Download
| Alert*
oval:org.secpod.oval:def:75909
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: mod_proxy: SSRF via a crafted request uri-path containing unix: * httpd: mod_session: Heap overflow via a crafted SessionHeader value For more details about the security issu ... oval:org.secpod.oval:def:89971 The remote host is missing a patch 152644-11 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:605646 Several vulnerabilities have been found in the Apache HTTP server, which could result in denial of service. In addition a vulnerability was discovered in mod_proxy with which an attacker could trick the server to forward requests to arbitrary origin servers. oval:org.secpod.oval:def:506353 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: mod_proxy: SSRF via a crafted request uri-path containing unix: For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other relat ... oval:org.secpod.oval:def:75920 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:506378 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: mod_proxy: SSRF via a crafted request uri-path containing unix: * httpd: mod_session: Heap overflow via a crafted SessionHeader value For more details about the security issu ... oval:org.secpod.oval:def:4501385 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:" * httpd: mod_session: Heap overflow via a crafted SessionHeader value For more details about the security is ... oval:org.secpod.oval:def:75195 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:89967 The remote host is missing a patch 152643-12 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1601485 A NULL pointer dereference was found in Apache httpd mod_h2. The highest threat from this flaw is to system integrity. A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to s ... oval:org.secpod.oval:def:75917 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:205909 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: mod_proxy: SSRF via a crafted request uri-path containing unix: For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other relat ... oval:org.secpod.oval:def:2107042 Oracle Solaris 11 - ( CVE-2021-42013 ) oval:org.secpod.oval:def:706154 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:507178 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: mod_sed: Read/write beyond bounds * httpd: Request splitting via HTTP/2 method injection and mod_proxy * httpd: NULL pointer dereference via malformed requests * httpd: mod_ ... oval:org.secpod.oval:def:75877 Several vulnerabilities have been found in the Apache HTTP server, which could result in denial of service. In addition a vulnerability was discovered in mod_proxy with which an attacker could trick the server to forward requests to arbitrary origin servers. oval:org.secpod.oval:def:506383 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: mod_proxy: SSRF via a crafted request uri-path containing unix: For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other relat ... oval:org.secpod.oval:def:506565 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: Regression of CVE-2021-40438 and CVE-2021-26691 fixes in Red Hat Enterprise Linux 8.5 For more details about the security issue, including the impact, a CVSS score, acknowledg ... oval:org.secpod.oval:def:89045728 This update for apache2 fixes the following issues: - CVE-2021-40438: Fixed a SRF via a crafted request uri-path. - CVE-2021-36160: Fixed an out-of-bounds read via a crafted request uri-path. - CVE-2021-39275: Fixed an out-of-bounds write in ap_escape_quotes via malicious input. - CVE-2021-34798: ... oval:org.secpod.oval:def:1505143 httpd [2.4.37-39.1.0.1.1] - Set vstring per ORACLE_SUPPORT_PRODUCT [Orabug: 29892262] - Replace index.html with Oracle"s index page oracle_index.html [2.4.37-39.1] - Resolves: #2007234 - CVE-2021-40438 httpd:2.4/httpd: mod_proxy: SSRF via a crafted request uri-path - Resolves: #2007646 - CVE-2021-26 ... oval:org.secpod.oval:def:2500482 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:89045697 This update for apache2 fixes the following issues: - CVE-2021-40438: Fixed a SRF via a crafted request uri-path. - CVE-2021-39275: Fixed an out-of-bounds write in ap_escape_quotes via malicious input. - CVE-2021-34798: Fixed a NULL pointer dereference via malformed requests oval:org.secpod.oval:def:1700725 A NULL pointer dereference was found in Apache httpd mod_h2. The highest threat from this flaw is to system integrity. A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to s ... oval:org.secpod.oval:def:1505149 [2.4.6-97.0.1.1] - replace index.html with Oracle"s index page oracle_index.html [2.4.6-97.1] - Resolves: #2011729 - CVE-2021-40438 httpd: mod_proxy: SSRF via a crafted request uri-path containing unix: oval:org.secpod.oval:def:89047110 This update for apache2 fixes the following issues: - CVE-2021-40438: Fixed a SRF via a crafted request uri-path. - CVE-2021-36160: Fixed an out-of-bounds read via a crafted request uri-path. - CVE-2021-39275: Fixed an out-of-bounds write in ap_escape_quotes via malicious input. - CVE-2021-34798: ... oval:org.secpod.oval:def:76093 The host is installed with Apache HTTP Server through 2.4.48 and is prone to a server-side request forgery (SSRF) vulnerability. A flaw is present in the application, which fails to properly handle a crafted request uri-path. Successful exploitation could allows attackers to cause mod_proxy to forwa ... oval:org.secpod.oval:def:120754 The Apache HTTP Server is a powerful, efficient, and extensible web server. |