Download
| Alert*
|
oval:org.secpod.oval:def:116999
This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. These will be configured for managed domains and their virtual hosts automatically. This includes renewal of certificates before they expir ... oval:org.secpod.oval:def:116998 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:58232 The host is installed with Apache HTTP Server 2.4.33 through 2.4.38 and is prone to a stack buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle specially crafted PROXY headers. Successful exploitation could allow attackers to trigger a stack buffer ove ... oval:org.secpod.oval:def:1700256 A cross-site scripting vulnerability was found in Apache httpd, affecting the mod_proxy error page. Under certain circumstances, a crafted link could inject content into the HTML displayed in the error page, potentially leading to client-side exploitation.A vulnerability was discovered in Apache htt ... oval:org.secpod.oval:def:68002 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. The following packages have been upgraded to a later upstream version: mod_http2 . Security Fix: * httpd: memory corruption on early pushes * httpd: read-after-free in h2 connection shutdown * htt ... oval:org.secpod.oval:def:504725 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. The following packages have been upgraded to a later upstream version: mod_http2 . Security Fix: * httpd: memory corruption on early pushes * httpd: read-after-free in h2 connection shutdown * htt ... oval:org.secpod.oval:def:1504457 httpd [2.4.37-13.0.1] - Set vstring per ORACLE_SUPPORT_PRODUCT [Orabug: 29892262] - Replace index.html with Oracles index page oracle_index.html [2.4.37-30] - Resolves: #1209162 - support logging to journald from CustomLog [2.4.37-29] - Resolves: #1823263 - CVE-2020-1934 httpd: mod_proxy_ftp use of ... oval:org.secpod.oval:def:2500144 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:90247 The remote host is missing a patch 152643-08 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:90249 The remote host is missing a patch 152644-08 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:69904 Several vulnerabilities have been found in the Apache HTTPD server. CVE-2019-9517 Jonathan Looney reported that a malicious client could perform a denial of service attack by flooding a connection with requests and basically never reading responses on the TCP connection. CVE-2019-10081 Craig Young ... oval:org.secpod.oval:def:89050824 This update for apache2 fixes the following issues: Security issues fixed: - CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to unconstrained interal data buffering . - CVE-2019-10081: Fixed mod_http2 that is vulnerable to memory corruption on early pushes . - CVE-2019-10082: Fixed m ... oval:org.secpod.oval:def:604505 Several vulnerabilities have been found in the Apache HTTPD server. CVE-2019-9517 Jonathan Looney reported that a malicious client could perform a denial of service attack by flooding a connection with requests and basically never reading responses on the TCP connection. CVE-2019-10081 Craig Young ... oval:org.secpod.oval:def:2105185 In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with prox ... oval:org.secpod.oval:def:58348 Several vulnerabilities have been found in the Apache HTTPD server. CVE-2019-9517 Jonathan Looney reported that a malicious client could perform a denial of service attack by flooding a connection with requests and basically never reading responses on the TCP connection. CVE-2019-10081 Craig Young ... oval:org.secpod.oval:def:1601069 A vulnerability was found in Apache httpd, in mod_http2. Under certain circumstances, HTTP/2 early pushes could lead to memory corruption, causing a server to crash.A read-after-free vulnerability was discovered in Apache httpd, in mod_http2. A specially crafted http/2 client session could cause the ... oval:org.secpod.oval:def:58420 apache2: Apache HTTP server Several security issues were fixed in Apache. oval:org.secpod.oval:def:504878 The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of version 2.4 of the Apache HTTP Server, along with the mod_auth_kerb module. Security Fix: * httpd: mod_session_cookie does not respect expiry time * httpd: mod_auth_di ... |
