RHSA-2019:0746-01 -- Redhat httpd24-httpd, httpd24-mod_auth_mellonID: oval:org.secpod.oval:def:505035 | Date: (C)2021-01-29 (M)2024-01-29 |
Class: PATCH | Family: unix |
The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of version 2.4 of the Apache HTTP Server, along with the mod_auth_kerb module. Security Fix: * httpd: privilege escalation from modules scripts * mod_auth_mellon: authentication bypass in ECP flow For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 7 |
Red Hat Enterprise Linux 6 |
Product: |
httpd24-httpd |
httpd24-mod_auth_mellon |