Download
| Alert*
oval:org.secpod.oval:def:2500729
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:89971 The remote host is missing a patch 152644-11 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:4501027 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: Request splitting via HTTP/2 method injection and mod_proxy * httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path * httpd: possible NULL dereference or ... oval:org.secpod.oval:def:120849 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:75920 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:1505672 mod_http2 [1.15.7-5] - Resolves: #2035030 - CVE-2021-44224 httpd:2.4/httpd: possible NULL dereference or SSRF in forward proxy configurations [1.15.7-4] - Resolves: #1966728 - CVE-2021-33193 httpd:2.4/mod_http2: httpd: Request splitting via HTTP/2 method injection and mod_proxy mod_md oval:org.secpod.oval:def:1505573 [2.4.37-43.0.3.3] - Resolves: CVE-2021-33193 a crafted method sent through HTTP/2 will bypass validation [Orabug: 33942809] oval:org.secpod.oval:def:506932 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: Request splitting via HTTP/2 method injection and mod_proxy * httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path * httpd: possible NULL dereference or ... oval:org.secpod.oval:def:75195 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:89047104 This update for apache2 fixes the following issues: - CVE-2021-33193: Fixed request splitting via HTTP/2 method injection and mod_proxy . oval:org.secpod.oval:def:1505575 [2.4.37-43.0.3.3] - Resolves: CVE-2021-33193 a crafted method sent through HTTP/2 will bypass validation [Orabug: 33942809] oval:org.secpod.oval:def:89967 The remote host is missing a patch 152643-12 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1601485 A NULL pointer dereference was found in Apache httpd mod_h2. The highest threat from this flaw is to system integrity. A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to s ... oval:org.secpod.oval:def:75917 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:2107042 Oracle Solaris 11 - ( CVE-2021-42013 ) oval:org.secpod.oval:def:706154 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:507178 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: mod_sed: Read/write beyond bounds * httpd: Request splitting via HTTP/2 method injection and mod_proxy * httpd: NULL pointer dereference via malformed requests * httpd: mod_ ... oval:org.secpod.oval:def:89045728 This update for apache2 fixes the following issues: - CVE-2021-40438: Fixed a SRF via a crafted request uri-path. - CVE-2021-36160: Fixed an out-of-bounds read via a crafted request uri-path. - CVE-2021-39275: Fixed an out-of-bounds write in ap_escape_quotes via malicious input. - CVE-2021-34798: ... oval:org.secpod.oval:def:1700725 A NULL pointer dereference was found in Apache httpd mod_h2. The highest threat from this flaw is to system integrity. A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to s ... oval:org.secpod.oval:def:89045577 This update for apache2 fixes the following issues: - CVE-2021-33193: Fixed request splitting via HTTP/2 method injection and mod_proxy . oval:org.secpod.oval:def:76089 The host is installed with Apache HTTP Server 2.4.17 through 2.4.48 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle a crafted method sent through HTTP/2. Successful exploitation could allows attackers to lead to request splitting ... |