASV commands, resulting in a limited denial of
+service.
+</p></description>
+<affects prod="httpd" version="2.2.13"/>
+<affects prod="httpd" version="2.2.12"/>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.14" reported="20090903" public="20090803" released="20091005">
+<cve name="CVE-2009-3095"/>
+<severity level="4">low</severity>
+<title>mod_proxy_ftp FTP command injection</title>
+<description><p>
+A flaw was found in the mod_proxy_ftp module. In a reverse proxy
+configuration, a remote attacker could use this flaw to bypass
+intended access restrictions by creating a carefully-crafted HTTP
+Authorization header, allowing the attacker to send arbitrary commands
+to the FTP server.
+</p></description>
+<affects prod="httpd" version="2.2.13"/>
+<affects prod="httpd" version="2.2.12"/>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.13" reported="20090727" public="20090804" released="20090809">
+<cve name="CVE-2009-2412"/>
+<severity level="4">low</severity>
+<title>APR apr_palloc heap overflow</title>
+<description><p>
+A flaw in apr_palloc() in the bundled copy of APR could
+cause heap overflows in programs that try to apr_palloc() a user
+controlled size. The Apache HTTP Server itself does not pass
+unsanitized user-provided sizes to this function, so it could only
+be triggered through some other application which uses apr_palloc()
+in a vulnerable way.
+</p></description>
+<affects prod="httpd" version="2.2.12"/>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.0.64" reported="20090727" public="20090804" released="20101019">
+<cve name="CVE-2009-2412"/>
+<severity level="4">low</severity>
+<title>APR apr_palloc heap overflow</title>
+<description><p>
+A flaw in apr_palloc() in the bundled copy of APR could
+cause heap overflows in programs that try to apr_palloc() a user
+controlled size. The Apache HTTP Server itself does not pass
+unsanitized user-provided sizes to this function, so it could only
+be triggered through some other application which uses apr_palloc()
+in a vulnerable way.
+</p></description>
+<affects prod="httpd" version="2.0.63"/>
+<affects prod="httpd" version="2.0.61"/>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+<affects prod="httpd" version="2.0.36"/>
+<affects prod="httpd" version="2.0.35"/>
+</issue>
+
+<issue fixed="2.2.12" public="20090424" released="200900727">
+<cve name="CVE-2009-1956"/>
+<severity level="3">moderate</severity>
+<title>APR-util off-by-one overflow</title>
+<description><p>
+An off-by-one overflow flaw was found in the way the bundled copy of
+the APR-util library processed a variable list of arguments. An
+attacker could provide a specially-crafted string as input for the
+formatted output conversion routine, which could, on big-endian
+platforms, potentially lead to the disclosure of sensitive information
+or a denial of service.
+</p></description>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.12" public="20090601" released="20090727">
+<cve name="CVE-2009-1955"/>
+<severity level="3">moderate</severity>
+<title>APR-util XML DoS</title>
+<description><p>
+A denial of service flaw was found in the bundled copy of the APR-util
+library Extensible Markup Language (XML) parser. A remote attacker
+could create a specially-crafted XML document that would cause
+excessive memory consumption when processed by the XML decoding
+engine.
+</p></description>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.12" public="20090626" reported="20090626" released="20090727">
+<cve name="CVE-2009-1891"/>
+<severity level="4">low</severity>
+<cvss>2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P</cvss>
+<title>mod_deflate DoS</title>
+<description><p>
+A denial of service flaw was found in the mod_deflate module. This
+module continued to compress large files until compression was
+complete, even if the network connection that requested the content
+was closed before compression completed. This would cause mod_deflate
+to consume large amounts of CPU if mod_deflate was enabled for a large
+file.</p></description>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.0.64" public="20090626" reported="20090626" released="20101019">
+<cve name="CVE-2009-1891"/>
+<severity level="4">low</severity>
+<cvss>2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P</cvss>
+<title>mod_deflate DoS</title>
+<description><p>
+A denial of service flaw was found in the mod_deflate module. This
+module continued to compress large files until compression was
+complete, even if the network connection that requested the content
+was closed before compression completed. This would cause mod_deflate
+to consume large amounts of CPU if mod_deflate was enabled for a large
+file.</p></description>
+<affects prod="httpd" version="2.0.63"/>
+<affects prod="httpd" version="2.0.61"/>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+<affects prod="httpd" version="2.0.36"/>
+<affects prod="httpd" version="2.0.35"/>
+</issue>
+
+<issue fixed="2.2.12" public="20090702" reported="20090630" released="20090727">
+<cve name="CVE-2009-1890"/>
+<severity level="2">important</severity>
+<cvss>7.8/AV:N/AC:L/Au:N/C:N/I:N/A:C</cvss>
+<title>mod_proxy reverse proxy DoS</title>
+<description><p>
+A denial of service flaw was found in the mod_proxy module when it was
+used as a reverse proxy. A remote attacker could use this flaw to
+force a proxy process to consume large amounts of CPU time.
+</p></description>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.12" public="20090422" reported="20090309" released="20090727">
+<cve name="CVE-2009-1195"/>
+<severity level="4">low</severity>
+<cvss>4.4/AV:L/AC:M/Au:N/C:P/I:P/A:P</cvss>
+<title>AllowOverride Options handling bypass</title>
+<description><p>
+A flaw was found in the handling of the "Options" and "AllowOverride"
+directives. In configurations using the "AllowOverride" directive
+with certain "Options=" arguments, local users were not restricted
+from executing commands from a Server-Side-Include script as intended.
+</p></description>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.12" public="20090421" reported="20090305" released="20090727">
+<cve name="CVE-2009-1191"/>
+<severity level="2">important</severity>
+<cvss>5/AV:N/AC:L/Au:N/C:P/I:N/A:N</cvss>
+<title>mod_proxy_ajp information disclosure</title>
+<description><p>
+An information disclosure flaw was found in mod_proxy_ajp in version
+2.2.11 only. In certain
+situations, if a user sent a carefully crafted HTTP request, the server
+could return a response intended for another user.
+</p></description>
+<affects prod="httpd" version="2.2.11"/>
+</issue>
+
+<issue fixed="2.2.12" public="20090601" released="20090727">
+<cve name="CVE-2009-0023"/>
+<severity level="3">moderate</severity>
+<title>APR-util heap underwrite</title>
+<description><p>
+A heap-based underwrite flaw was found in the way the bundled copy of
+the APR-util library created compiled forms of particular search
+patterns. An attacker could formulate a specially-crafted search
+keyword, that would overwrite arbitrary heap memory locations when
+processed by the pattern preparation engine.
+</p></description>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.10" public="20080805" reported="20080728" released="20081031">
+<cve name="CVE-2008-2939"/>
+<severity level="4">low</severity>
+<title>mod_proxy_ftp globbing XSS</title>
+<description><p>
+A flaw was found in the handling of wildcards in the path of a FTP
+URL with mod_proxy_ftp. If mod_proxy_ftp is enabled to support
+FTP-over-HTTP, requests containing globbing characters could lead
+to cross-site scripting (XSS) attacks.</p></description>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.10" reported="20100723" public="20100723" released="20081031">
+<cve name="CVE-2010-2791"/>
+<severity level="2">important</severity>
+<title>Timeout detection flaw (mod_proxy_http)</title>
+<description><p>
+An information disclosure flaw was found in mod_proxy_http in version
+2.2.9 only, on Unix platforms. Under certain timeout
+conditions, the server could return a response intended for another user.
+Only those configurations which trigger the use of proxy worker pools
+are affected. There was no vulnerability on earlier versions, as
+proxy pools were not yet introduced. The simplest workaround is to
+globally configure:</p>
+<p>SetEnv proxy-nokeepalive 1</p>
+</description>
+<affects prod="httpd" version="2.2.9"/>
+</issue>
+
+<issue fixed="2.0.64" reported="20090903" public="20090803" released="20101019">
+<cve name="CVE-2009-3095"/>
+<severity level="4">low</severity>
+<title>mod_proxy_ftp FTP command injection</title>
+<description><p>
+A flaw was found in the mod_proxy_ftp module. In a reverse proxy
+configuration, a remote attacker could use this flaw to bypass
+intended access restrictions by creating a carefully-crafted HTTP
+Authorization header, allowing the attacker to send arbitrary commands
+to the FTP server.
+</p></description>
+<affects prod="httpd" version="2.0.63"/>
+<affects prod="httpd" version="2.0.61"/>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+<affects prod="httpd" version="2.0.36"/>
+<affects prod="httpd" version="2.0.35"/>
+</issue>
+
+<issue fixed="2.0.64" reported="20090904" public="20090802" released="20101019">
+<cve name="CVE-2009-3094"/>
+<severity level="4">low</severity>
+<title>mod_proxy_ftp DoS</title>
+<description><p>
+A NULL pointer dereference flaw was found in the mod_proxy_ftp
+module. A malicious FTP server to which requests are being proxied
+could use this flaw to crash an httpd child process via a malformed
+reply to the EPSV or PASV commands, resulting in a limited denial of
+service.
+</p></description>
+<affects prod="httpd" version="2.0.63"/>
+<affects prod="httpd" version="2.0.61"/>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+<affects prod="httpd" version="2.0.36"/>
+<affects prod="httpd" version="2.0.35"/>
+</issue>
+
+<issue fixed="2.0.64" reported="20091209" public="20091209" released="20101019">
+<cve name="CVE-2010-0434"/>
+<severity level="4">low</severity>
+<title>Subrequest handling of request headers (mod_headers)</title>
+<description><p>
+A flaw in the core subrequest process code was fixed, to always provide a shallow copy of the headers_in
+array to the subrequest, instead of a pointer to the parent request's array
+as it had for requests without request bodies. This meant all modules such
+as mod_headers which may manipulate the input headers for a subrequest would
+poison the parent request in two ways, one by modifying the parent request,
+which might not be intended, and second by leaving pointers to modified header
+fields in memory allocated to the subrequest scope, which could be freed
+before the main request processing was finished, resulting in a segfault or
+in revealing data from another request on threaded servers, such as the worker
+or winnt MPMs.
+</p></description>
+<acknowledgements>
+We would like to thank Philip Pickett of VMware for reporting and proposing a
+fix for this issue.
+</acknowledgements>
+<affects prod="httpd" version="2.0.63"/>
+<affects prod="httpd" version="2.0.61"/>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+<affects prod="httpd" version="2.0.36"/>
+<affects prod="httpd" version="2.0.35"/>
+</issue>
+
+<issue fixed="2.0.64" public="20100302" reported="20100209" released="20101019">
+<cve name="CVE-2010-0425"/>
+<severity level="2">important</severity>
+<title>mod_isapi module unload flaw</title>
+<description><p>
+A flaw was found with within mod_isapi which would attempt to unload the ISAPI dll when it
+encountered various error states. This could leave the callbacks in an
+undefined state and result in a segfault. On Windows platforms using mod_isapi, a
+remote attacker could send a malicious request to trigger this issue, and as win32 MPM runs only one
+process, this would result in a denial of service, and potentially allow
+arbitrary code execution.
+</p></description>
+<acknowledgements>
+We would like to thank Brett Gervasoni of Sense of Security for reporting and
+proposing a patch fix for this issue.
+</acknowledgements>
+<affects prod="httpd" version="2.0.63"/>
+<affects prod="httpd" version="2.0.61"/>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+</issue>
+
+<issue fixed="2.0.64" public="20080610" reported="20080529" released="20101019">
+<cve name="CVE-2008-2364"/>
+<severity level="3">moderate</severity>
+<title>mod_proxy_http DoS</title>
+<description><p>
+A flaw was found in the handling of excessive interim responses
+from an origin server when using mod_proxy_http. A remote attacker
+could cause a denial of service or high memory usage.</p></description>
+<affects prod="httpd" version="2.0.63"/>
+<affects prod="httpd" version="2.0.61"/>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+<affects prod="httpd" version="2.0.36"/>
+<affects prod="httpd" version="2.0.35"/>
+</issue>
+
+<issue fixed="2.0.64" public="20080805" reported="20080728" released="20101019">
+<cve name="CVE-2008-2939"/>
+<severity level="4">low</severity>
+<title>mod_proxy_ftp globbing XSS</title>
+<description><p>
+A flaw was found in the handling of wildcards in the path of a FTP
+URL with mod_proxy_ftp. If mod_proxy_ftp is enabled to support
+FTP-over-HTTP, requests containing globbing characters could lead
+to cross-site scripting (XSS) attacks.</p></description>
+<affects prod="httpd" version="2.0.63"/>
+<affects prod="httpd" version="2.0.61"/>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+<affects prod="httpd" version="2.0.36"/>
+<affects prod="httpd" version="2.0.35"/>
+</issue>
+
+<issue fixed="2.2.9" public="20080610" reported="20080529" released="20080614">
+<cve name="CVE-2008-2364"/>
+<severity level="3">moderate</severity>
+<title>mod_proxy_http DoS</title>
+<description><p>
+A flaw was found in the handling of excessive interim responses
+from an origin server when using mod_proxy_http. A remote attacker
+could cause a denial of service or high memory usage.</p></description>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.9" public="20080109" reported="20071012" released="20080614">
+<cve name="CVE-2007-6420"/>
+<severity level="4">low</severity>
+<title>mod_proxy_balancer CSRF</title>
+<description><p>
+The mod_proxy_balancer provided an administrative interface that could be
+vulnerable to cross-site request forgery (CSRF) attacks.
+</p></description>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="1.3.42" public="2010127" reported="20091230" released="20100203">
+<cve name="CVE-2010-0010"/>
+<severity level="3">moderate</severity>
+<title>mod_proxy overflow on 64-bit systems</title>
+<description><p>
+An incorrect conversion between numeric types flaw was found in the
+mod_proxy module which affects some 64-bit architecture systems. A
+malicious HTTP server to which requests are being proxied could use
+this flaw to trigger a heap buffer overflow in an httpd child process
+via a carefully crafted response.
+</p></description>
+<affects prod="httpd" version="1.3.41"/>
+<affects prod="httpd" version="1.3.39"/>
+<affects prod="httpd" version="1.3.37"/>
+<affects prod="httpd" version="1.3.36"/>
+<affects prod="httpd" version="1.3.35"/>
+<affects prod="httpd" version="1.3.34"/>
+<affects prod="httpd" version="1.3.33"/>
+<affects prod="httpd" version="1.3.32"/>
+<affects prod="httpd" version="1.3.31"/>
+<affects prod="httpd" version="1.3.29"/>
+<affects prod="httpd" version="1.3.28"/>
+<affects prod="httpd" version="1.3.27"/>
+<affects prod="httpd" version="1.3.26"/>
+<affects prod="httpd" version="1.3.24"/>
+<affects prod="httpd" version="1.3.22"/>
+<affects prod="httpd" version="1.3.20"/>
+<affects prod="httpd" version="1.3.19"/>
+<affects prod="httpd" version="1.3.17"/>
+<affects prod="httpd" version="1.3.14"/>
+<affects prod="httpd" version="1.3.12"/>
+<affects prod="httpd" version="1.3.11"/>
+<affects prod="httpd" version="1.3.9"/>
+<affects prod="httpd" version="1.3.6"/>
+<affects prod="httpd" version="1.3.4"/>
+<affects prod="httpd" version="1.3.3"/>
+<affects prod="httpd" version="1.3.2"/>
+</issue>
+
+<issue fixed="2.2.8" public="20080102" reported="20071215" released="20080119">
+<cve name="CVE-2007-6388"/>
+<severity level="3">moderate</severity>
+<title>mod_status XSS</title>
+<description><p>
+A flaw was found in the mod_status module. On sites where mod_status is
+enabled and the status pages were publicly accessible, a cross-site
+scripting attack is possible.
+Note that the server-status page is not enabled by default and it is best practice to not make this publicly available.</p></description>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.0.63" public="20080102" reported="20071215" released="20080119">
+<cve name="CVE-2007-6388"/>
+<severity level="3">moderate</severity>
+<title>mod_status XSS</title>
+<description><p>
+A flaw was found in the mod_status module. On sites where mod_status is
+enabled and the status pages were publicly accessible, a cross-site
+scripting attack is possible.
+Note that the server-status page is not enabled by default and it is best practice to not make this publicly available.</p></description>
+<affects prod="httpd" version="2.0.61"/>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+<affects prod="httpd" version="2.0.36"/>
+<affects prod="httpd" version="2.0.35"/>
+</issue>
+
+<issue fixed="1.3.41" public="20080102" reported="20071215" released="20080119">
+<cve name="CVE-2007-6388"/>
+<severity level="3">moderate</severity>
+<title>mod_status XSS</title>
+<description><p>
+A flaw was found in the mod_status module. On sites where mod_status is
+enabled and the status pages were publicly accessible, a cross-site
+scripting attack is possible.
+Note that the server-status page is not enabled by default and it is best practice to not make this publicly available.</p></description>
+<affects prod="httpd" version="1.3.39"/>
+<affects prod="httpd" version="1.3.37"/>
+<affects prod="httpd" version="1.3.36"/>
+<affects prod="httpd" version="1.3.35"/>
+<affects prod="httpd" version="1.3.34"/>
+<affects prod="httpd" version="1.3.33"/>
+<affects prod="httpd" version="1.3.32"/>
+<affects prod="httpd" version="1.3.31"/>
+<affects prod="httpd" version="1.3.29"/>
+<affects prod="httpd" version="1.3.28"/>
+<affects prod="httpd" version="1.3.27"/>
+<affects prod="httpd" version="1.3.26"/>
+<affects prod="httpd" version="1.3.24"/>
+<affects prod="httpd" version="1.3.22"/>
+<affects prod="httpd" version="1.3.20"/>
+<affects prod="httpd" version="1.3.19"/>
+<affects prod="httpd" version="1.3.17"/>
+<affects prod="httpd" version="1.3.14"/>
+<affects prod="httpd" version="1.3.12"/>
+<affects prod="httpd" version="1.3.11"/>
+<affects prod="httpd" version="1.3.9"/>
+<affects prod="httpd" version="1.3.6"/>
+<affects prod="httpd" version="1.3.4"/>
+<affects prod="httpd" version="1.3.3"/>
+<affects prod="httpd" version="1.3.2"/>
+</issue>
+
+<issue fixed="2.2.8" public="20071211" reported="20071023" released="20080119">
+<cve name="CVE-2007-5000"/>
+<severity level="3">moderate</severity>
+<title>mod_imagemap XSS</title>
+<description><p>
+A flaw was found in the mod_imagemap module. On sites where
+mod_imagemap is enabled and an imagemap file is publicly available, a
+cross-site scripting attack is possible.</p></description>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.0.63" public="20071211" reported="20071023" released="20080119">
+<cve name="CVE-2007-5000"/>
+<severity level="3">moderate</severity>
+<title>mod_imap XSS</title>
+<description><p>
+A flaw was found in the mod_imap module. On sites where
+mod_imap is enabled and an imagemap file is publicly available, a
+cross-site scripting attack is possible.</p></description>
+<affects prod="httpd" version="2.0.61"/>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+<affects prod="httpd" version="2.0.36"/>
+<affects prod="httpd" version="2.0.35"/>
+</issue>
+
+<issue fixed="1.3.41" public="20071211" reported="20071023" released="20080119">
+<cve name="CVE-2007-5000"/>
+<severity level="3">moderate</severity>
+<title>mod_imap XSS</title>
+<description><p>
+A flaw was found in the mod_imap module. On sites where
+mod_imap is enabled and an imagemap file is publicly available, a
+cross-site scripting attack is possible.</p></description>
+<affects prod="httpd" version="1.3.39"/>
+<affects prod="httpd" version="1.3.37"/>
+<affects prod="httpd" version="1.3.36"/>
+<affects prod="httpd" version="1.3.35"/>
+<affects prod="httpd" version="1.3.34"/>
+<affects prod="httpd" version="1.3.33"/>
+<affects prod="httpd" version="1.3.32"/>
+<affects prod="httpd" version="1.3.31"/>
+<affects prod="httpd" version="1.3.29"/>
+<affects prod="httpd" version="1.3.28"/>
+<affects prod="httpd" version="1.3.27"/>
+<affects prod="httpd" version="1.3.26"/>
+<affects prod="httpd" version="1.3.24"/>
+<affects prod="httpd" version="1.3.22"/>
+<affects prod="httpd" version="1.3.20"/>
+<affects prod="httpd" version="1.3.19"/>
+<affects prod="httpd" version="1.3.17"/>
+<affects prod="httpd" version="1.3.14"/>
+<affects prod="httpd" version="1.3.12"/>
+<affects prod="httpd" version="1.3.11"/>
+<affects prod="httpd" version="1.3.9"/>
+<affects prod="httpd" version="1.3.6"/>
+<affects prod="httpd" version="1.3.4"/>
+<affects prod="httpd" version="1.3.3"/>
+<affects prod="httpd" version="1.3.2"/>
+<affects prod="httpd" version="1.3.1"/>
+<affects prod="httpd" version="1.3.0"/>
+</issue>
+
+<issue fixed="2.0.63" public="20080108" reported="20071215" released="20080119">
+<cve name="CVE-2008-0005"/>
+<severity level="4">low</severity>
+<title>mod_proxy_ftp UTF-7 XSS</title>
+<description><p>
+A workaround was added in the mod_proxy_ftp module. On sites where
+mod_proxy_ftp is enabled and a forward proxy is configured, a
+cross-site scripting attack is possible against Web browsers which do
+not correctly derive the response character set following the rules in
+RFC 2616.
+</p></description>
+<affects prod="httpd" version="2.0.61"/>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+<affects prod="httpd" version="2.0.36"/>
+<affects prod="httpd" version="2.0.35"/>
+</issue>
+
+<issue fixed="2.2.8" public="20080108" reported="20071215" released="20080119">
+<cve name="CVE-2008-0005"/>
+<severity level="4">low</severity>
+<title>mod_proxy_ftp UTF-7 XSS</title>
+<description><p>
+A workaround was added in the mod_proxy_ftp module. On sites where
+mod_proxy_ftp is enabled and a forward proxy is configured, a
+cross-site scripting attack is possible against Web browsers which do
+not correctly derive the response character set following the rules in
+RFC 2616.
+</p></description>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.8" public="20080102" reported="20071212" released="20080119">
+<cve name="CVE-2007-6422"/>
+<severity level="4">low</severity>
+<title>mod_proxy_balancer DoS</title>
+<description><p>
+A flaw was found in the mod_proxy_balancer module. On sites where
+mod_proxy_balancer is enabled, an authorized user could send a carefully
+crafted request that would cause the Apache child process handling that
+request to crash. This could lead to a denial of service if using a
+threaded Multi-Processing Module. </p></description>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.8" public="20080102" reported="20071212" released="20080119">
+<cve name="CVE-2007-6421"/>
+<severity level="4">low</severity>
+<title>mod_proxy_balancer XSS</title>
+<description><p>
+A flaw was found in the mod_proxy_balancer module. On sites where
+mod_proxy_balancer is enabled, a cross-site scripting attack against an
+authorized user is possible. </p></description>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.6" public="20061210" reported="20061210" released="20070907">
+<cve name="CVE-2007-3847"/>
+<severity level="3">moderate</severity>
+<title>mod_proxy crash</title>
+<description><p>
+A flaw was found in the Apache HTTP Server mod_proxy module. On sites where
+a reverse proxy is configured, a remote attacker could send a carefully
+crafted request that would cause the Apache child process handling that
+request to crash. On sites where a forward proxy is configured, an attacker
+could cause a similar crash if a user could be persuaded to visit a
+malicious site using the proxy. This could lead to a denial of service if
+using a threaded Multi-Processing Module.</p></description>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.0.61" public="20061210" reported="20061210" released="20070907">
+<cve name="CVE-2007-3847"/>
+<severity level="3">moderate</severity>
+<title>mod_proxy crash</title>
+<description><p>
+A flaw was found in the Apache HTTP Server mod_proxy module. On sites where
+a reverse proxy is configured, a remote attacker could send a carefully
+crafted request that would cause the Apache child process handling that
+request to crash. On sites where a forward proxy is configured, an attacker
+could cause a similar crash if a user could be persuaded to visit a
+malicious site using the proxy. This could lead to a denial of service if
+using a threaded Multi-Processing Module.</p></description>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+<affects prod="httpd" version="2.0.36"/>
+<affects prod="httpd" version="2.0.35"/>
+</issue>
+
+<issue fixed="1.3.39" public="20070620" reported="20061019" released="20070907">
+<cve name="CVE-2006-5752"/>
+<severity level="3">moderate</severity>
+<title>mod_status cross-site scripting</title>
+<description><p>
+A flaw was found in the mod_status module. On sites where the
+server-status page is publicly accessible and ExtendedStatus is
+enabled this could lead to a cross-site scripting attack.
+Note that the server-status
+page is not enabled by default and it is best practice to not make
+this publicly available.</p></description>
+<affects prod="httpd" version="1.3.37"/>
+<affects prod="httpd" version="1.3.36"/>
+<affects prod="httpd" version="1.3.35"/>
+<affects prod="httpd" version="1.3.34"/>
+<affects prod="httpd" version="1.3.33"/>
+<affects prod="httpd" version="1.3.32"/>
+<affects prod="httpd" version="1.3.31"/>
+<affects prod="httpd" version="1.3.29"/>
+<affects prod="httpd" version="1.3.28"/>
+<affects prod="httpd" version="1.3.27"/>
+<affects prod="httpd" version="1.3.26"/>
+<affects prod="httpd" version="1.3.24"/>
+<affects prod="httpd" version="1.3.22"/>
+<affects prod="httpd" version="1.3.20"/>
+<affects prod="httpd" version="1.3.19"/>
+<affects prod="httpd" version="1.3.17"/>
+<affects prod="httpd" version="1.3.14"/>
+<affects prod="httpd" version="1.3.12"/>
+<affects prod="httpd" version="1.3.11"/>
+<affects prod="httpd" version="1.3.9"/>
+<affects prod="httpd" version="1.3.6"/>
+<affects prod="httpd" version="1.3.4"/>
+<affects prod="httpd" version="1.3.3"/>
+<affects prod="httpd" version="1.3.2"/>
+</issue>
+
+<issue fixed="2.0.61" public="20070620" reported="20061019" released="20070907">
+<cve name="CVE-2006-5752"/>
+<severity level="3">moderate</severity>
+<title>mod_status cross-site scripting</title>
+<description><p>
+A flaw was found in the mod_status module. On sites where the
+server-status page is publicly accessible and ExtendedStatus is
+enabled this could lead to a cross-site scripting attack.
+Note that the server-status
+page is not enabled by default and it is best practice to not make
+this publicly available.</p></description>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+<affects prod="httpd" version="2.0.36"/>
+<affects prod="httpd" version="2.0.35"/>
+</issue>
+
+<issue fixed="2.2.6" public="20070620" reported="20061019" released="20070907">
+<cve name="CVE-2006-5752"/>
+<severity level="3">moderate</severity>
+<title>mod_status cross-site scripting</title>
+<description><p>
+A flaw was found in the mod_status module. On sites where the
+server-status page is publicly accessible and ExtendedStatus is
+enabled this could lead to a cross-site scripting attack.
+Note that the server-status
+page is not enabled by default and it is best practice to not make
+this publicly available.</p></description>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.0.61" public="20070619" reported="20060515" released="20070907">
+<cve name="CVE-2007-3304"/>
+<severity level="3">moderate</severity>
+<title>Signals to arbitrary processes</title>
+<description><p>The Apache HTTP server did not verify that a process
+was an Apache child process before sending it signals. A local
+attacker with the ability to run scripts on the HTTP server could
+manipulate the scoreboard and cause arbitrary processes to be
+terminated which could lead to a denial of service.</p></description>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+<affects prod="httpd" version="2.0.36"/>
+<affects prod="httpd" version="2.0.35"/>
+</issue>
+
+<issue fixed="2.2.6" public="20070619" reported="20060515" released="20070907">
+<cve name="CVE-2007-3304"/>
+<severity level="3">moderate</severity>
+<title>Signals to arbitrary processes</title>
+<description><p>The Apache HTTP server did not verify that a process
+was an Apache child process before sending it signals. A local
+attacker with the ability to run scripts on the HTTP server could
+manipulate the scoreboard and cause arbitrary processes to be
+terminated which could lead to a denial of service.</p></description>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="1.3.39" public="20070619" reported="20060515" released="20070907">
+<cve name="CVE-2007-3304"/>
+<severity level="3">moderate</severity>
+<title>Signals to arbitrary processes</title>
+<description><p>The Apache HTTP server did not verify that a process
+was an Apache child process before sending it signals. A local
+attacker with the ability to run scripts on the HTTP server could
+manipulate the scoreboard and cause arbitrary processes to be
+terminated which could lead to a denial of service.</p></description>
+<affects prod="httpd" version="1.3.37"/>
+<affects prod="httpd" version="1.3.36"/>
+<affects prod="httpd" version="1.3.35"/>
+<affects prod="httpd" version="1.3.34"/>
+<affects prod="httpd" version="1.3.33"/>
+<affects prod="httpd" version="1.3.32"/>
+<affects prod="httpd" version="1.3.31"/>
+<affects prod="httpd" version="1.3.29"/>
+<affects prod="httpd" version="1.3.28"/>
+<affects prod="httpd" version="1.3.27"/>
+<affects prod="httpd" version="1.3.26"/>
+<affects prod="httpd" version="1.3.24"/>
+<affects prod="httpd" version="1.3.22"/>
+<affects prod="httpd" version="1.3.20"/>
+<affects prod="httpd" version="1.3.19"/>
+<affects prod="httpd" version="1.3.17"/>
+<affects prod="httpd" version="1.3.14"/>
+<affects prod="httpd" version="1.3.12"/>
+<affects prod="httpd" version="1.3.11"/>
+<affects prod="httpd" version="1.3.9"/>
+<affects prod="httpd" version="1.3.6"/>
+<affects prod="httpd" version="1.3.4"/>
+<affects prod="httpd" version="1.3.3"/>
+<affects prod="httpd" version="1.3.2"/>
+<affects prod="httpd" version="1.3.1"/>
+<affects prod="httpd" version="1.3.0"/>
+</issue>
+
+<issue fixed="2.2.6" public="20070601" reported="20070426" released="20070907">
+<cve name="CVE-2007-1862"/>
+<severity level="3">moderate</severity>
+<title>mod_cache information leak</title>
+<description>
+<p>The recall_headers function in mod_mem_cache in Apache 2.2.4 did not
+properly copy all levels of header data, which can cause Apache to
+return HTTP headers containing previously used data, which could be
+used by remote attackers to obtain potentially sensitive information.
+</p></description>
+<affects prod="httpd" version="2.2.4"/>
+</issue>
+
+<issue fixed="2.0.61" public="20070618" reported="20070502" released="20070907">
+<cve name="CVE-2007-1863"/>
+<severity level="3">moderate</severity>
+<title>mod_cache proxy DoS</title>
+<description>
+<p>A bug was found in the mod_cache module. On sites where
+caching is enabled, a remote attacker could send a carefully crafted
+request that would cause the Apache child process handling that request to
+crash. This could lead to a denial of service if using a threaded
+Multi-Processing Module.</p></description>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+</issue>
+
+<issue fixed="2.2.6" public="20070618" reported="20070502" released="20070907">
+<cve name="CVE-2007-1863"/>
+<severity level="3">moderate</severity>
+<title>mod_cache proxy DoS</title>
+<description>
+<p>A bug was found in the mod_cache module. On sites where
+caching is enabled, a remote attacker could send a carefully crafted
+request that would cause the Apache child process handling that request to
+crash. This could lead to a denial of service if using a threaded
+Multi-Processing Module.</p></description>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.3" public="20060727" reported="20060721" released="20060727">
+<cve name="CVE-2006-3747"/>
+<severity level="2">important</severity>
+<title>mod_rewrite off-by-one error</title>
+<description>
+<p>
+An off-by-one flaw exists in the Rewrite module, mod_rewrite.
+Depending on the manner in which Apache httpd was compiled, this
+software defect may result in a vulnerability which, in combination
+with certain types of Rewrite rules in the web server configuration
+files, could be triggered remotely. For vulnerable builds, the nature
+of the vulnerability can be denial of service (crashing of web server
+processes) or potentially allow arbitrary code execution.
+</p>
+</description>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.0.59" public="20060727" reported="20060721" released="20060727">
+<cve name="CVE-2006-3747"/>
+<severity level="2">important</severity>
+<title>mod_rewrite off-by-one error</title>
+<description>
+<p>
+An off-by-one flaw exists in the Rewrite module, mod_rewrite.
+Depending on the manner in which Apache httpd was compiled, this
[... 1949 lines stripped ...]