Download
| Alert*
oval:org.secpod.oval:def:2500729
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:605646 Several vulnerabilities have been found in the Apache HTTP server, which could result in denial of service. In addition a vulnerability was discovered in mod_proxy with which an attacker could trick the server to forward requests to arbitrary origin servers. oval:org.secpod.oval:def:4501027 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: Request splitting via HTTP/2 method injection and mod_proxy * httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path * httpd: possible NULL dereference or ... oval:org.secpod.oval:def:1505672 mod_http2 [1.15.7-5] - Resolves: #2035030 - CVE-2021-44224 httpd:2.4/httpd: possible NULL dereference or SSRF in forward proxy configurations [1.15.7-4] - Resolves: #1966728 - CVE-2021-33193 httpd:2.4/mod_http2: httpd: Request splitting via HTTP/2 method injection and mod_proxy mod_md oval:org.secpod.oval:def:506932 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: Request splitting via HTTP/2 method injection and mod_proxy * httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path * httpd: possible NULL dereference or ... oval:org.secpod.oval:def:120754 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:75917 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:706154 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:507178 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: mod_sed: Read/write beyond bounds * httpd: Request splitting via HTTP/2 method injection and mod_proxy * httpd: NULL pointer dereference via malformed requests * httpd: mod_ ... oval:org.secpod.oval:def:75877 Several vulnerabilities have been found in the Apache HTTP server, which could result in denial of service. In addition a vulnerability was discovered in mod_proxy with which an attacker could trick the server to forward requests to arbitrary origin servers. oval:org.secpod.oval:def:89045728 This update for apache2 fixes the following issues: - CVE-2021-40438: Fixed a SRF via a crafted request uri-path. - CVE-2021-36160: Fixed an out-of-bounds read via a crafted request uri-path. - CVE-2021-39275: Fixed an out-of-bounds write in ap_escape_quotes via malicious input. - CVE-2021-34798: ... oval:org.secpod.oval:def:76091 The host is installed with Apache HTTP Server 2.4.30 through 2.4.48 and is prone to an out of bound read vulnerability. A flaw is present in the application, which fails to properly handle the crafted request uri-path. Successful exploitation could allows attackers to cause mod_proxy_uwsgi to read a ... oval:org.secpod.oval:def:89047110 This update for apache2 fixes the following issues: - CVE-2021-40438: Fixed a SRF via a crafted request uri-path. - CVE-2021-36160: Fixed an out-of-bounds read via a crafted request uri-path. - CVE-2021-39275: Fixed an out-of-bounds write in ap_escape_quotes via malicious input. - CVE-2021-34798: ... oval:org.secpod.oval:def:89971 The remote host is missing a patch 152644-11 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:89967 The remote host is missing a patch 152643-12 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1601485 A NULL pointer dereference was found in Apache httpd mod_h2. The highest threat from this flaw is to system integrity. A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to s ... oval:org.secpod.oval:def:2107042 Oracle Solaris 11 - ( CVE-2021-42013 ) oval:org.secpod.oval:def:1700725 A NULL pointer dereference was found in Apache httpd mod_h2. The highest threat from this flaw is to system integrity. A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to s ... |