Download
| Alert*
|
oval:org.secpod.oval:def:89378
Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in HTTP response splitting or denial of service. oval:org.secpod.oval:def:89048194 This update for apache2 fixes the following issues: - CVE-2022-37436: Fixed an issue in mod_proxy where a malicious backend could cause the response headers to be truncated early, resulting in some headers being incorporated into the response body . - CVE-2022-36760: Fixed an issue in mod_proxy_ajp ... oval:org.secpod.oval:def:1701181 A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier. Inconsistent Interpretation of HTTP Requests vuln ... oval:org.secpod.oval:def:2600158 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:2500943 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:19500067 A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier. Inconsistent Interpretation of HTTP Requests vuln ... oval:org.secpod.oval:def:507560 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: mod_dav: out-of-bounds read/write of zero byte * httpd: mod_proxy_ajp: Possible request smuggling * httpd: mod_proxy: HTTP response splitting For more details about the secu ... oval:org.secpod.oval:def:507546 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: mod_dav: out-of-bounds read/write of zero byte * httpd: mod_proxy_ajp: Possible request smuggling * httpd: mod_proxy: HTTP response splitting For more details about the secu ... oval:org.secpod.oval:def:89048238 This update for apache2 fixes the following issues: - CVE-2022-37436: Fixed an issue in mod_proxy where a malicious backend could cause the response headers to be truncated early, resulting in some headers being incorporated into the response body . - CVE-2022-36760: Fixed an issue in mod_proxy_ajp ... oval:org.secpod.oval:def:89048216 This update for apache2 fixes the following issues: - CVE-2022-37436: Fixed an issue in mod_proxy where a malicious backend could cause the response headers to be truncated early, resulting in some headers being incorporated into the response body . - CVE-2022-36760: Fixed an issue in mod_proxy_ajp ... oval:org.secpod.oval:def:4501219 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: mod_dav: out-of-bounds read/write of zero byte * httpd: mod_proxy_ajp: Possible request smuggling * httpd: mod_proxy: HTTP response splitting For more details about the secu ... oval:org.secpod.oval:def:89048236 This update for apache2 fixes the following issues: - CVE-2022-37436: Fixed an issue in mod_proxy where a malicious backend could cause the response headers to be truncated early, resulting in some headers being incorporated into the response body . - CVE-2022-36760: Fixed an issue in mod_proxy_ajp ... oval:org.secpod.oval:def:124950 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:1506988 httpd [2.4.37-56.0.1.7] - Resolves: #2176723 - CVE-2023-27522 httpd:2.4/httpd: mod_proxy_uwsgi HTTP response splitting [2.4.37-56.0.1.6] - Set vstring per ORACLE_SUPPORT_PRODUCT [Orabug: 29892262] - Replace index.html with Oracle"s index page oracle_index.html [2.4.37-56.6] - Resolves: #2190133 - mo ... oval:org.secpod.oval:def:1506505 httpd [2.4.37-51.5.0.1] - Set vstring per ORACLE_SUPPORT_PRODUCT [Orabug: 29892262] - Replace index.html with Oracle"s index page oracle_index.html [2.4.37-51.5] - Resolves: #2177747 - CVE-2023-25690 httpd:2.4/httpd: HTTP request splitting with mod_rewrite and mod_proxy [2.4.37-51.1] - Resolves: #21 ... oval:org.secpod.oval:def:3300330 SUSE Security Update: Security update for apache2 oval:org.secpod.oval:def:89445 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:707921 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:5800159 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: mod_dav: out-of-bounds read/write of zero byte * httpd: mod_proxy_ajp: Possible request smuggling * httpd: mod_proxy: HTTP response splitting For more details about the secu ... oval:org.secpod.oval:def:1601666 A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier. Inconsistent Interpretation of HTTP Requests vuln ... oval:org.secpod.oval:def:2107225 Oracle Solaris 11 - ( CVE-2022-36760 ) oval:org.secpod.oval:def:124900 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:610452 Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in HTTP response splitting or denial of service. oval:org.secpod.oval:def:1506451 [2.4.53-7.0.1] - Replace index.html with Oracle"s index page oracle_index.html. [2.4.53-7.1] - Resolves: #2165975 - prevent sscg creating /dhparams.pem - Resolves: #2165970 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write of zero byte - Resolves: #2165973 - CVE-2022-37436 httpd: mod_proxy: ... oval:org.secpod.oval:def:89048189 This update for apache2 fixes the following issues: - CVE-2022-37436: Fixed an issue in mod_proxy where a malicious backend could cause the response headers to be truncated early, resulting in some headers being incorporated into the response body . - CVE-2022-36760: Fixed an issue in mod_proxy_ajp ... oval:org.secpod.oval:def:1506439 httpd [2.4.37-51.0.1.1] - Set vstring per ORACLE_SUPPORT_PRODUCT [Orabug: 29892262] - Replace index.html with Oracle"s index page oracle_index.html [2.4.37-51.1] - Resolves: #2165967 - prevent sscg creating /dhparams.pem - Resolves: #2165976 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write ... oval:org.secpod.oval:def:97705 [CLSA-2023:1675111939] httpd: Fix of CVE-2022-36760 oval:org.secpod.oval:def:87751 The host is installed with Apache Http Server 2.4.0 through 2.4.54 and is prone to a HTTP request smuggling vulnerability. A flaw is present in the application, which fails to handle issues in mod_proxy_ajp function. Successful exploitation could allow attackers to smuggle requests to the AJP server ... oval:org.secpod.oval:def:97266 The remote host is missing a patch 152643-17 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:97267 The remote host is missing a patch 152644-17 containing a security fix. For more information please visit the reference link. |
