Download
| Alert*
oval:org.secpod.oval:def:706269
apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:19500181 There's a null pointer dereference and server-side request forgery flaw in httpd's mod_proxy module, when it is configured to be used as a forward proxy. A crafted packet could be sent on the adjacent network to the forward proxy that could cause a crash, or potentially SSRF via misdirected Unix Dom ... oval:org.secpod.oval:def:4501080 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: mod_lua: Possible buffer overflow when parsing multipart content For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other rela ... oval:org.secpod.oval:def:78140 Two vulnerabilities have been discovered in the Apache HTTP server: CVE-2021-44224 When operating as a forward proxy, Apache was depending on the setup suspectible to denial of service or Server Side Request forgery. CVE-2021-44790 A buffer overflow in mod_lua may result in denial of service or pote ... oval:org.secpod.oval:def:1700803 There's a null pointer dereference and server-side request forgery flaw in httpd's mod_proxy module, when it is configured to be used as a forward proxy. A crafted packet could be sent on the adjacent network to the forward proxy that could cause a crash, or potentially SSRF via misdirected Unix Dom ... oval:org.secpod.oval:def:506654 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: mod_lua: Possible buffer overflow when parsing multipart content * httpd: mod_session: Heap overflow via a crafted SessionHeader value * httpd: NULL pointer dereference via m ... oval:org.secpod.oval:def:2107137 Oracle Solaris 11 - ( CVE-2021-44790 ) oval:org.secpod.oval:def:89045900 This update for apache2 fixes the following issues: - CVE-2021-44224: Fixed NULL dereference or SSRF in forward proxy configurations. - CVE-2021-44790: Fixed buffer overflow when parsing multipart content in mod_lua oval:org.secpod.oval:def:89047523 This update for apache2 fixes the following issues: Apache2 was updated to the current stable version 2.4.51 It fixes all CVEs and selected bugs represented by patches found between 2.4.23 and 2.4.51. See https://downloads.apache.org/httpd/CHANGES_2.4 for a complete change log. Also fixed: - CVE-20 ... oval:org.secpod.oval:def:121783 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:89046030 This update for apache2 fixes the following issues: - CVE-2021-44224: Fixed NULL dereference or SSRF in forward proxy configurations - CVE-2021-44790: Fixed a buffer overflow when parsing multipart content in mod_lua This update also enables TLS 1.3 support, by building against openssl 1.1 [jsc#SL ... oval:org.secpod.oval:def:89045929 This update for apache2 fixes the following issues: - CVE-2021-44224: Fixed NULL dereference or SSRF in forward proxy configurations. - CVE-2021-44790: Fixed buffer overflow when parsing multipart content in mod_lua oval:org.secpod.oval:def:78176 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:506663 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: mod_lua: Possible buffer overflow when parsing multipart content For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other rela ... oval:org.secpod.oval:def:205932 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: mod_lua: Possible buffer overflow when parsing multipart content * httpd: mod_session: Heap overflow via a crafted SessionHeader value * httpd: NULL pointer dereference via m ... oval:org.secpod.oval:def:1505425 httpd [2.4.37-43.1.0.1] - scoreboard: fix null pointer deference [Orabug: 33690670][CVE-2021-34798] - fix ap_escape_quote logic [Orabug: 33690686][CVE-2021-39275] - Set vstring per ORACLE_SUPPORT_PRODUCT [Orabug: 29892262] - Replace index.html with Oracle"s index page oracle_index.html. [2.4.37-43.1 ... oval:org.secpod.oval:def:2500522 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:121354 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:89972 The remote host is missing a patch 152644-13 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:506791 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: mod_lua: Possible buffer overflow when parsing multipart content For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other rela ... oval:org.secpod.oval:def:76612 A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerability though it might be possible to craft one. oval:org.secpod.oval:def:76610 The host is installed with Apache HTTP Server through 2.4.51 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted request body. Successful exploitation could allow attackers to cause a buffer overflow in the mod_lua multipart ... oval:org.secpod.oval:def:1601510 There's a null pointer dereference and server-side request forgery flaw in httpd's mod_proxy module, when it is configured to be used as a forward proxy. A crafted packet could be sent on the adjacent network to the forward proxy that could cause a crash, or potentially SSRF via misdirected Unix Dom ... oval:org.secpod.oval:def:506678 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: mod_lua: Possible buffer overflow when parsing multipart content For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other rela ... oval:org.secpod.oval:def:1505434 [2.4.6-97.0.5.4] - mod_session: save one apr_strtok [Orabug: 33338149][CVE-2021-26690] - replace index.html with Oracle"s index page oracle_index.html [2.4.6-97.4] - Resolves: #2031072 - CVE-2021-34798 httpd: NULL pointer dereference via malformed requests - Resolves: #2031074 - CVE-2021-39275 httpd ... oval:org.secpod.oval:def:121800 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:89968 The remote host is missing a patch 152643-13 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:605732 Two vulnerabilities have been discovered in the Apache HTTP server: CVE-2021-44224 When operating as a forward proxy, Apache was depending on the setup suspectible to denial of service or Server Side Request forgery. CVE-2021-44790 A buffer overflow in mod_lua may result in denial of service or pote ... oval:org.secpod.oval:def:80148 The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple issues. Successful exploitation allow attackers to execute arbitrary code, cause denial of service or di ... oval:org.secpod.oval:def:80065 The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple issues. Successful exploitation allow attackers to execute arbitrary code, cause denial of service or di ... oval:org.secpod.oval:def:80066 The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple issues. Successful exploitation allow attackers to execute arbitrary code, cause denial of service or di ... oval:org.secpod.oval:def:80131 The host is installed with Apple Mac OS X 10.15.7, Apple Mac OS 12 before 12.4 or Apple Mac OS before 11.6.6 and is prone to a multiple vulnerabilities. A flaw is present in the application, which fails to properly handle a validation issue. On successful exploitation, processing a maliciously craft ... |