Download
| Alert*
|
oval:org.secpod.oval:def:63828
The host is installed with Apache HTTP Server 2.4.0 through 2.4.41 and is prone to an uninitialized resource usage vulnerability. A flaw is present in the application, which fails to properly handle an issue in mod_proxy_ftp. Successful exploitation could allow attackers to cause the usage of uninit ... oval:org.secpod.oval:def:64032 Oracle Solaris 11 - ( CVE-2020-1934 ) oval:org.secpod.oval:def:67017 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:1601139 In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized me ... oval:org.secpod.oval:def:1000857 The remote host is missing a patch 152644-09 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1000867 The remote host is missing a patch 152643-09 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1700335 In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server. In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead t ... oval:org.secpod.oval:def:65176 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:504295 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: Improper handling of headers in mod_session can allow a remote user to modify session data for CGI applications * httpd: Out of bounds read in mod_cache_socache can allow a re ... oval:org.secpod.oval:def:205642 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: Improper handling of headers in mod_session can allow a remote user to modify session data for CGI applications * httpd: Out of bounds read in mod_cache_socache can allow a re ... oval:org.secpod.oval:def:1504426 [2.4.6-95.0.1] - replace index.html with Oracles index page oracle_index.html [2.4.6-95] - Resolves: #1823262 - CVE-2020-1934 httpd: mod_proxy_ftp use of uninitialized value [2.4.6-94] - Resolves: #1565491 - CVE-2017-15715 httpd: bypass with a trailing newline in the file name - Resolves: #1747283 - ... oval:org.secpod.oval:def:68002 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. The following packages have been upgraded to a later upstream version: mod_http2 . Security Fix: * httpd: memory corruption on early pushes * httpd: read-after-free in h2 connection shutdown * htt ... oval:org.secpod.oval:def:504725 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. The following packages have been upgraded to a later upstream version: mod_http2 . Security Fix: * httpd: memory corruption on early pushes * httpd: read-after-free in h2 connection shutdown * htt ... oval:org.secpod.oval:def:1504457 httpd [2.4.37-13.0.1] - Set vstring per ORACLE_SUPPORT_PRODUCT [Orabug: 29892262] - Replace index.html with Oracles index page oracle_index.html [2.4.37-30] - Resolves: #1209162 - support logging to journald from CustomLog [2.4.37-29] - Resolves: #1823263 - CVE-2020-1934 httpd: mod_proxy_ftp use of ... oval:org.secpod.oval:def:2500144 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:89000213 This update for apache2 fixes the following issues: - CVE-2020-1934: mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server . - CVE-2020-1927: mod_rewrite configurations vulnerable to open redirect . - CVE-2020-1938: mod_proxy_ajp: Add quot;secretquot; parameter to proxy ... oval:org.secpod.oval:def:89000683 This update for apache2 fixes the following issues: - CVE-2020-1934: mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server . - CVE-2020-1938: mod_proxy_ajp: Add quot;secretquot; parameter to proxy workers to implement legacy AJP13 authentication . oval:org.secpod.oval:def:89000425 This update for apache2 fixes the following issues: - CVE-2020-1934: mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server . - CVE-2020-1927: mod_rewrite configurations vulnerable to open redirect . - CVE-2020-1938: mod_proxy_ajp: Add quot;secretquot; parameter to proxy ... oval:org.secpod.oval:def:118648 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:118680 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:605004 Several vulnerabilities have been found in the Apache HTTPD server. CVE-2020-1927 Fabrice Perez reported that certain mod_rewrite configurations are prone to an open redirect. CVE-2020-1934 Chamal De Silva discovered that the mod_proxy_ftp module uses uninitialized memory when proxying to a maliciou ... oval:org.secpod.oval:def:65175 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:67016 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:705580 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:66750 Several vulnerabilities have been found in the Apache HTTPD server. CVE-2020-1927 Fabrice Perez reported that certain mod_rewrite configurations are prone to an open redirect. CVE-2020-1934 Chamal De Silva discovered that the mod_proxy_ftp module uses uninitialized memory when proxying to a maliciou ... oval:org.secpod.oval:def:67027 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. |
