Download
| Alert*
|
oval:org.secpod.oval:def:89043980
This update for apache2 fixes several issues. These security issues were fixed: - CVE-2017-9789: When under stress the HTTP/2 handling code would sometimes access memory after it has been freed, resulting in potentially erratic behaviour . - CVE-2017-7659: A maliciously constructed HTTP/2 request c ... oval:org.secpod.oval:def:42628 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to a read after free vulnerability. A flaw is present in the application, which fails to properly handle stress while closing multiple connections. Successful exploitation allows remote attackers to access memory after it has bee ... oval:org.secpod.oval:def:41601 The host is installed with Apache HTTP Server 2.4.26 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle HTTP/2 handling code. Successful exploitation could allow remote attackers to access memory after it has been freed, resulting in po ... oval:org.secpod.oval:def:54501 The host is installed with Apple Mac OS 10.8 through 10.13 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle the authentication API. Successful exploitation allows remote attackers to bypass required authentication if the API was used ... oval:org.secpod.oval:def:1000692 The remote host is missing a patch 152644-05 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:42910 The host is missing a security update according to Apple advisory, APPLE-SA-2017-10-31-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:1000635 The remote host is missing a patch 152643-05 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:2101165 A maliciously constructed HTTP/2 request could cause mod_http2 in Apache HTTP Server 2.4.24, 2.4.25 to dereference a NULL pointer and crash the server process. |
