Download
| Alert*
oval:org.secpod.oval:def:26137
The host is installed with Apache HTTP Server 2.4.x before 2.4.14 and is prone to a security bypass vulnerability. A flaw is present in the ap_some_auth_required function in server/request.c, which does not consider that a Require directive may be associated with an authorization setting rather than ... oval:org.secpod.oval:def:41600 The host is installed with Apache HTTP Server 2.2.x before 2.2.34 and 2.4.x before 2.4.27 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle mod_mime. Successful exploitation could allow remote attackers to leak confidential informati ... oval:org.secpod.oval:def:109132 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:108487 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:34701 The host is installed with Apache HTTP Server 2.4.10 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle long response headers. Successful exploitation could allow remote FastCGI servers to cause a denial of service (buffer over-read and dae ... oval:org.secpod.oval:def:108459 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:47260 The host is installed with Apache HTTP Server 2.2.x before 2.2.32 or 2.4.x before 2.4.24 and is prone to a CRLF Injection vulnerability. A flaw is present in the application, which fails to handle the Location or other outbound header key or value. Successful exploitation could allow remote attacker ... oval:org.secpod.oval:def:109370 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:1501134 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which htt ... oval:org.secpod.oval:def:203703 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which htt ... oval:org.secpod.oval:def:109306 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:501639 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which htt ... oval:org.secpod.oval:def:55064 The host is installed with Apache HTTP Server 2.4.x through 2.4.37 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle the mod_session expiry time check issue. Successful exploitation could allow attackers to ignore session expiry tim ... oval:org.secpod.oval:def:503200 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: Weak Digest auth nonce generation in mod_auth_digest For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related informat ... oval:org.secpod.oval:def:113556 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:114362 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:204571 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker ... oval:org.secpod.oval:def:204577 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker ... oval:org.secpod.oval:def:113262 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:1502033 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502039 Several security issues were fixed in httpd. oval:org.secpod.oval:def:204608 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * It was discovered that the httpd"s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote ... oval:org.secpod.oval:def:41596 The host is installed with Apache HTTP Server 2.2.x through 2.2.33 or 2.4.x before 2.4.26 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase. Success ... oval:org.secpod.oval:def:502150 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker ... oval:org.secpod.oval:def:502156 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker ... oval:org.secpod.oval:def:1600771 A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. It was discovered that the use of http ... oval:org.secpod.oval:def:502126 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * It was discovered that the httpd"s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote ... oval:org.secpod.oval:def:204546 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * It was discovered that the httpd"s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote ... oval:org.secpod.oval:def:502127 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * It was discovered that the httpd"s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote ... oval:org.secpod.oval:def:1501962 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501963 The advisory is missing the security advisory description. For more information please visit the reference link |