cpe:/a:apache:http_server:2.2.0 cpe:/a:apache:http_server:2.2.2 cpe:/a:apache:http_server:2.2.3 cpe:/a:apache:http_server:2.2.11 cpe:/a:apache:http_server:2.2.12 cpe:/a:apache:http_server:2.2.13 cpe:/a:apache:http_server:2.2.14 cpe:/a:apache:http_server:2.2.15 cpe:/a:apache:http_server:2.2.16 cpe:/a:apache:http_server:2.2.17 cpe:/a:apache:http_server:2.2.18 cpe:/a:apache:http_server:2.2.19 cpe:/a:apache:http_server:2.2.20 cpe:/a:apache:http_server:2.2.21 cpe:/a:apache:http_server:2.2.22 cpe:/a:apache:http_server:2.2.23 cpe:/a:apache:http_server:2.2.24 cpe:/a:apache:http_server:2.2.25 cpe:/a:apache:http_server:2.2.26 cpe:/a:apache:http_server:2.2.27 cpe:/a:apache:http_server:2.2.29 cpe:/a:apache:http_server:2.2.30 cpe:/a:apache:http_server:2.2.31 cpe:/a:apache:http_server:2.2.32 cpe:/a:apache:http_server:2.4.1 cpe:/a:apache:http_server:2.4.2 cpe:/a:apache:http_server:2.4.10 cpe:/a:apache:http_server:2.4.12 cpe:/a:apache:http_server:2.4.16 cpe:/a:apache:http_server:2.4.17 cpe:/a:apache:http_server:2.4.18 cpe:/a:apache:http_server:2.4.20 cpe:/a:apache:http_server:2.4.23 cpe:/a:apache:http_server:2.4.25 CVE-2017-3169 2017-06-19T21:29:00.360-04:00 2019-02-07T06:29:03.083-05:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov SECTRACK 1038711 BID 99134 DEBIAN DSA-3896 GENTOO GLSA-201710-32 REDHAT RHSA-2017:2478 REDHAT RHSA-2017:2479 REDHAT RHSA-2017:2483 REDHAT RHSA-2017:3193 REDHAT RHSA-2017:3194 REDHAT RHSA-2017:3195 REDHAT RHSA-2017:3475 REDHAT RHSA-2017:3476 REDHAT RHSA-2017:3477 MLIST [dev] 20170619 CVE-2017-3169: mod_ssl null pointer dereference CONFIRM http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html MISC https://github.com/gottburgm/Exploits/tree/master/CVE-2017-3169 CONFIRM https://security.netapp.com/advisory/ntap-20180601-0002/ CONFIRM https://support.apple.com/HT208221 CONFIRM https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03908en_us CONFIRM https://www.nomachine.com/SU08O00185 In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.