Download
| Alert*
oval:org.secpod.oval:def:42677
The host is installed with Apache HTTP Server 2.4.17 through 2.4.23 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle exceptional conditions. Successful exploitation could allow remote attackers to cause a denial of service. oval:org.secpod.oval:def:39597 The host is installed with Apple Mac OS X 10.8 before 10.13 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle crafted CONTINUATION frames in an HTTP/2 request. Successful exploitation could allow attackers to execute arbitrary cod ... oval:org.secpod.oval:def:89044909 This update for apache2 fixes the following issues: - CVE-2016-8740 Server memory can be exhausted and service denied when HTTP/2 is used [bsc#1013648] oval:org.secpod.oval:def:504960 The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of version 2.4 of the Apache HTTP Server, along with the mod_auth_kerb module. The httpd24 Software Collection has been upgraded to version 2.4.25, which provides a number ... oval:org.secpod.oval:def:2100460 The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service (memory consumption) via crafted CONTINUATION frames in an HTTP/2 request. oval:org.secpod.oval:def:1000780 The remote host is missing a patch 152644-03 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1800760 CVE-2016-0736: Padding Oracle in Apache mod_session_crypto. Affects: 2.4.1 to 2.4.23 Fixed in: 2.4.25 oval:org.secpod.oval:def:1000747 The remote host is missing a patch 152643-03 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:111701 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:111705 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:1800360 CVE-2016-0736: Padding Oracle in Apache mod_session_crypto Affects: 2.4.1 to 2.4.23 Fixed in: 2.4.25 oval:org.secpod.oval:def:42910 The host is missing a security update according to Apple advisory, APPLE-SA-2017-10-31-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:54501 The host is installed with Apple Mac OS 10.8 through 10.13 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle the authentication API. Successful exploitation allows remote attackers to bypass required authentication if the API was used ... oval:org.secpod.oval:def:39718 The host is missing a security update according to Apple advisory, APPLE-SA-2017-03-27-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... |