Download
| Alert*
oval:org.secpod.oval:def:89048492
This update for apache2 fixes the following issues: * CVE-2023-27522: Fixed HTTP response splitting in mod_proxy_uwsgi . * CVE-2023-25690: Fixed HTTP request splitting with mod_rewrite and mod_proxy . The following non-security bugs were fixed: * Fixed passing health check does not recover worker fr ... oval:org.secpod.oval:def:89378 Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in HTTP response splitting or denial of service. oval:org.secpod.oval:def:89048590 This update for apache2 fixes the following issues: * CVE-2023-27522: Fixed HTTP response splitting in mod_proxy_uwsgi . * CVE-2023-25690: Fixed HTTP request splitting with mod_rewrite and mod_proxy . The following non-security bugs were fixed: * Fixed passing health check does not recover worker fr ... oval:org.secpod.oval:def:2107998 Oracle Solaris 11 - ( CVE-2023-25690 ) oval:org.secpod.oval:def:89390 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:5800161 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: HTTP request splitting with mod_rewrite and mod_proxy For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related informa ... oval:org.secpod.oval:def:19500204 Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-suppli ... oval:org.secpod.oval:def:507603 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: HTTP request splitting with mod_rewrite and mod_proxy For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related informa ... oval:org.secpod.oval:def:1701229 Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-suppli ... oval:org.secpod.oval:def:89048511 This update for apache2 fixes the following issues: * CVE-2023-27522: Fixed HTTP response splitting in mod_proxy_uwsgi . * CVE-2023-25690: Fixed HTTP request splitting with mod_rewrite and mod_proxy . The following non-security bugs were fixed: * Fixed mod_proxy handling of very long urls * Fixed p ... oval:org.secpod.oval:def:89048510 This update for apache2 fixes the following issues: * CVE-2023-25690: Fixed HTTP request splitting with mod_rewrite and mod_proxy . The following non-security bugs were fixed: * Fixed passing health check does not recover worker from its error state . oval:org.secpod.oval:def:89406 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:89048594 This update for apache2 fixes the following issues: * CVE-2023-27522: Fixed HTTP response splitting in mod_proxy_uwsgi . * CVE-2023-25690: Fixed HTTP request splitting with mod_rewrite and mod_proxy . The following non-security bugs were fixed: * Fixed mod_proxy handling of very long urls * Fixed p ... oval:org.secpod.oval:def:1506504 httpd [2.4.53-7.0.1.5] - Replace index.html with Oracle"s index page oracle_index.html. [2.4.53-7.5] - Resolves: #2177751 - CVE-2023-25690 httpd: HTTP request splitting with mod_rewrite and mod_proxy mod_http2 [1.15.19-3.5] - Resolves: #2177751 - CVE-2023-25690 httpd: HTTP request splitting with mod ... oval:org.secpod.oval:def:1506988 httpd [2.4.37-56.0.1.7] - Resolves: #2176723 - CVE-2023-27522 httpd:2.4/httpd: mod_proxy_uwsgi HTTP response splitting [2.4.37-56.0.1.6] - Set vstring per ORACLE_SUPPORT_PRODUCT [Orabug: 29892262] - Replace index.html with Oracle"s index page oracle_index.html [2.4.37-56.6] - Resolves: #2190133 - mo ... oval:org.secpod.oval:def:125146 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:1506505 httpd [2.4.37-51.5.0.1] - Set vstring per ORACLE_SUPPORT_PRODUCT [Orabug: 29892262] - Replace index.html with Oracle"s index page oracle_index.html [2.4.37-51.5] - Resolves: #2177747 - CVE-2023-25690 httpd:2.4/httpd: HTTP request splitting with mod_rewrite and mod_proxy [2.4.37-51.1] - Resolves: #21 ... oval:org.secpod.oval:def:708017 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:125196 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:507591 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: HTTP request splitting with mod_rewrite and mod_proxy For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related informa ... oval:org.secpod.oval:def:1601666 A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier. Inconsistent Interpretation of HTTP Requests vuln ... oval:org.secpod.oval:def:2600180 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:508046 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. The following packages have been upgraded to a later upstream version: httpd . Security Fix: httpd: mod_proxy_uwsgi HTTP response splitting For more details about the security issue, including the ... oval:org.secpod.oval:def:507598 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: HTTP request splitting with mod_rewrite and mod_proxy For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related informa ... oval:org.secpod.oval:def:1506499 [2.4.6-98.0.3] - mod_proxy: ap_proxy_http_request to clear hop-by-hop first and fixup last [CVE-2022-31813][Orabug: 34381850] - mod_session: save one apr_strtok [Orabug: 33338149][CVE-2021-26690] [2.4.6-98.0.1] - replace index.html with Oracle"s index page oracle_index.html [2.4.6-97.7] - Resolves: ... oval:org.secpod.oval:def:610452 Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in HTTP response splitting or denial of service. oval:org.secpod.oval:def:2501039 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:4501405 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: HTTP request splitting with mod_rewrite and mod_proxy For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related informa ... oval:org.secpod.oval:def:88228 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:87972 The host is installed with Apache HTTP Server 2.4.0 through 2.4.55 and is prone to a HTTP request smuggling vulnerability. A flaw is present in the application, which fails to properly handle some mod_proxy configurations. Successful exploitation could allows attackers to bypass access controls in t ... oval:org.secpod.oval:def:97266 The remote host is missing a patch 152643-17 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:97267 The remote host is missing a patch 152644-17 containing a security fix. For more information please visit the reference link. |