Download
| Alert*
|
oval:org.secpod.oval:def:42679
The host is installed with Apache HTTP Server 2.4.18 through 2.4.20 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a SSL client certificate validation. Successful exploitation could allow remote attackers to access resources protected by ... oval:org.secpod.oval:def:1800074 The Apache HTTPD web server did not validate a X509 client certificate correctly when experimental module for the HTTP/2 protocol is used to access a resource. The net result is that a resource that should require a valid client certificate in order to get access can be accessed without that creden ... oval:org.secpod.oval:def:110867 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:110847 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:1800470 The Apache HTTPD web server did not validate a X509 client certificate correctly when experimental module for the HTTP/2 protocol is used to access a resource. The net result is that a resource that should require a valid client certificate in order to get access can be accessed without that creden ... oval:org.secpod.oval:def:505010 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly use ... |
