Download
| Alert*
oval:org.secpod.oval:def:43037
The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation could allow attackers to obtain sensitive information that ... oval:org.secpod.oval:def:1000683 The remote host is missing a patch 152644-06 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:113556 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:53141 Hanno Boeck discovered that incorrect parsing of Limit directives of .htaccess files by the Apache HTTP Server could result in memory disclosure. oval:org.secpod.oval:def:502150 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker ... oval:org.secpod.oval:def:204571 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker ... oval:org.secpod.oval:def:114362 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:504850 The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of version 2.4 of the Apache HTTP Server, along with the mod_auth_kerb module. The following packages have been upgraded to a later upstream version: httpd24-httpd . Secu ... oval:org.secpod.oval:def:89044925 This update for apache2 fixes the following issues: - Allow disabling SNI on proxy connections using SetEnv proxy-disable-sni 1 in the configuration files. - Allow ECDH again in mod_ssl, it had been incorrectly disabled with the 2.2.34 update. Following security issue has been fixed: - CVE-2017-97 ... oval:org.secpod.oval:def:89044755 This update for apache2 fixes the following security issue: - CVE-2017-9798: Prevent use-after-free use of memory that allowed for an information leak via OPTIONS . oval:org.secpod.oval:def:502156 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker ... oval:org.secpod.oval:def:51894 apache2: Apache HTTP server Apache HTTP Server could be made to expose sensitive information over the network. oval:org.secpod.oval:def:2101666 Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user"s .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends ... oval:org.secpod.oval:def:204577 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker ... oval:org.secpod.oval:def:83781 The host is installed with Apache http server through 2.2.34 and 2.4.x through 2.4.27 and is prone to a use after free vulnerability. A flaw is present in the application, which fails to handle issues in unrecognized method in .htaccess ("OptionsBleed"). Successful exploitation could allow remote at ... oval:org.secpod.oval:def:1600776 Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user"s .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. ... oval:org.secpod.oval:def:113262 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:1000707 The remote host is missing a patch 152643-06 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1502033 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:603112 Hanno Boeck discovered that incorrect parsing of Limit directives of .htaccess files by the Apache HTTP Server could result in memory disclosure. oval:org.secpod.oval:def:1502039 Several security issues were fixed in httpd. oval:org.secpod.oval:def:703803 apache2: Apache HTTP server Apache HTTP Server could be made to expose sensitive information over the network. oval:org.secpod.oval:def:43036 The host is installed with Apple Mac OS 10.13.1 or 10.12.6 or 10.11.6 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory. |