- -------------------------------------------------------------------------
Debian Security Advisory DSA-5035-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
January 04, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : apache2
CVE ID : CVE-2021-44224 CVE-2021-44790
Two vulnerabilities have been discovered in the Apache HTTP server:
CVE-2021-44224
When operating as a forward proxy, Apache was depending on the setup
suspectible to denial of service or Server Side Request forgery.
CVE-2021-44790
A buffer overflow in mod_lua may result in denial of service or
potentially the execution of arbitrary code.
For the oldstable distribution (buster), these problems have been fixed
in version 2.4.38-3+deb10u7.
For the stable distribution (bullseye), these problems have been fixed in
version 2.4.52-1~deb11u2.
We recommend that you upgrade your apache2 packages.
For the detailed security status of apache2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/apache2
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
{"osv": [{"lastseen": "2022-08-10T07:20:35", "description": "\nTwo vulnerabilities have been discovered in the Apache HTTP server:\n\n\n* [CVE-2021-44224](https://security-tracker.debian.org/tracker/CVE-2021-44224)\nWhen operating as a forward proxy, Apache was depending on the setup\n suspectible to denial of service or Server Side Request forgery.\n* [CVE-2021-44790](https://security-tracker.debian.org/tracker/CVE-2021-44790)\nA buffer overflow in mod\\_lua may result in denial of service or\n potentially the execution of arbitrary code.\n\n\nFor the oldstable distribution (buster), these problems have been fixed\nin version 2.4.38-3+deb10u7.\n\n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 2.4.52-1~deb11u2.\n\n\nWe recommend that you upgrade your apache2 packages.\n\n\nFor the detailed security status of apache2 please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/apache2](https://security-tracker.debian.org/tracker/apache2)\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-04T00:00:00", "type": "osv", "title": "apache2 - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-08-10T07:20:31", "id": "OSV:DSA-5035-1", "href": "https://osv.dev/vulnerability/DSA-5035-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-21T08:14:36", "description": "\nTwo vulnerabilities have been discovered in the Apache HTTP server:\n\n\n* [CVE-2021-44224](https://security-tracker.debian.org/tracker/CVE-2021-44224)\nWhen operating as a forward proxy, Apache was depending on the setup\n suspectable to denial of service or Server Side Request forgery.\n* [CVE-2021-44790](https://security-tracker.debian.org/tracker/CVE-2021-44790)\nA buffer overflow in mod\\_lua may result in denial of service or potentially\n the execution of arbitrary code.\n\n\nFor Debian 9 stretch, these problems have been fixed in version\n2.4.25-3+deb9u12.\n\n\nWe recommend that you upgrade your apache2 packages.\n\n\nFor the detailed security status of apache2 please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/apache2>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-01T00:00:00", "type": "osv", "title": "apache2 - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-07-21T05:54:03", "id": "OSV:DLA-2907-1", "href": "https://osv.dev/vulnerability/DLA-2907-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2022-02-09T11:41:06", "description": "USN-5212-1 fixed several vulnerabilities in Apache. This update provides \nthe corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.\n\nOriginal advisory details:\n\nIt was discovered that the Apache HTTP Server incorrectly handled certain \nforward proxy requests. A remote attacker could use this issue to cause \nthe server to crash, resulting in a denial of service, or possibly perform \na Server Side Request Forgery attack. (CVE-2021-44224)\n\nIt was discovered that the Apache HTTP Server Lua module incorrectly \nhandled memory in the multipart parser. A remote attacker could use this \nissue to cause the server to crash, resulting in a denial of service, or \npossibly execute arbitrary code. (CVE-2021-44790)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-10T00:00:00", "type": "ubuntu", "title": "Apache HTTP Server vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-01-10T00:00:00", "id": "USN-5212-2", "href": "https://ubuntu.com/security/notices/USN-5212-2", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-18T16:33:00", "description": "It was discovered that the Apache HTTP Server incorrectly handled certain \nforward proxy requests. A remote attacker could use this issue to cause \nthe server to crash, resulting in a denial of service, or possibly perform \na Server Side Request Forgery attack. (CVE-2021-44224)\n\nIt was discovered that the Apache HTTP Server Lua module incorrectly \nhandled memory in the multipart parser. A remote attacker could use this \nissue to cause the server to crash, resulting in a denial of service, or \npossibly execute arbitrary code. (CVE-2021-44790)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-06T00:00:00", "type": "ubuntu", "title": "Apache HTTP Server vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-01-06T00:00:00", "id": "USN-5212-1", "href": "https://ubuntu.com/security/notices/USN-5212-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ibm": [{"lastseen": "2022-06-28T22:05:10", "description": "## Summary\n\nIBM WebSphere Application Server is a required product for IBM Tivoli Netcool Configuration Manager version 6.4.2. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nRefer to the security bulletin(s) listed in the Remediation/Fixes section\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nITNCM| 6.4.2 \n \n\n\n## Remediation/Fixes\n\nAffected Product(s)| Version(s)| Remediation \n---|---|--- \nITNCM| 6.4.2| \n\n[Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server](<https://www.ibm.com/support/pages/node/6540288> \"Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server\" )\n\n \nSee section: For V9.0.0.0 through 9.0.5.10: \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n18 Jan 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SS7UH9\",\"label\":\"Tivoli Netcool Configuration Manager\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF051\",\"label\":\"Linux on IBM Z Systems\"}],\"Version\":\"6.4.2\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {}, "published": "2022-04-01T12:23:48", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Netcool Configuration Manager (CVE-2021-44790, CVE-2021-44224)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-04-01T12:23:48", "id": "D9C7CED11B565FB246194D9A8673AFAE17E817623EA3BB7DC96C788D43582670", "href": "https://www.ibm.com/support/pages/node/6568719", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-06-28T22:00:01", "description": "## Summary\n\nIBM HTTP Server (IHS) is shipped as a component of IBM Rational ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin.\n\n## Vulnerability Details\n\nRefer to the security bulletin(s) listed in the Remediation/Fixes section\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Rational ClearCase| 8.0.0 \nIBM Rational ClearCase| 9.0 \nIBM Rational ClearCase| 9.0.1 \nIBM Rational ClearCase| 9.1 \nIBM Rational ClearCase| 9.0.2 \nIBM Rational ClearCase| 8.0.1 \n \n\n\n## Remediation/Fixes\n\nRefer to the following security bulletin(s) for vulnerability details and information about fixes addressed by IBM WebSphere Application Server (WAS) which is shipped with IBM Rational ClearCase. \n\n**Principal Product and Version(s)**| **Affected Supporting Product and Version**| **Affected Supporting Product Security Bulletin** \n---|---|--- \nIBM Rational ClearCase, versions 8.0.0.x, 8.0.1.x, 9.0.0.x, 9.0.1.x, 9.0.2.x, 9.1.x \n \n| IBM HTTP Server version 9.0| \n\n[Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by WebSphere Application Server](<https://www.ibm.com/support/pages/node/6540288> \"Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by WebSphere Application Server\" ) (CVE-2021-44790, CVE-2021-44224) \n \n**ClearCase Versions**\n\n| \n\n**Applying the fix** \n \n---|--- \n8.0.0.x, 8.0.1.x, 9.0.0.x, 9.0.1.x, 9.0.2.x, 9.1.x| Apply the appropriate IBM HTTP Server fix (see bulletin link above) directly to your CCRC WAN server host. No ClearCase-specific steps are necessary. \n \n_For 8.0.x and earlier releases, IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n16 Mar 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSSH27\",\"label\":\"Rational ClearCase\"},\"Component\":\"CCRC WAN Server\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"All versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-16T08:32:56", "type": "ibm", "title": "Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearCase (CVE-2021-44790, CVE-2021-44224)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-03-16T08:32:56", "id": "402D27EE71FB983854BE2AF9D5F120FF6B97913A6343020A377730459665ED86", "href": "https://www.ibm.com/support/pages/node/6563879", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T12:45:53", "description": "## Summary\n\nThere are multiple vulnerabilities in the IBM HTTP Server used by IBM WebSphere Application Server. This has been addressed. IBM HTTP Server is affected by CVE-2021-44224 for IBM HTTP Server configurations with \"ProxyRequests ON\" in the IBM HTTP Server configuration file (httpd.conf by default). IBM HTTP Server is affected by CVE-2021-44790 for IBM HTTP Server configurations with \"LoadModule lua_module/mod_lua.so\" appearing in the IBM HTTP Server configuration file (httpd.conf by default) where a customer-provided Lua script uses the \"r:parsebody\" function.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44224](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44224>) \n** DESCRIPTION: **Apache HTTP Server is vulnerable to a denial of service or server-side request forgery. By sending a specially crafted URI to httpd configured as a forward proxy, an attacker could exploit this vulnerability to cause a NULL pointer dereference. By sending a specially crafted URI to configurations mixing forward and reverse proxy declarations, an attacker could allow for requests to be directed to a declared Unix Domain Socket endpoint. \nCVSS Base score: 8.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215719](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215719>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H) \n \n** CVEID: **[CVE-2021-44790](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44790>) \n** DESCRIPTION: **Apache HTTP Server is vulnerable to a buffer overflow, caused by improper bounds checking in the mod_lua multipart parser called from Lua scripts). By sending a specially crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215686](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215686>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nThis vulnerability affects the following version and release of IBM HTTP Server (powered by Apache) component in all editions of IBM WebSphere Application Server and bundling products.\n\nAffected Product(s)| Version(s) \n---|--- \nIBM HTTP Server| 9.0 \n \n\n\n## Remediation/Fixes\n\nIBM strongly recommends addressing this vulnerability now by applying the interim fix or Fix Pack linked below containing APAR PH42862 for each named product. \n\n**For IBM HTTP Server used by IBM WebSphere Application Server:**\n\n**For V9.0.0.0 through 9.0.5.10:**\n\nIBM strongly recommends addressing this vulnerability now by applying the interim fix or Fix Pack linked below containing APAR PH42862 for each named product.\n\n\u00b7 Upgrade to minimal fix pack levels as required by interim fix and then apply Interim Fix [PH42862](<https://www.ibm.com/support/pages/node/6538416> \"PH42862\" ) \n\\--OR-- \n\u00b7 Apply Fix Pack 9.0.5.11 or later (targeted availability 1Q2022). \n\nAdditional interim fixes may be available and linked off the interim fix download page.\n\nImportant Note\n\nIBM strongly suggests that all System z customers be subscribed to the System z Security Portal to receive the latest critical System z security and \nintegrity service. If you are not subscribed, see the instructions on the System z Security web site. Security and integrity APARs and associated fixes will \nbe posted to this portal. IBM suggests reviewing the CVSS scores and applying all security or integrity fixes as soon as possible to minimize any potential \nrisk.\n\n## Workarounds and Mitigations\n\nMitigations for this issue are available. If the interim fixes in PH42862 cannot be applied immediately, then follow the temporary mitigation steps as documented in Interim Fix [PH42862](<https://www.ibm.com/support/pages/node/6538416> \"PH42862\" ).\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n12 Jan 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud \\u0026 Data Platform\"},\"Product\":{\"code\":\"SSEQTJ\",\"label\":\"IBM HTTP Server\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF035\",\"label\":\"z\\/OS\"}],\"Version\":\"9.0\",\"Edition\":\"Base,Enterprise,Advanced,Single Server,Network Deployment\"}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-12T19:17:07", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-01-12T19:17:07", "id": "B1B72DA8B731EA54273C4F12D37D64CB4C3470962BFA973B286468AA61409763", "href": "https://www.ibm.com/support/pages/node/6540288", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-28T22:05:28", "description": "## Summary\n\nIBM WebSphere Application Server is a required product for IBM Tivoli Network Manager versions 4.2 To 4.2.0.14. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nRefer to the security bulletin(s) listed in the Remediation/Fixes section\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nITNM| 4.2 To 4.2.0.14 \n \n\n\n## Remediation/Fixes\n\nAffected Product(s)| Version(s)| Remediation \n---|---|--- \nITNM| 4.2 To 4.2.0.14| \n\n[Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server](<https://www.ibm.com/support/pages/node/6540288> \"Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server\" )\n\nSee section: For V9.0.0.0 through 9.0.5.10: \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\nNone\n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\nNone\n\n## Change History\n\n17 Jan 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSSHRK\",\"label\":\"Tivoli Network Manager IP Edition\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF051\",\"label\":\"Linux on IBM Z Systems\"}],\"Version\":\"4.2.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {}, "published": "2022-04-01T10:32:47", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Network Manager IP Edition (CVE-2021-44790, CVE-2021-44224)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-04-01T10:32:47", "id": "3B7F97F521F500AB20E9F9C2CEC2D1A756BBBEFB946AC3E47BE87698E90B1E30", "href": "https://www.ibm.com/support/pages/node/6568717", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-06-28T22:05:17", "description": "## Summary\n\nApache HTTP Server provides HTTP services for SiteProtector. IBM Security SiteProtector System has addressed the following vulnerabilities in a Core express update:\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2022-22719](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22719>) \n**DESCRIPTION: **Apache HTTP Server is vulnerable to a denial of service. By using a specially crafted request body to read a random memory area, a remote attacker could exploit this vulnerability to cause the process to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/221667](<https://exchange.xforce.ibmcloud.com/vulnerabilities/221667>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2022-22720](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22720>) \n**DESCRIPTION: **Apache HTTP Server is vulnerable to HTTP request smuggling, caused by the failure to close inbound connection when errors are encountered discarding the request body. An attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/221668](<https://exchange.xforce.ibmcloud.com/vulnerabilities/221668>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2022-22721](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22721>) \n**DESCRIPTION: **Apache HTTP Server is vulnerable to a buffer overflow, caused by an integer overflow. If LimitXMLRequestBody is set to allow request bodies larger than 350MB, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/221666](<https://exchange.xforce.ibmcloud.com/vulnerabilities/221666>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2021-44790](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44790>) \n**DESCRIPTION: **Apache HTTP Server is vulnerable to a buffer overflow, caused by improper bounds checking in the mod_lua multipart parser called from Lua scripts). By sending a specially crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215686](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215686>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2021-44224](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44224>) \n**DESCRIPTION: **Apache HTTP Server is vulnerable to a denial of service or server-side request forgery. By sending a specially crafted URI to httpd configured as a forward proxy, an attacker could exploit this vulnerability to cause a NULL pointer dereference. By sending a specially crafted URI to configurations mixing forward and reverse proxy declarations, an attacker could allow for requests to be directed to a declared Unix Domain Socket endpoint. \nCVSS Base score: 8.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215719](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215719>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)** | **Version(s)** \n---|--- \nIBM Security SiteProtector System | 3.1.1 \n \n## Remediation/Fixes\n\nIBM encourages customers to update their systems promptly. \n\n**Product** | **VRMF** | **Remediation/Fixes** \n---|---|--- \nIBM SiteProtector system | 3.1.1.18 | \n\nApply the appropriate express update (XPU) as identified in SiteProtector console agent view.\n\nUpdateServer_3_1_1_18.pkg \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n6 June 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSETBF\",\"label\":\"IBM Security SiteProtector System\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF009\",\"label\":\"Firmware\"}],\"Version\":\"3.1.1\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-06-02T14:42:35", "type": "ibm", "title": "Security Bulletin: IBM Security SiteProtector System is affected by multiple Apache HTTP Server Vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790", "CVE-2022-22719", "CVE-2022-22720", "CVE-2022-22721"], "modified": "2022-06-02T14:42:35", "id": "822E1A1C2A729D1391289F16CEBC1B291F0AAFF917670750096C9FC6C25ED3C4", "href": "https://www.ibm.com/support/pages/node/6591347", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T12:43:22", "description": "## Summary\n\nIBM HTTP Server (powered by Apache) for i is vulnerable to the issue described in the vulnerability details section. IBM i has addressed the applicable CVE in the Apache HTTP Server implementation.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44224](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44224>) \n** DESCRIPTION: **Apache HTTP Server is vulnerable to a denial of service or server-side request forgery. By sending a specially crafted URI to httpd configured as a forward proxy, an attacker could exploit this vulnerability to cause a NULL pointer dereference. By sending a specially crafted URI to configurations mixing forward and reverse proxy declarations, an attacker could allow for requests to be directed to a declared Unix Domain Socket endpoint. \nCVSS Base score: 8.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215719](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215719>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM i| 7.4 \nIBM i| 7.3 \nIBM i| 7.2 \n \n\n\n## Remediation/Fixes\n\nThe issue can be fixed by applying a PTF to IBM i. Releases 7.4, 7.3, and 7.2 of IBM i will be fixed.\n\nThe IBM i PTF numbers containing the fix for the CVE follows. Future Group PTFs for HTTP Server will also contain the fixes for this CVE. \n\nRelease 7.4 - SI78295, SI78296 \nRelease 7.3 - SI78298, SI78299 \nRelease 7.2 - SI78297 \n \n<https://www.ibm.com/support/fixcentral>\n\n**_Important note: _**_IBM recommends that all users running unsupported versions of affected products upgrade to supported and fixed version of affected products._\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n28 Feb 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Product\":{\"code\":\"SSC5L9\",\"label\":\"IBM i 7.2\"},\"Component\":\"N\\/A\",\"Platform\":[{\"code\":\"PF012\",\"label\":\"IBM i\"}],\"Version\":\"7.2\",\"Edition\":\"N\\/A\",\"Line of Business\":{\"code\":\"LOB08\",\"label\":\"Cognitive Systems\"}},{\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Product\":{\"code\":\"SSTS2D\",\"label\":\"IBM i 7.3\"},\"Component\":\"N\\/A\",\"Platform\":[{\"code\":\"PF012\",\"label\":\"IBM i\"}],\"Version\":\"7.3\",\"Edition\":\"N\\/A\",\"Line of Business\":{\"code\":\"LOB08\",\"label\":\"Cognitive Systems\"}},{\"Business Unit\":{\"code\":\"BU058\",\"label\":\"IBM Infrastructure w\\/TPS\"},\"Product\":{\"code\":\"SWG60\",\"label\":\"IBM i\"},\"Component\":\"N\\/A\",\"Platform\":[{\"code\":\"PF012\",\"label\":\"IBM i\"}],\"Version\":\"7.4,7.3,7.2\",\"Edition\":\"N\\/A\",\"Line of Business\":{\"code\":\"LOB57\",\"label\":\"Power\"}},{\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Product\":{\"code\":\"SS9QQS\",\"label\":\"IBM i 7.4\"},\"Component\":\"N\\/A\",\"Platform\":[{\"code\":\"PF012\",\"label\":\"IBM i\"}],\"Version\":\"7.4\",\"Edition\":\"N\\/A\",\"Line of Business\":{\"code\":\"LOB08\",\"label\":\"Cognitive Systems\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2022-02-28T23:45:49", "type": "ibm", "title": "Security Bulletin: IBM HTTP Server (powered by Apache) for i is vulnerable to CVE-2021-44224", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44224"], "modified": "2022-02-28T23:45:49", "id": "6057C2D64AC48C014C9DC84FCD84146794FE149A5B6554007EFDD963A552D12F", "href": "https://www.ibm.com/support/pages/node/6560266", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-08-04T12:45:32", "description": "## Summary\n\nIBM Rational Build Forge version 8.0.x is affected by CVE-2021-44224\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44224](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44224>) \n** DESCRIPTION: **Apache HTTP Server is vulnerable to a denial of service or server-side request forgery. By sending a specially crafted URI to httpd configured as a forward proxy, an attacker could exploit this vulnerability to cause a NULL pointer dereference. By sending a specially crafted URI to configurations mixing forward and reverse proxy declarations, an attacker could allow for requests to be directed to a declared Unix Domain Socket endpoint. \nCVSS Base score: 8.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215719](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215719>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nBuild Forge| 8.0 - 8.0.0.20 \n \n\n\n## Remediation/Fixes\n\nYou must download the fix pack specified in the following table and apply it. \n\n**Affected Supporting Product(s)**\n\n| \n\n**Remediation/Fix** \n \n---|--- \n \nIBM Rational Build Forge 8.0 to 8.0.0.20\n\n| \n\n[Download](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FRational%2FRational+Build+Forge&fixids=RationalBuildForge-8.0.0.21&source=SAR> \"Download\" ) IBM Rational Build Forge 8.0.0.21.\n\nThe fix includes Apache-HTTP-Server-2.4.52 \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n17 Jan 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU037\",\"label\":\"HCL Technologies\"},\"Product\":{\"code\":\"SS2MGB\",\"label\":\"Rational Build Forge family\"},\"Component\":\"Apache HTTP Server\",\"Platform\":[{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF035\",\"label\":\"z\\/OS\"}],\"Version\":\"8.0.0.21\",\"Edition\":\"\"}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2022-01-17T18:32:06", "type": "ibm", "title": "Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it. (CVE-2021-44224)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44224"], "modified": "2022-01-17T18:32:06", "id": "6081058175901D53AC76131FFD5892A9758A2B8B996DAE6C63CC02E20E7DBE9E", "href": "https://www.ibm.com/support/pages/node/6541326", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-08-04T12:43:21", "description": "## Summary\n\nIBM Rational Build Forge version 8.0 - 8.0.0.20 is affected by CVE-2021-44790\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44790](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44790>) \n** DESCRIPTION: **Apache HTTP Server is vulnerable to a buffer overflow, caused by improper bounds checking in the mod_lua multipart parser called from Lua scripts). By sending a specially crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215686](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215686>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nBuild Forge| 8.0 - 8.0.0.20 \n \n## Remediation/Fixes\n\nYou must download the fix pack specified in the following table and apply it.\n\n**Affected Supporting Product(s)**\n\n| \n\n**Remediation/Fix** \n \n---|--- \n \nIBM Rational Build Forge 8.0 to 8.0.0.20\n\n| \n\n[Download](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FRational%2FRational+Build+Forge&fixids=RationalBuildForge-8.0.0.21&source=SAR> \"Download\" ) IBM Rational Build Forge 8.0.0.21.\n\nThe fix includes Apache-HTTP-Server-2.4.52 \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\n## Change History\n\n17 Jan 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU037\",\"label\":\"HCL Technologies\"},\"Product\":{\"code\":\"SS2MGB\",\"label\":\"Rational Build Forge family\"},\"Component\":\"Apache HTTP Server\",\"Platform\":[{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF051\",\"label\":\"Linux on IBM Z Systems\"}],\"Version\":\"8.0.0.21\",\"Edition\":\"\"}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-02T14:54:05", "type": "ibm", "title": "Security Bulletin: IBM Rational Build Forge is affected by Apache HTTP Server version used in it. (CVE-2021-44790)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44790"], "modified": "2022-03-02T14:54:05", "id": "3D55A48846F1F0B47B953543BA99A7A4FBF1CA77F4CE17B39C0FB856F8E3237C", "href": "https://www.ibm.com/support/pages/node/6555106", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T12:43:25", "description": "## Summary\n\nApache HTTP Server as used by IBM QRadar SIEM contains multiple vulnerabilities which include buffer overflow and denial of service.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44790](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44790>) \n** DESCRIPTION: **Apache HTTP Server is vulnerable to a buffer overflow, caused by improper bounds checking in the mod_lua multipart parser called from Lua scripts). By sending a specially crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215686](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215686>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-34798](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798>) \n** DESCRIPTION: **Apache HTTP Server is vulnerable to a denial of service, caused by a NULL pointer dereference in httpd core. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209518](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209518>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-39275](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275>) \n** DESCRIPTION: **Apache HTTP Server is vulnerable to a buffer overflow, caused by improper bounds checking by the ap_escape_quotes() function. By sending specially crafted input, a remote attacker could write beyond the end of a buffer. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209529](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209529>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n## Affected Products and Versions\n\nIBM QRadar SIEM 7.5.0 GA\n\nIBM QRadar SIEM 7.4.3 GA - 7.4.3 Fix Pack 4\n\nIBM QRadar SIEM 7.3.3 GA - 7.3.3 Fix Pack 10\n\n \n\n\n## Remediation/Fixes\n\n[QRadar / QRM / QVM / QRIF / QNI 7.5.0 Update Pack 1](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+Vulnerability+Manager&release=All&platform=All&function=fixId&fixids=7.5.0-QRADAR-QRSIEM-20220215133427&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=SAR> \"QRadar / QRM / QVM / QRIF / QNI 7.5.0 Update Pack 1\" )\n\n[QRadar / QRM / QVM / QRIF / QNI 7.4.3 Fix Pack 4 Interim Fix 04](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+Vulnerability+Manager&release=All&platform=All&function=fixId&fixids=7.4.3-QRADAR-QRSIEM-20220211142137INT&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=SAR> \"QRadar / QRM / QVM / QRIF / QNI 7.4.3 Fix Pack 4 Interim Fix 04\" )\n\n[QRadar / QRM / QVM / QRIF / QNI 7.3.3 Fix Pack 10 Interim Fix 02](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+Vulnerability+Manager&release=All&platform=All&function=fixId&fixids=7.3.3-QRADAR-QRSIEM-20220203193207INT&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"QRadar / QRM / QVM / QRIF / QNI 7.3.3 Fix Pack 10 Interim Fix 02\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n15 Feb 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSBQAC\",\"label\":\"IBM QRadar SIEM\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"7.3, 7.4\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-28T17:37:14", "type": "ibm", "title": "Security Bulletin: Apache HTTP Server as used by IBM QRadar SIEM is vulnerable to buffer overflow and denial of service (CVE-2021-44790, CVE-2021-34798, CVE-2021-39275)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-34798", "CVE-2021-39275", "CVE-2021-44790"], "modified": "2022-02-28T17:37:14", "id": "4BCDF9C550D3ED72E14DD722120ADB03F42A150573F93F87AE411598D918A8C5", "href": "https://www.ibm.com/support/pages/node/6560142", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T12:36:12", "description": "## Summary\n\nThe updates indicated below have been released to address the following vulnerabilities: Spring Framework CVE-2022-22965, OpenSSL vulnerabilities CVE-2022-0778, Apache HTTP Server CVE-2021-26691, CVE-2021-40438, CVE-2021-44790, and CVE-2021-20325.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2022-0778](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778>) \n**DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a flaw in the BN_mod_sqrt() function when parsing certificates. By using a specially-crafted certificate with invalid explicit curve parameters, a remote attacker could exploit this vulnerability to cause an infinite loop, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/221911](<https://exchange.xforce.ibmcloud.com/vulnerabilities/221911>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2021-26691](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691>) \n**DESCRIPTION: **Apache HTTP Server is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the mod_session. By sending a specially crafted SessionHeader, a remote attacker could overflow a buffer and cause a denial of service. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203465](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203465>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2021-40438](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438>) \n**DESCRIPTION: **Apache HTTP Server is vulnerable to server-side request forgery, caused by an error in mod_proxy. By sending a specially crafted request uri-path, a remote attacker could exploit this vulnerability to forward the request to an origin server chosen by the remote user. \nCVSS Base score: 9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209526](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209526>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2022-22965](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22965>) \n**DESCRIPTION: **Spring Framework could allow a remote attacker to execute arbitrary code on the system, caused by the improper handling of PropertyDescriptor objects used with data binding. By sending specially-crafted data to a Spring Java application, an attacker could exploit this vulnerability to execute arbitrary code on the system. Note: The exploit requires Spring Framework to be run on Tomcat as a WAR deployment with JDK 9 or higher using spring-webmvc or spring-webflux. Note: This vulnerability is also known as Spring4Shell or SpringShell. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/223103](<https://exchange.xforce.ibmcloud.com/vulnerabilities/223103>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2021-44790](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44790>) \n**DESCRIPTION: **Apache HTTP Server is vulnerable to a buffer overflow, caused by improper bounds checking in the mod_lua multipart parser called from Lua scripts). By sending a specially crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215686](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215686>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2021-20325](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20325>) \n**DESCRIPTION: **Red Hat Enterprise Linux is vulnerable to a buffer overflow, caused by the missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd. By sending specially crafted requests, a remote attacker could overflow a buffer and or perform SSRF attacks. \nCVSS Base score: 9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/220125](<https://exchange.xforce.ibmcloud.com/vulnerabilities/220125>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nR9.0x | 89.0x.xx.xx \nR9.1x | 89.1x.xx.xx \nR9.2x | 89.2x.xx.xx \n \n## Remediation/Fixes\n\nNote: The code is vulnerable to both CVE-2021-40438 and CVE-2022-0778.\n\nNote: The code is not vulnerable to the others (CVE-2021-26691, CVE-2022-22965, CVE-2021-44790, CVE-2021-20325), i.e. the flawed code exists in the product but cannot be exploited.\n\nR9.3 (89.30.68.0) with the fix has been provided.\n\nR9.2 SP2 (89.22.17.0) with the fix has been provided. \n \nFor the current recommended code releases, please see <https://www.ibm.com/support/pages/ds8000-code-recommendation>\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\n## Change History\n\n08 Apr 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU010\",\"label\":\"Systems - Storage\"},\"Product\":{\"code\":\"ST8GLJ\",\"label\":\"DS8900F\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"NA\",\"Edition\":\"\"}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-07-28T16:08:09", "type": "ibm", "title": "Security Bulletin: Vulnerabilities have been identified in Spring Framework, OpenSSL and Apache HTTP Server shipped with the DS8000 Hardware Management Console (HMC)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20325", "CVE-2021-26691", "CVE-2021-40438", "CVE-2021-44790", "CVE-2022-0778", "CVE-2022-22965"], "modified": "2022-07-28T16:08:09", "id": "C0C635C3D1BDFFF4279719843730FED33753DFD9A52C5B43AE4A48433A539739", "href": "https://www.ibm.com/support/pages/node/6592963", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-27T22:03:06", "description": "## Question\n\nIs there a list that contains the security bulletins that apply to WebSphere Application Server and IBM HTTP Server?\n\n## Answer\n\nThe following table is provided to help you locate WebSphere Application Server and IBM HTTP Server security bulletins. These are listed numerically by CVE number not by the last one published.\n\nNote the IBM Java runtime included with WebSphere Application Server provides an execution environment for non-IBM code. While the below table includes all IBM Java vulnerabilities related to the WebSphere Application Server product, there might be additional IBM Java vulnerabilities which impact non-IBM code running in your WebSphere Application Server environment. For a listing of all IBM Java security bulletins, refer to [_IBM Java Security Alerts_](<https://www.ibm.com/developerworks/java/jdk/alerts/>). To determine the Java SDK version used with WebSphere Application Server, refer to the [_Verify Java SDK version shipped with WebSphere Application Server_](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27005002>).\n\nTo avoid preventable security issues, it is recommended that you stay up-to-date on the most current maintenance options for your products. You can also subscribe to the security bulletins for each of your products as provided in this link, [_IBM Security Bulletins_](<http://www.ibm.com/security/secure-engineering/bulletins.html>).\n\nWhen significant updates have been made to security bulletins, it will be noted with the date of the last update in the bulletin columns.\n\nNote: Starting 07/16/2020, the most recent fix published will be added to the top of this list below as well as in numerical order by year.\n\n**Recent CVEs (previous 15 published from most recent to least recent)**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2022-22477 | 6.1 | [Cross-site Scripting](<https://www.ibm.com/support/pages/node/6603417>) | Not affected | 9.0,8.5 \n| CVE-2022-22473 | 3.7 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6603421>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2019-11777 | 7.5 | [Spoofing vulnerability](<https://www.ibm.com/support/pages/node/6602039>) | Not affected | Liberty \n| CVE-2022-22476 | 5.0 | [Identity Spoofing](<https://www.ibm.com/support/pages/node/6602015>) | Not affected | Liberty \n| CVE-2022-26377 | 7.3 | Not affected | [HTTP Request Smuggling](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-28614 | 5.3 | Not affected | [Information Disclosure](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-28615 | 6.5 | Not affected | [Information Disclosure](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-29404 | 5.3 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-30556 | 5.3 | Not affected | [Information Disclosure](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-31813 | 5.3 | Not affected | [Bypass Security](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-21496 | 5.3 | [IBM Java SDK for April 2022](<https://www.ibm.com/support/pages/node/6594523>) | Not affected | 9.0,8.5,Liberty \n| CVE-2022-21299 | 5.3 | [IBM Java SDK for April 2022](<https://www.ibm.com/support/pages/node/6594523>) | Not affected | 9.0,8.5,Liberty \n| CVE-2022-22365 | 5.6 | [Spoofing vulnerability](<https://www.ibm.com/support/pages/node/6587947>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2022-22475 | 7.1 | [Identity Spoofing](<https://www.ibm.com/support/pages/node/6586734>) | Not affected | Liberty \n \n**2022 CVEs**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2022-31813 | 5.3 | Not affected | [Bypass Security](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-30556 | 5.3 | Not affected | [Information Disclosure](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-29404 | 5.3 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-28615 | 6.5 | Not affected | [Information Disclosure](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-28614 | 5.3 | Not affected | [Information Disclosure](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-26377 | 7.3 | Not affected | [HTTP Request Smuggling](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-25315 | 7.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6560814>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-25313 | 5.5 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6560814>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-25236 | 5.3 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6560814>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-25235 | 3.3 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6560814>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-23990 | 9.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-23852 | 9.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-23307 | 9.8 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6557248>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2022-23305 | 6.5 | [SQL Injection](<https://www.ibm.com/support/pages/node/6557248>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2022-23302 | 8.8 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6557248>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2022-22827 | 7.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22826 | 7.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22825 | 7.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22824 | 7.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22823 | 7.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22822 | 7.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22721 | 7.3 | Not affected | [Buffer Overflow](<https://www.ibm.com/support/pages/node/6565413>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22720 | 7.3 | Not affected | [HTTP Request Smuggling](<https://www.ibm.com/support/pages/node/6565413>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22719 | 5.3 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6565413>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22477 | 6.1 | [Cross-site Scripting](<https://www.ibm.com/support/pages/node/6603417>) | Not affected | 9.0,8.5 \n| CVE-2022-22476 | 5.0 | [Identity Spoofing](<https://www.ibm.com/support/pages/node/6602015>) | Not affected | Liberty \n| CVE-2022-22475 | 7.1 | [Identity Spoofing](<https://www.ibm.com/support/pages/node/6586734>) | Not affected | Liberty \n| CVE-2022-22473 | 3.7 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6603421>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2022-22393 | 3.1 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6585704>) | Not affected | Liberty \n| CVE-2022-22365 | 5.6 | [Spoofing vulnerability](<https://www.ibm.com/support/pages/node/6587947>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2022-22310 | 4.8 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6541530>) | Not affected | Liberty \n| CVE-2022-21496 | 5.3 | [IBM Java SDK for April 2022 CPU](<https://www.ibm.com/support/pages/node/6594523>) | | 9.0,8.5,Liberty \n| CVE-2022-21340 | 5.3 | [IBM Java SDK for January 2022 CPU](<https://www.ibm.com/support/pages/node/6559306>) | Not affected | 9.0,8.5,Liberty \n| CVE-2022-21229 | 5.3 | [IBM Java SDK for April 2022 CPU](<https://www.ibm.com/support/pages/node/6594523>) | | 9.0,8.5,Liberty \n \n**2021 CVEs**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2021-46708 | 4.3 | [Clickjacking vulnerability](<https://www.ibm.com/support/pages/node/6569505>) | Not affected | Liberty \n| CVE-2021-46143 | 7.8 | Not affected | [Remote Code Execution](<https://Denial of Service>) | 7.0,8.0,8.5,9.0 \n| CVE-2021-45960 | 5.5 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6559296>) | 7.0,8.0,8.5,9.0 \n| CVE-2021-45105 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/6538148>) | Not affected | 9.0, 8.5 \n| CVE-2021-45046 | 9.0 | [Denial of Service](<https://www.ibm.com/support/pages/node/6526750>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2021-44832 | 6.6 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6538148>) | Not affected | 9.0, 8.5 \n| CVE-2021-44790 | 9.8 | Not affected | [Buffer overflow](<https://www.ibm.com/support/pages/node/6540288>) | 9.0 \nLog4Shell | CVE-2021-44228 | 10 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6525706>) | Not affected | 9.0, 8.5 \n| CVE-2021-44224 | 8.2 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6540288>) | 9.0 \n| CVE-2021-40438 | 9.0 | Not affected | [Server-side request forgery](<https://www.ibm.com/support/pages/node/6493841>) | 9.0 \n| CVE-2021-39275 | 3.7 | Not affected | [Buffer overflow](<https://www.ibm.com/support/pages/node/6493845>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2021-39038 | 4.4 | [Clickjacking vulnerability](<https://www.ibm.com/support/pages/node/6559044>) | Not affected | 9.0, Liberty \n| CVE-2021-39031 | 7.5 | [LDAP Injection](<https://www.ibm.com/support/pages/node/6550488>) | Not affected | Liberty \n| CVE-2021-38951 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/6524674>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2021-36090 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/6489683>) | Not affected | Liberty \n| CVE-2021-35603 | 3.7 | [IBM Java SDK for January 2022 CPU](<https://www.ibm.com/support/pages/node/6559306>) | Not affected | 9.0,8.5,Liberty \n| CVE-2021-35578 | 5.3 | [IBM Java SDK for October 2021 CPU](<https://www.ibm.com/support/pages/node/6520468>) | Not affected | 9.0, 8.5, Liberty \n| CVE-2021-35564 | 5.3 | [IBM Java SDK for October 2021 CPU](<https://www.ibm.com/support/pages/node/6520468>) | Not affected | 9.0, 8.5, Liberty \n| CVE-2021-35550 | 5.9 | [IBM Java SDK for January 2022 CPU](<https://www.ibm.com/support/pages/node/6559306>) | Not affected | 9.0,8.5,Liberty \n| CVE-2021-35517 | 5.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/6489683>) | Not affected | Liberty \n| CVE-2021-34798 | 5.9 | Not affected | [Denial of service](<https://www.ibm.com/support/pages/node/6493841>) | 9.0 \n| CVE-2021-30641 | 5.3 | Not affected | [Weaker Security](<https://www.ibm.com/support/pages/node/6464029>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2021-29842 | 3.7 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6489485>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2021-29754 | 4.2 | [Privilege Escalation](<https://www.ibm.com/support/pages/node/6462627>) | Not affected | 9.0, 8.5, 8.0. 7.0 \n| CVE-2021-29736 | 5.0 | [Privilege Escalation](<https://www.ibm.com/support/pages/node/6476678>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2021-26691 | 5.9 | Not affected | [Heap Buffer Overflow](<https://www.ibm.com/support/pages/node/6467651>) | 9.0 \n| CVE-2021-26690 | 3.7 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6467651>) | 9.0 \n| CVE-2021-26296 | 8.8 | [Cross-site request forgery](<https://www.ibm.com/support/pages/node/6441433>) | Not affected | 9.0, 8.5, 8.0, Liberty \n| CVE-2021-23450 | 9.8 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6558594>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2021-20517 | 6.4 | [Directory Traversal](<https://www.ibm.com/support/pages/node/6456955>) | Not affected | 9.0, 8.5 \n| CVE-2021-20492 | 6.5 | [XXE vulnerability](<https://www.ibm.com/support/pages/node/6456017>) | Not affected | 9.0, 8.5, 8.0, Liberty \n| CVE-2021-20480 | 4.3 | [Server-side request forgery](<https://www.ibm.com/support/pages/node/6441063>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2021-20454 | 8.2 | [XXE vulnerability](<https://www.ibm.com/support/pages/node/6445481>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2021-20453 | 8.2 | [XXE vulnerability](<https://www.ibm.com/support/pages/node/6445171>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2021-20354 | 5.9 | [Directory traversal](<https://www.ibm.com/support/pages/node/6415959>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2021-20353 | 8.2 | [XXE vulnerability](<https://www.ibm.com/support/pages/node/6413709>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2021-4104 | 8.1 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6526750>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2021-2369 | 4.3 | [IBM Java SDK for July 2021 CPU](<https://www.ibm.com/support/pages/node/6481135>) | Not affected | 9.0, 8.5, Liberty \n| CVE-2021-2161 | 5.9 | [IBM Java SDK for April 2021 CPU](<https://www.ibm.com/support/pages/node/6454853>) | Not affected | 9.0, 8.5, Liberty \n \n**2020 CVEs**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2020-27221 | 9.8 | [IBM Java SDK for January 2021 CPU](<https://www.ibm.com/support/pages/node/6415639>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14797 | 3.7 | [IBM Java SDK for October 2020 CPU](<https://www.ibm.com/support/pages/node/6379260>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14782 | 3.7 | [IBM Java SDK for January 2021 CPU](<https://www.ibm.com/support/pages/node/6415639>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14781 | 3.7 | [IBM Java SDK for January 2021 CPU](<https://www.ibm.com/support/pages/node/6415639>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14621 | 5.3 | [IBM Java SDK for July 2020 CPU](<https://www.ibm.com/support/pages/node/6256732>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14581 | 3.7 | [IBM Java SDK for July 2020 CPU](<https://www.ibm.com/support/pages/node/6256732>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14579 | 3.7 | [IBM Java SDK for July 2020 CPU](<https://www.ibm.com/support/pages/node/6256732>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14578 | 3.7 | [IBM Java SDK for July 2020 CPU](<https://www.ibm.com/support/pages/node/6256732>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14577 | 3.7 | [IBM Java SDK for July 2020 CPU](<https://www.ibm.com/support/pages/node/6256732>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-13938 | 6.2 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6464029>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-11985 | 5.3 | Not affected | [Spoofing Vulnerability](<https://www.ibm.com/support/pages/node/6324789>) | 9.0 \n| CVE-2020-10693 | 5.3 | [Bypass security](<https://www.ibm.com/support/pages/node/6348216>) | Not affected | Liberty \n| CVE-2020-5258 | 7.5 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6443101>) | Not affected | 9.0, 8.5, 8.0, Liberty \n| CVE-2020-5016 | 5.3 | [Directory traversal](<https://www.ibm.com/support/pages/node/6427873>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-4949 | 8.2 | [XXE vulnerability](<https://www.ibm.com/support/pages/node/6408244>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-4782 | 6.5 | [Directory Traversal](<https://www.ibm.com/support/pages/node/6356083>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-4643 | 7.5 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6334311>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-4629 | 2.9 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6339255>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-4590 | 5.3 | [Denial of Service](<https://www.ibm.com/support/pages/node/6333623>) | Not affected | Liberty \n| CVE-2020-4589 | 8.1 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6258333>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2020-4578 | 5.4 | [Cross-site scripting](<https://www.ibm.com/support/pages/node/6328895>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-4576 | 5.3 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6339807>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-4575 | 4.7 | [Cross-site scripting](<https://www.ibm.com/support/pages/node/6323293>) | Not affected | 9.0, 8.5, 8.0VE, 7.0VE \n| CVE-2020-4534 | 7.8 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6255074>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2020-4464 | 8.8 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6250059>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2020-4450 | 9.8 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6220294>) | Not affected | 9.0,8.5 \n| CVE-2020-4449 | 7.5 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6220296>) | Not affected | 9.0, 8.5, 8.0,7.0 \n| CVE-2020-4448 | 9.8 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6220336>) | Not affected | 9.0, 8.5, 8.0VE, 7.0VE \n| CVE-2020-4421 | 5.0 | [Identity spoofing](<https://www.ibm.com/support/pages/node/6205926>) | Not affected | Liberty \n| CVE-2020-4365 | 5.3 | [Server-side request forgery](<https://www.ibm.com/support/pages/node/6209099>) | Not affected | 8.5 \n| CVE-2020-4362 | 7.5 | [Privilege Escalation](<https://www.ibm.com/support/pages/node/6174417>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2020-4329 | 4.3 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6201862>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2020-4304 | 6.1 | [Cross-site scripting](<https://www.ibm.com/support/pages/node/6147195>) | Not affected | Liberty \n| CVE-2020-4303 | 6.1 | [Cross-site scripting](<https://www.ibm.com/support/pages/node/6147195>) | Not affected | Liberty \n| CVE-2020-4276 | 7.5 | [Privilege Escalation](<https://www.ibm.com/support/pages/node/6118222>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2020-4163 | 6.6 | [Command Execution](<https://www.ibm.com/support/pages/node/1288786>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2020-2800 | 4.8 | [IBM Java SDK for April 2020 CPU](<https://www.ibm.com/support/pages/node/6206850>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2781 | 5.3 | [IBM Java SDK for April 2020 CPU](<https://www.ibm.com/support/pages/node/6206850>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2773 | 3.7 | [IBM Java SDK for January 2021 CPU](<https://www.ibm.com/support/pages/node/6415639>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2755 | 3.7 | [IBM Java SDK for April 2020 CPU](<https://www.ibm.com/support/pages/node/6206850>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2754 | 3.7 | [IBM Java SDK for April 2020 CPU](<https://www.ibm.com/support/pages/node/6206850>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2654 | 3.7 | [IBM Java SDK for April 2020 CPU](<https://www.ibm.com/support/pages/node/6206850>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2601 | 6.8 | [IBM Java SDK for July 2020 CPU](<https://www.ibm.com/support/pages/node/6256732>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2593 | 4.8 | [IBM Java SDK for January 2020 CPU](<https://www.ibm.com/support/pages/node/1289194>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2590 | 3.7 | [IBM Java SDK for July 2020 CPU](<https://www.ibm.com/support/pages/node/6256732>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-1934 | 8.1 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6191631>) | 9.0,8.5,8.0,7.0 \n| CVE-2020-1927 | 7.4 | Not affected | [Phishing attack](<https://www.ibm.com/support/pages/node/6191631>) | 9.0,8.5,8.0,7.0 \n \n**2019 CVEs**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2019-17573 | 6.1 | [Cross-site Scripting](<https://www.ibm.com/support/pages/node/6100132>) | Not affected | Liberty \n| CVE-2019-17566 | 7.5 | [Server-side request forgery](<https://www.ibm.com/support/pages/node/6322683>) | Not affected | 9.0,8.5,8.0 \n| CVE-2019-17495 | 5.3 | [Information Disclosure](<https://www.ibm.com/support/pages/node/1274596>) | Not affected | Liberty \n| CVE-2019-12402 | 4.3 | [Denial of Service](<https://www.ibm.com/support/pages/node/1074156>) | Not affected | Liberty \n| CVE-2019-12406 | 5.3 | [Denial of Service](<https://www.ibm.com/support/pages/node/1288774>) | Not affected | 9.0,Liberty \n| CVE-2019-11777 | 7.5 | [Spoofing vulnerability](<https://www.ibm.com/support/pages/node/6602039>) | Not affected | Liberty \n| CVE-2019-10098 | 3.7 | Not affected | [Phishing attack](<https://www.ibm.com/support/pages/node/964768>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-10092 | 4.7 | Not affected | [Cross-site scripting](<https://www.ibm.com/support/pages/node/964768>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-10086 | 5.3 | [Unauthorized Access](<https://www.ibm.com/support/pages/node/1115085>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-9518 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/1072860>) | Not affected | Liberty \n| CVE-2019-9517 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/1072860>) | Not affected | Liberty \n| CVE-2019-9515 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/1072860>) | Not affected | Liberty \n| CVE-2019-9514 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/1072860>) | Not affected | Liberty \n| CVE-2019-9513 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/1072860>) | Not affected | Liberty \n| CVE-2019-9512 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/1072860>) | Not affected | Liberty \n| CVE-2019-4732 | 7.2 | [IBM Java SDK for January 2020 CPU](<https://www.ibm.com/support/pages/node/1289194>) | Not affected | 9.0,8.5,Liberty \n| CVE-2019-4720 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/1285372>) | Not affected | 9.0, 8.5, 8.0, 7.0 Liberty \n| CVE-2019-4670 | 6.5 | [Information Disclosure](<https://www.ibm.com/support/pages/node/1289152>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2019-4663 | 5.4 | [Cross-site scripting](<https://www.ibm.com/support/pages/node/1127367>) | Not affected | Liberty \n| CVE-2019-4505 | 3.7 | [Information Disclosure](<https://www.ibm.com/support/pages/node/964766>) | Not affected | 9.0, 8.5, 7.0Virtual Enterprise \n| CVE-2019-4477 | 5.3 | [Information Disclosure](<https://www.ibm.com/support/pages/node/960290>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-4442 | 4.3 | [Path Traversal](<https://www.ibm.com/support/pages/node/959021>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-4441 | 5.3 | [Information disclosure](<https://www.ibm.com/support/pages/node/959023>) | Not affected | 9.0, 8.5, 8.0, 7.0 Liberty \n| CVE-2019-4305 | 5.3 | [Information disclosure](<https://www.ibm.com/support/pages/node/960171>) | Not affected | Liberty \n| CVE-2019-4304 | 6.3 | [Bypass security](<https://www.ibm.com/support/pages/node/960171>) | Not affected | Liberty \n| CVE-2019-4285 | 5.4 | [Clickjacking vulnerability](<https://www-01.ibm.com/support/docview.wss?uid=ibm10884064>) | Not affected | Liberty \n| CVE-2019-4279 | 9.0 | [Remote Code Execution](<https://www-01.ibm.com/support/docview.wss?uid=ibm10883628>) | Not affected | 9.0, 8.5, 7.0Virtual Enterprise \n| CVE-2019-4271 | 3.5 | [HTTP Parameter Pollution](<https://www.ibm.com/support/pages/node/884040>) | Not affected | 9.0, 8.5, 7.0Virtual Enterprise \n| CVE-2019-4270 | 5.4 | [Cross-site scripting](<https://www.ibm.com/support/pages/node/884036>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-4269 | 5.3 | [Information Disclosure](<https://www-01.ibm.com/support/docview.wss?uid=ibm10884032>) | Not affected | 9.0 \n| CVE-2019-4268 | 5.3 | [Path Traversal](<https://www.ibm.com/support/pages/node/884030>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-4080 | 6.5 | [Denial of Service](<https://www-01.ibm.com/support/docview.wss?uid=ibm10875692>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-4046 | 5.9 | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=ibm10869570>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2019-4030 | 5.4 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=ibm10869406>) | Not affected | 9.0, 8.5, 8.0VE, 7.0VE \n| CVE-2019-2989 | 6.8 | [IBM Java SDK for October 2019 CPU](<https://www.ibm.com/support/pages/node/1126887>) | Not affected | 9.0, 8.5, Liberty \n| CVE-2019-2949 | 6.8 | [IBM Java SDK for April 2020 CPU](<https://www.ibm.com/support/pages/node/6206850>) | Not affected | 9.0,8.5,Liberty \n| CVE-2019-2426 | 3.7 | [IBM Java SDK for January 2019 CPU](<https://www-01.ibm.com/support/docview.wss?uid=ibm10873042>) | Not affected | 9.0, 8.5, Liberty \n| CVE-2019-0220 | 5.3 | Not affected | [Weaker Security](<https://www-01.ibm.com/support/docview.wss?uid=ibm10880413>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-0211 | 8.2 | Not affected | [Privilege Escalation](<https://www-01.ibm.com/support/docview.wss?uid=ibm10880413>) | 9.0 \n \n**2018 CVEs**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| N/A | 8.1 | [Remote code execution in JSF](<http://www-01.ibm.com/support/docview.wss?uid=ibm10716525>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2018-25031 | 5.4 | [Spoofing vulnerability](<https://www.ibm.com/support/pages/node/6569505>) | Not affected | Liberty \n| CVE-2018-20843 | 3.3 | Not affected | [Denial of service](<https://www.ibm.com/support/pages/node/964768>) | 9.0, 8.5, 8.0, 9.0 \n| CVE-2018-17199 | 5.3 | Not affected | [Bypass security ](<http://www-01.ibm.com/support/docview.wss?uid=ibm10869064>) | 9.0 \n| CVE-2018-12547 | 9.8 | [IBM Java SDK for January 2019 CPU](<https://www-01.ibm.com/support/docview.wss?uid=ibm10873042>) | Not affected | 9.0, 8.5, Liberty \n| CVE-2018-12539 | 8.4 | [IBM Java SDK for July 2018 CPU](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729349>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-10237 | 7.5 | \n\n[Denial of service](<https://www-01.ibm.com/support/docview.wss?uid=ibm10795696>)\n\n| Not affected | 9.0, 8.5, Liberty \n| CVE-2018-8039 | 7.5 | [Man-in-the-Middle](<https://www-01.ibm.com/support/docview.wss?uid=ibm10720065>) | Not affected | 9.0 Liberty \n| CVE-2018-3180 | 5.6 | [IBM Java SDK for October 2018 CPU](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729607>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-3139 | 3.1 | [IBM Java SDK for October 2018 CPU](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729607>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2800 | 4.2 | [IBM Java SDK for April 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22016282>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2783 | 7.4 | [IBM Java SDK for April 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22016282>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2637 | 7.4 | [IBM Java SDK for January 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22013818>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2634 | 6.8 | [IBM Java SDK for January 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22013818>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2633 | 8.3 | [IBM Java SDK for January 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22013818>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2603 | 5.3 | [IBM Java SDK for January 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22013818>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2602 | 4.5 | [IBM Java SDK for January 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22013818>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2579 | 3.7 | [IBM Java SDK for January 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22013818>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-1996 | 5.3 | [Weaker Security](<https://www-01.ibm.com/support/docview.wss?uid=ibm10793421>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1957 | 4.0 | [Information Disclosure](<https://www-01.ibm.com/support/docview.wss?uid=ibm10744247>) | Not affected | 9.0 \n| CVE-2018-1926 | 4.3 | [Cross-site Request Forgery](<http://www-01.ibm.com/support/docview.wss?uid=ibm10742301>) | Not affected | 9.0, 8.5 \n| CVE-2018-1905 | 7.1 | [XXE vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=ibm10738721>) | Not affected | 9.0 \n| CVE-2018-1904 | 8.1 | [Remote Code execution](<http://www-01.ibm.com/support/docview.wss?uid=ibm10738735>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1902 | 3.1 | [Spoofing Vulnerability](<https://www-01.ibm.com/support/docview.wss?uid=ibm10795115>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-1901 | 5.0 | [Privilege Escalation](<http://www-01.ibm.com/support/docview.wss?uid=ibm10738727>) | Not affected | 9.0, 8.5, Liberty \n| CVE-2018-1890 | 5.6 | [IBM Java SDK for January 2019 CPU](<https://www-01.ibm.com/support/docview.wss?uid=ibm10873042>) | Not affected | 9.0, 8.5, Library \n| CVE-2018-1851 | 7.3 | [Code execution](<https://www-01.ibm.com/support/docview.wss?uid=ibm10735105>) | Not affected | Liberty \n| CVE-2018-1840 | 6.0 | [Privilege escalation](<http://www-01.ibm.com/support/docview.wss?uid=ibm10735767>) | Not affected | \n\n9.0, 8.5 \n \n| CVE-2018-1798 | 6.1 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=ibm10730703>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1797 | 6.3 | [Directory traversal](<http://www-01.ibm.com/support/docview.wss?uid=ibm10730699>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1794 | 6.1 | [Cross-site scripting](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729571>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1793 | 6.1 | [Cross-site scripting](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729563>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1777 | 5.4 | [Cross-site scripting](<https://www-01.ibm.com/support/docview.wss?uid=ibm10730631>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1770 | 6.5 | [Directory traversal](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729521>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1767 | 6.1 | [Cross-site scripting](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729547>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-1755 | 5.9 | [Information Disclosure](<https://www-01.ibm.com/support/docview.wss?uid=ibm10728689>) | Not affected | Liberty \n| CVE-2018-1719 | 5.9 | [Weaker security](<https://www-01.ibm.com/support/docview.wss?uid=ibm10718837>) | Not affected | 9.0, 8.5 \n| CVE-2018-1695 | 7.3 | [Spoofing vulnerability](<https://www-01.ibm.com/support/docview.wss?uid=ibm10716523>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2018-1683 | 5.9 | [Information disclosure](<https://www-01.ibm.com/support/docview.wss?uid=ibm10716533>) | Not affected | Liberty \n| CVE-2018-1656 | 7.4 | [IBM Java SDK for July 2018 CPU](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729349>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-1643 | 6.1 | [Cross-site Scripting](<https://www-01.ibm.com/support/docview.wss?uid=ibm10716857>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2018-1626 | 4.3 | [Cross-site Request Forgery](<http://www-01.ibm.com/support/docview.wss?uid=ibm10742301>) | Not affected | 9.0, 8.5 \n| CVE-2018-1621 | 4.4 | [Information disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22016821>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1614 | 5.8 | [Information disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22016887>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1567 | 9.8 | [Code execution](<https://www-01.ibm.com/support/docview.wss?uid=swg22016254>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1553 | 5.3 | [Information disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22016218>) | Not affected | Liberty \n| CVE-2018-1447 | 5.1 | Not affected | [Vulnerability in GSKit Component](<http://www-01.ibm.com/support/docview.wss?uid=swg22015347>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1427 | 6.2 | Not affected | [Vulnerability in GSKit Component](<http://www-01.ibm.com/support/docview.wss?uid=swg22015347>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1426 | 7.4 | Not affected | [Vulnerability in GSKit Component](<http://www-01.ibm.com/support/docview.wss?uid=swg22015347>) | 9.0, 8.5, 8.0, 7.0 \nROBOT | CVE-2018-1388 | 9.1 | Not affected | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22014196>) | 7.0 \n| CVE-2018-1301 | 5.3 | Not affected | [Denial of service](<http://www-01.ibm.com/support/docview.wss?uid=swg22015344>) | 9.0, 8.5, 8.0, 7.0 \n \n**2017 CVEs**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2017-15715 | 3.7 | Not affected | [Weaker security](<http://www-01.ibm.com/support/docview.wss?uid=swg22015344>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-15710 | 5.3 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg22015344>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-12624 | 5.3 | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg22013597>) | Not affected | 9.0, Liberty \n| CVE-2017-12618 | 5.5 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg22009782>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-12613 | 9.1 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg22013598>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-10388 | 7.5 | [IBM Java SDK for October 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22010560>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-10356 | 6.2 | [IBM Java SDK for October 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22010560>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-10116 | 8.3 | [IBM Java SDK for July 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22007002>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-10115 | 7.5 | [IBM Java SDK for July 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22007002>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-10102 | 9.0 | [IBM Java SDK for July 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22007002>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-9798 | 7.5 | Not affected | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22009782>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-7679 | 5.3 | Not affected | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22005280>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-7668 | 5.3 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg22005280>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-5638 | 7.3 | [Not affected bulletin](<http://www-01.ibm.com/support/docview.wss?uid=swg22000122>) | [Not affected bulletin](<http://www-01.ibm.com/support/docview.wss?uid=swg22000122>) | \n| CVE-2017-3736 | 5.9 | Not affected | [Vulnerability in GSKit Component](<http://www-01.ibm.com/support/docview.wss?uid=swg22015347>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-3732 | 5.3 | Not affected | [Vulnerability in GSKit Component](<http://www-01.ibm.com/support/docview.wss?uid=swg22015347>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-3511 | 7.7 | [IBM Java SDK for April 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22003016>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-3167 | 5.3 | Not affected | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg22005280>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1788 | 5.3 | [Spoofing](<http://www-01.ibm.com/support/docview.wss?uid=swg22012341>) | Not affected | 9.0, Liberty \n| CVE-2017-1743 | 4.3 | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22013601>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1741 | 4.3 | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22012342>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1731 | 8.8 | [Privilege escalation](<http://www-01.ibm.com/support/docview.wss?uid=swg22012345>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1681 | 4.0 | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22010419>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-1583 | 5.3 | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22008707>) | Not affected | 8.5, 8.0, Liberty \n| CVE-2017-1504 | 5.3 | [Weaker security](<http://www-01.ibm.com/support/docview.wss?uid=swg22006803>) | Not affected | 9.0 \n| CVE-2017-1503 | 6.1 | [HTTP response splitting](<http://www-01.ibm.com/support/docview.wss?uid=swg22006815>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1501 | 5.9 | [Weaker security](<http://www-01.ibm.com/support/docview.wss?uid=swg22006810>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2017-1382 | 5.1 | [Insecure file permissions](<http://www-01.ibm.com/support/docview.wss?uid=swg22004785>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1381 | 2.9 | [Information disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22004792>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1380 | 5.4 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg22004786>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1194 | 4.3 | [Cross-site request forgery](<http://www-01.ibm.com/support/docview.wss?uid=swg22001226>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-1151 | 8.1 | [Privilege escalation](<http://www-01.ibm.com/support/docview.wss?uid=swg21999293>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2017-1137 | 5.9 | [Weaker security](<http://www-01.ibm.com/support/docview.wss?uid=swg21998469>) | Not affected | 8.5, 8.0 \n| CVE-2017-1121 | 5.4 | [Cross-site scripting vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21997743>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n \n**2016 CVEs**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2016-1000031 | 9.8 | [Execute Code](<http://www-01.ibm.com/support/docview.wss?uid=swg22011428>) | Not affected | 9.0, 8.5, 8.0, Liberty \n| CVE-2016-9736 | 3.7 | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg21991469>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2016-8934 | 5.4 | [Cross-site scripting vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21992315>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-8919 | 5.9 | [Denial of service](<http://www-01.ibm.com/support/docview.wss?uid=swg21993797>) | Not affected | 9.0,8.5, 8.0, 7.0 \n| CVE-2016-8743 | 6.1 | Not affected | [Response splitting attack](<http://www-01.ibm.com/support/docview.wss?uid=swg21996847>) | 9.0,8.5, 8.0, 7.0 \n| CVE-2016-7056 | 4.0 | Not affected | [Vulnerability in GSKit Component](<http://www-01.ibm.com/support/docview.wss?uid=swg22015347>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-5986 | 3.7 | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg21990056>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-5983 | 7.5 | [Gain Privileges](<http://www-01.ibm.com/support/docview.wss?uid=swg21990060>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-5597 | 5.9 | [IBM Java SDK for October 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21993440>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-5573 | 8.3 | [IBM Java SDK for October 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21993440>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-5549 | 6.5 | [IBM Java SDK for January 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21998379>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-5548 | 6.5 | [IBM Java SDK for January 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21998379>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-5547 | 5.3 | [IBM Java SDK for January 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21998379>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-5546 | 7.5 | [IBM Java SDK for January 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21998379>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \nHTTPOXY | CVE-2016-5387 | 8.1 | Not affected | [Redirect HTTP traffic](<http://www-01.ibm.com/support/docview.wss?uid=swg21988019>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-4975 | 6.1 | Not affected | Superseded by CVE-2016-8743 | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-4472 | 5.3 | Not affected | [Denial of Service with Expat](<http://www-01.ibm.com/support/docview.wss?uid=swg21988026>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-3485 | 2.9 | [IBM Java SDK for July 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21988339>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-3427 | 10 | [IBM Java SDK for April 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21982223>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2016-3426 | 4.3 | [IBM Java SDK for April 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21982223>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2016-3092 | 5.3 | [Apache Commons FileUpload Vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21987864>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-3042 | 5.4 | [Cross-site scripting vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21986716>) | Not affected | Liberty \n| CVE-2016-3040 | 6.3 | [Open Redirect Vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21986715>) | Not affected | Liberty \n| CVE-2016-2960 | 3.7 | [Denial of Service with SIP Services](<http://www-01.ibm.com/support/docview.wss?uid=swg21984796>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-2945 | 5.0 | [Weaker security in Liberty API discovery feature](<http://www-01.ibm.com/support/docview.wss?uid=swg21984502>) | Not affected | Liberty \n| CVE-2016-2923 | 5.3 | [Information Disclosure vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21983700>) | Not affected | Liberty \nSWEET32 | CVE-2016-2183 | 3.7 | [IBM Java SDK for January 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21998379>) | [IBM HTTP Server and Sweet32](<http://www-01.ibm.com/support/docview.wss?uid=swg21991548>) (21 Dec 2017) | 9.0 8.5, 8.0, 7.0, Liberty \n| CVE-2016-1182 \n \nCVE-2016-1182 | 4.8 \n \n4.8 | [Bypass Security Restrictions](<http://www-01.ibm.com/support/docview.wss?uid=swg21985995>) \n[Bypass Security Restrictions UDDI](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>) (21 June 2018) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-1181 \n \nCVE-2016-1181 | 8.1 \n \n8.1 | [Execute Code](<http://www-01.ibm.com/support/docview.wss?uid=swg21985995>) \n \n[Execute Code UDDI](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>) (21 June 2018) | Not affected \n \nNot affected | 9.0, 8.5, 8.0, 7.0 \n9.0, 8.5. 8.0, 7.0 \nDROWN | CVE-2016-0800 | | [Not affected bulletin](<http://www-01.ibm.com/support/docview.wss?uid=swg21978292>) | [Not affected bulletin](<http://www-01.ibm.com/support/docview.wss?uid=swg21978317>) | \n| CVE-2016-0718 | 9.8 | Not affected | [Denial of Service with Expat](<http://www-01.ibm.com/support/docview.wss?uid=swg21988026>) (13 Sept 2016) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-0702 | 2.9 | Not affected | [Vulnerability in GSKit Component](<http://www-01.ibm.com/support/docview.wss?uid=swg22015347>) | 9.0, 8.5, 8.0 \n| CVE-2016-0488 | 4.0 | [IBM Java SDK for January 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21975424>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2016-0475 | 5.8 | [IBM Java SDK for January 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21975424>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2016-0466 | 5.0 | [IBM Java SDK for January 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21975424>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2016-0389 | 5.3 | [Information Disclosure Vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21982012>) | Not affected | Liberty \n| CVE-2016-0385 | 3.1 | [Bypass security restrictions](<http://www-01.ibm.com/support/docview.wss?uid=swg21982588>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-0378 | 3.7 | [Information Disclosure Vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21981529>) | Not affected | Liberty \n| CVE-2016-0377 | 4.3 | [Information Disclosure vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21980645>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2016-0360 | 8.1 | [Deserialize objects with MQ Resource adapter](<http://www-01.ibm.com/support/docview.wss?uid=swg21996748>) 14.03.2017 | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-0359 | 6.1 | [HTTP Response Splitting](<http://www-01.ibm.com/support/docview.wss?uid=swg21982526>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2016-0306 | 3.7 | [Security vulnerability if FIPS 140-2 is enabled](<http://www-01.ibm.com/support/docview.wss?uid=swg21979231>) | Not affected | 8.5, 8.0,7.0, Liberty \n| CVE-2016-0283 | 6.1 | [Cross-site scripting vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21978293>) | Not affected | Liberty \n| CVE-2016-0201 | 5.9 | Not affected | [Vulnerability in GSKit component](<http://www-01.ibm.com/support/docview.wss?uid=swg21974507>) | 8.5, 8.0, 7.0 \n \n**2015 CVEs**\n\n**Name**\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \nSLOTH | CVE-2015-7575 | 7.1 | [IBM Java SDK for January 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21975424>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2015-7450 | 9.8 | \n\n[Vulnerability in Apache Commons affects IBM WebSphere Application Server](<https://www-01.ibm.com/support/docview.wss?uid=swg21970575>) (21 Dec 2017)\n\n[Knowledge Center updates ](<https://www.ibm.com/support/pages/node/1107105>) (14 Nov 2019)\n\n| Not affected | \n\n8.5, 8.0, 7.0, Liberty\n\n9.0 \n \n| CVE-2015-7420 | 3.7 | Not affected | [Vulnerability in GSKit component](<http://www-01.ibm.com/support/docview.wss?uid=swg21974507>) | 8.5, 8.0, 7.0 \n| CVE-2015-7417 | 5.4 | [Cross-site scripting with OAuth](<http://www-01.ibm.com/support/docview.wss?uid=swg21974520>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2015-5262 | 5.3 | [Denial of Service](<https://www.ibm.com/support/pages/node/6453091>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2015-5006 | 4.6 | [IBM Java SDK for October 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21969620>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-4947 | 7.5 | Not affected | [Stack buffer overflow](<http://www-01.ibm.com/support/docview.wss?uid=swg21965419>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2015-4938 | 3.5 | [Spoof servlet vulnerabilities](<http://www-01.ibm.com/support/docview.wss?uid=swg21963275>) | | 8.5, 8.0, 7.0, Liberty \n| CVE-2015-4872 | 5.0 | [IBM Java SDK for October 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21969620>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-4749 | 4.3 | [IBM Java SDK for July 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21962931>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-4734 | 5.0 | [IBM Java SDK for October 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21969620>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \nLog Jam | CVE-2015-4000 | 4.3 | [Logjam with Diffie-Hellman ciphers](<http://www-01.ibm.com/support/docview.wss?uid=swg21957980>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-3183 | 6.1 | Not affected | [HTTP Request smuggling](<http://www-01.ibm.com/support/docview.wss?uid=swg21963361>) | 8.5, 8.0, 7.0, 6.1 \nBar Mitzvah | CVE-2015-2808 | 5.0 | [Vulnerability in RC4 stream cipher affects WebSphere Application Server](<https://www-01.ibm.com/support/docview.wss?uid=swg21701503>) | [Vulnerability in RC4 stream cipher affects IBM HTTP Server and Caching Proxy](<https://www-01.ibm.com/support/docview.wss?uid=swg21701072>) | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-2625 | 2.6 | [IBM Java SDK for July 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21962931>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-2613 | 5.0 | [IBM Java SDK for July 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21962931>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-2601 | 5.0 | [IBM Java SDK for July 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21962931>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-2017 | 5.0 | [HTTP response splitting attack](<http://www-01.ibm.com/support/docview.wss?uid=swg21966837>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2015-1946 | 4.1 | [Gain elevated privileges](<http://www-01.ibm.com/support/docview.wss?uid=swg21959083>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2015-1936 | 4 | [Hijack users session vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21959083>) | Not affected | 8.5, 8.0 \n| CVE-2015-1932 | 5 | [Information Disclosure vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21963275>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2015-1931 | 2.1 | [IBM Java SDK for July 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21962931>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-1927 | 6.8 | [Gain elevated privileges vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21959083>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2015-1920 | 9.3 | [Security vulnerability with management port in WebSphere Application Server](<http://www-01.ibm.com/support/docview.wss?uid=swg21883573>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2015-1916 | 5.0 | [IBM Java SDK for April 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21902260>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-1885 | 9.3 | [Gain elevated privileges with OAuth grant password](<http://www-01.ibm.com/support/docview.wss?uid=swg21697368>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2015-1882 | 8.5 | [Gain elevated privileges with EJB](<http://www-01.ibm.com/support/docview.wss?uid=swg21697368>) | Not affected | Liberty \n| CVE-2015-1829 | 5.0 | Not affected | [Denial of Service on Windows with IBM HTTP Server](<http://www-01.ibm.com/support/docview.wss?uid=swg21959081>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2015-1788 | 5.0 | Not affected | [Denial of Service in GSKIT with IBM HTTP Server](<http://www-01.ibm.com/support/docview.wss?uid=swg21963362>) | 8.5, 8.0 \n| CVE-2015-1283 | 6.8 | Not affected | [Denial of Service with IBM HTTP Server](<http://www-01.ibm.com/support/docview.wss?uid=swg21964428>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2015-0899 | 4.3 | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2015-0488 | 5.0 | [IBM Java SDK for April 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21902260>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-0478 | 4.3 | [IBM Java SDK for April 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21902260>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-0410 | 5.0 | [IBM Java SDK for January 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21695362>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2015-0400 | 5.0 | [IBM Java SDK for January 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21695362>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2015-0254 | 7.5 | [Security vulnerability in Apache Standard Taglibs](<http://www-01.ibm.com/support/docview.wss?uid=swg21978495>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-0250 | 4.3 | [Security vulnerability in Apache Batik](<http://www-01.ibm.com/support/docview.wss?uid=swg21959083>) | Not affected | 8.5, 8.0, 7.0, 6.1 \nGhost | CVE-2015-0235 | | Not affected | Not affected | \n| CVE-2015-0226 | 5.0 | [Security vulnerability in Apache WSS4J](<http://www-01.ibm.com/support/docview.wss?uid=swg21959083>) | Not affected | 8.5 \n| CVE-2015-0204 | 4.3 | [IBM Java SDK for April 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21902260>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-0174 | 3.5 | [Information disclosure with SNMP](<http://www-01.ibm.com/support/docview.wss?uid=swg21697368>) | Not affected | 8.5 \n| CVE-2015-0175 | 4.0 | [Gain elevated privileges with authData elements](<http://www-01.ibm.com/support/docview.wss?uid=swg21697368>) | Not affected | Liberty \nFREAK | CVE-2015-0138 | 4.3 | [Vulnerability with RSA export Keys affects WebSphere Application Server](<http://www-01.ibm.com/support/docview.wss?uid=swg21698613>) | [Vulnerability with RSA export keys affects IBM HTTP Server](<http://www-01.ibm.com/support/docview.wss?uid=swg21698959>) | 8.5, 8.0, 7.0, 6.1, Liberty \n \n**2014 CVEs**\n\n**Name**\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2014-8917 | 4.3 | [Cross-site Scripting in Dojo Toolkit](<http://www-01.ibm.com/support/docview.wss?uid=swg21697284>) | Not affected | 8.5, 8.0 \n| CVE-2014-8890 | 5.1 | [Elevated Privileges in Liberty](<http://www-01.ibm.com/support/docview.wss?uid=swg21690185>) | Not affected | Liberty \nTLS Padding | CVE-2014-8730 | 4.3 | [Not affected bulletin](<http://www-01.ibm.com/support/docview.wss?uid=swg21692484>) | [TLS Padding in IBM HTTP Server](<http://www-01.ibm.com/support/docview.wss?uid=swg21692502>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-7810 | 5.0 | [Bypass security](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729557>) | [Bypass security](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729557>) | 9.0, 8.5, 8.0, 7.0, Liberty \nShell shock | CVE-2014-7189 \nCVE-2014-7186 \nCVE-2014-7169 \nCVE-2014-6278 \nCVE-2014-6277 \nCVE-2014-6271 | | [Bash Vulnerabilities](<http://www-01.ibm.com/support/docview.wss?uid=swg21685433>) \n \nNot affected but applications could be | [Bash Vulnerabilities](<http://www-01.ibm.com/support/docview.wss?uid=swg21685433>) \n \nNot affected but applications could be | Customer application might be vulnerable \n| CVE-2014-6593 | 4.0 | [IBM Java SDK for January 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21695362>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-6558 | 2.6 | [IBM Java SDK for October 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21687740>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-6512 | 4.3 | [IBM Java SDK for October 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21687740>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-6457 | 4.0 | [IBM Java SDK for October 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21687740>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-6174 | 4.3 | [Click jacking vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21690185>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2014-6167 | | [Cross-site scripting](<https://www-304.ibm.com/support/docview.wss?uid=swg21682767>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2014-6166 | 5.0 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21690185>) | Not affected | 8.5, 8.0 \n| CVE-2014-6164 | 4.3 | [Spoofing vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21690185>) | Not affected | 8.5 \n| CVE-2014-4816 | 3.5 | Not affected | [Cross-site scripting vulnerability](<https://www-304.ibm.com/support/docview.wss?uid=swg21682767>) | 8.5, 8.0, 7.0, 6.1, 6.0 \n| CVE-2014-4770 | 3.5 | Not affected | [Cross-site request forgery](<https://www-304.ibm.com/support/docview.wss?uid=swg21682767>) | 8.5, 8.0, 7.0, 6.1, 6.0 \n| CVE-2014-4767 | 4.3 | [Weaker than expected security](<http://www-01.ibm.com/support/docview.wss?uid=swg21681249>) | Not affected | Liberty \n| CVE-2014-4764 | 7.1 | [Denial of service](<http://www-01.ibm.com/support/docview.wss?uid=swg21681249>) | Not affected | 8.5, 8.0 \n| CVE-2014-4263 | 4.0 | [IBM Java SDK for July 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21680418>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-4244 | 4.0 | [IBM Java SDK for July 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21680418>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-3603 | 6.5 | [Spoofing](<https://www.ibm.com/support/pages/node/964764>) | Not affected | Liberty \n| CVE-2014-3577 | 4.3 | [Spoofing Vulnerability](<https://www.ibm.com/support/pages/node/6453091>) | Not affected | 9.0, 8.5, 8.0 \nPOODLE | CVE-2014-3566 | 4.3 | [IBM Java SDK for October 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21687740>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-3083 | 5.0 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21681249>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2014-3070 | 5.0 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21676222>) | Not affected | 8.5, 8.0 \n| CVE-2014-3068 | 2.4 | [IBM Java SDK for July 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21680418>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-3022 | 5.0 | [Bypass security](<https://www-304.ibm.com/support/docview.wss?uid=swg21676222>) | Not affected | 8.5, 8.0 \n| CVE-2014-3021 | 5.0 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21690185>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2014-0965 | 4.3 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21681249>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2014-0964 | 7.1 | [Denial of service](<http://www-01.ibm.com/support/docview.wss?uid=swg21671835>) | Not affected | 6.1 \n| CVE-2014-0963 | 7.1 | Not affected | [CPU exhaustion](<https://www-304.ibm.com/support/docview.wss?uid=swg21672843>) | 8.5, 8.0, 7.0, 6.1, 6.0 \n| CVE-2014-0896 | 4.3 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21669554>) | Not affected | Liberty \n| CVE-2014-0891 | 5.0 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21669554>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2014-0878 | 5.8 | [IBM Java SDK for April 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21673013>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-0859 | 5.0 | [Denial of service](<http://www-01.ibm.com/support/docview.wss?uid=swg21669554>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2014-0857 | 4.0 | [Obtain Information](<http://www-01.ibm.com/support/docview.wss?uid=swg21671835>) | Not affected | 8.5, 8.0 \n| CVE-2014-0823 | 4.3 | [View Files](<http://www-01.ibm.com/support/docview.wss?uid=swg21671835>) | Not affected | 8.5, 8.0, Liberty \n| CVE-2014-0460 | 5.8 | [IBM Java SDK for April 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21673013>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-0453 | 4.0 | [IBM Java SDK for April 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21673013>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-0411 | 4.0 | [IBM Java SDK for January 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21663938>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-0231 | 5.0 | Not affected | [Denial of Service](<https://www-304.ibm.com/support/docview.wss?uid=swg21672428>) | 8.5, 8.0, 7.0, 6.1, 6.0 \n| CVE-2014-0226 | 7.5 | Not affected | [Heap buffer overflow](<https://www-304.ibm.com/support/docview.wss?uid=swg21672428>) | 8.5, 8.0, 7.0, 6.1, 6.0 \nHeartbleed | CVE-2014-0160 | | [Not affected Bulletin](<http://www-01.ibm.com/support/docview.wss?uid=swg21669774>) | [Not affected Bulletin](<http://www-01.ibm.com/support/docview.wss?uid=swg21669774>) | \n| CVE-2014-0118 | 5.0 | Not affected | [Denial of Service](<https://www-304.ibm.com/support/docview.wss?uid=swg21672428>) | 8.5, 8.0, 7.0, 6.1, 6.0 \n| CVE-2014-0114 \nCVE-2014-0114 | 7.5 \n7.5 | [Execute code](<http://www-01.ibm.com/support/docview.wss?uid=swg21672316>) \n[Execute code UDDI](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>) (21 June 2018) | Not affected | 7.0, 6.1 \n9.0, 8.5, 8.0, 7.0 \n| CVE-2014-0098 | 5.0 | Not affected | [Denial of service](<https://www-304.ibm.com/support/docview.wss?uid=swg21667526>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-0076 | 2.1 | Not affected | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg21681249>) | 8.5, 8.0 \n| CVE-2014-0050 | 5.0 | [Denial of service](<http://www-01.ibm.com/support/docview.wss?uid=swg21667254>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n \n**2013 CVEs**\n\n**Name**\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2013-6747 | 7.1 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21669554>) | 8.5, 8.0, 7.0 \n| CVE-2013-6738 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21669554>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2013-6725 | 3.5 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21661323>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2013-6440 | 4.3 | [XML External Entity](<http://www-01.ibm.com/support/docview.wss?uid=swg22010415>) | Not affected | Liberty \n| CVE-2013-6438 | 4.3 | Not affected | [Buffer overflow](<http://www-01.ibm.com/support/docview.wss?uid=swg21669554>) | 8.5, 8.0, 7.0 \n| CVE-2013-6330 | 2.1 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21661323>) | Not affected | 7.0 \n| CVE-2013-6329 | 7.8 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21659548>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-6325 | 4.3 | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21661323>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2013-6323 | 3.5 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21669554>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2013-5802 | 2.6 | [IBM Java SDK for Oct 2013 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21655990>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-5780 | 4.3 | [IBM Java SDK for Oct 2013 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21655990>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-5704 | 5 | Not affected | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg21672428>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-5425 | 3.5 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | 8.5 \n| CVE-2013-5418 | 3.5 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2013-5417 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | 8.5, 8.0, 7.0 Liberty \n| CVE-2013-5414 | 3.5 | [Privilege escalation](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2013-5372 | 4.3 | [IBM Java SDK for Oct 2013 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21655990>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-4053 | 6.8 | [Privilege escalation](<http://www-01.ibm.com/support/docview.wss?uid=swg21647522>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-4052 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21647522>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-4039 | 4 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21647485>) | Not affected | 8.5 \n| CVE-2013-4006 | 3.5 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | Liberty \n| CVE-2013-4005 | 3.5 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21644047>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-4004 | 3.5 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21644047>) | Not affected | 8.5, 8.0 \n| CVE-2013-3029 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21640799>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-3024 | 6.9 | [Execute code](<http://www-01.ibm.com/support/docview.wss?uid=swg21639553>) | Not affected | 8.5 \n| CVE-2013-2976 | 1.9 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21639553>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-2967 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21639553>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-1896 | 4.3 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21643362>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-1862 | 5.1 | Not affected | [Command execution](<http://www-01.ibm.com/support/docview.wss?uid=swg21635991>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-1768 | 10 | [Deserialization](<http://www-01.ibm.com/support/docview.wss?uid=swg21635999>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2013-1571 | 4.3 | [Clickjacking](<http://www-01.ibm.com/support/docview.wss?uid=swg21641387>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0599 | 5 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | 8.5 \n| CVE-2013-0597 | 3.5 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21635998>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2013-0596 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21647522>) | Not affected | 6.1 \n| CVE-2013-0565 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21632423>) | Not affected | 8.5 \n| CVE-2013-0544 | 3.5 | [File directory traversal](<http://www-01.ibm.com/support/docview.wss?uid=swg21632423>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0543 | 6.8 | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg21632423>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0542 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21632423>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0541 | 1.9 | [Buffer overflow](<http://www-01.ibm.com/support/docview.wss?uid=swg21632423>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0540 | 4.9 | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg21632423>) | Not affected | Liberty \n| CVE-2013-0482 | 2.6 | [Spoofing](<http://www-01.ibm.com/support/docview.wss?uid=swg21634646>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0467 | 4 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | 8.5 \n| CVE-2013-0464 | 4.3 | [Execute code](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | 8.5, 8.0, \n| CVE-2013-0462 | 6.5 | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg21632423>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2013-0461 | 1.2 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21622444>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0460 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21622444>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0459 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21622444>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0458 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21622444>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0443 | 4 | [IBM Java SDK for Feb 2013 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21627634>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0440 | 5 | [IBM Java SDK for Feb 2013 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21627634>) | Not affected | 8.5, 8.0, 7.0, 6.1 \nLucky Thirteen | CVE-2013-0169 | 4.3 | [IBM Java SDK for Feb 2013 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21627634>) | [Side Channel Attack](<http://www-01.ibm.com/support/docview.wss?uid=swg21635988>) | 8.5, 8.0, 7.0, 6.1 \n \n**2012 CVEs**\n\n**Name**\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2012-6153 | 4.3 | [Spoofing Vulnerability](<https://www.ibm.com/support/pages/node/6453091>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2012-5783 | 4.3 | [Spoofing attacks](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2012-4853 | 4.3 | [Cross-site request Forgery](<http://www-01.ibm.com/support/docview.wss?uid=swg21614265>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-4851 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21614265>) | Not affected | Liberty \n| CVE-2012-4850 | 7.5 | [Privilege escalation](<http://www-01.ibm.com/support/docview.wss?uid=swg21614265>) | Not affected | Liberty \n| CVE-2012-3330 | 5 | [Denial of Servic](<http://www-01.ibm.com/support/docview.wss?uid=swg21614265>)e | Not affected | 8.5, 8.0, 7.0 \n| CVE-2012-3325 | 6 | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg21609067>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-3311 | 3 | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg21611313>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2012-3306 | 4.3 | [Weaker security](<http://www-01.ibm.com/support/docview.wss?uid=swg21611313>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2012-3305 | 5.8 | [File directory traversal](<http://www-01.ibm.com/support/docview.wss?uid=swg21611313>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-3304 | 6.8 | [Hijack session](<http://www-01.ibm.com/support/docview.wss?uid=swg21611313>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-3293 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21611313>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-2191 | 5 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21606096>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-2190 | 5 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21606096>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-2170 | 4.3 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21595172>) | Not affected | 8.0, 7.0, 6.1 \n| CVE-2012-2159 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21606096>) | Not affected | 8.5, 8.0 \n| CVE-2012-2098 | 5 | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21644047>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-1148 | 5 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21988026>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2012-1007 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2012-0876 | 5 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21988026>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2012-0720 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21587015>) | Not affected | 8.0, 7.0, 6.1 \n| CVE-2012-0717 | 2.6 | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg21587015>) | Not affected | 7.0, 6.1 \n| CVE-2012-0716 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21587015>) | Not affected | 8.0, 7.0, 6.1 \n| CVE-2012-0193 | 5 | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21587015>) | Not affected | 8.0, 7.0, 6.1 \n \n**2011 CVEs**\n\n**Name**\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2011-4889 | 5 | [Weaker security](<http://www-01.ibm.com/support/docview.wss?uid=swg21587015>) | Not affected | 8.0, 7.0, 6.1 \n| CVE-2011-4343 | 5 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg22008707>) | Not affected | 8.5, 8.0, Liberty \n| CVE-2011-1498 | 5 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6453091>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2011-1377 | 2.1 | [Weaker security](<http://www-01.ibm.com/support/docview.wss?uid=swg21589257>) | Not affected | 8.0, 7.0, 6.1 \n| CVE-2011-1376 | 4.4 | [Insecure permissions](<http://www-01.ibm.com/support/docview.wss?uid=swg21587015>) | Not affected | 8.0, 7.0, 6.1 \n \n**Important note: **IBM strongly suggests that all System z customers be subscribed to the System z Security Portal to receive the latest critical System z security and integrity service. If you are not subscribed, see the instructions on the [System z Security web site](<https://www.ibm.com/it-infrastructure/z/capabilities/system-integrity>). Security and integrity APARs and associated fixes will be posted to this portal. IBM suggests reviewing the CVSS scores and applying all security or integrity fixes as soon as possible to minimize any potential risk.\n\n[{\"Product\":{\"code\":\"SSEQTP\",\"label\":\"WebSphere Application Server\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Security\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF012\",\"label\":\"IBM i\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF035\",\"label\":\"z\\/OS\"}],\"Version\":\"9.0.0.0;8.5.5;8.5;8.0;7.0;6.1\",\"Edition\":\"Advanced;Base;Developer;Express;Liberty;Network Deployment\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}},{\"Product\":{\"code\":\"SSEQTJ\",\"label\":\"IBM HTTP Server\"},\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud \\u0026 Data Platform\"},\"Component\":\" \",\"Platform\":[{\"code\":\"\",\"label\":\"\"}],\"Version\":\"\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}},{\"Product\":{\"code\":\"SSCKBL\",\"label\":\"WebSphere Application Server Hypervisor Edition\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\" \",\"Platform\":[{\"code\":\"\",\"label\":\"\"}],\"Version\":\"\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}},{\"Product\":{\"code\":\"SSD28V\",\"label\":\"WebSphere Application Server Liberty Core\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\" \",\"Platform\":[{\"code\":\"\",\"label\":\"\"}],\"Version\":\"\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-07-13T18:04:48", "type": "ibm", "title": "WebSphere Application Server and IBM HTTP Server Security Bulletin List", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1376", "CVE-2011-1377", "CVE-2011-1498", "CVE-2011-4343", "CVE-2011-4889", "CVE-2012-0193", "CVE-2012-0716", "CVE-2012-0717", "CVE-2012-0720", "CVE-2012-0876", "CVE-2012-1007", "CVE-2012-1148", "CVE-2012-2098", "CVE-2012-2159", "CVE-2012-2170", "CVE-2012-2190", "CVE-2012-2191", "CVE-2012-3293", "CVE-2012-3304", "CVE-2012-3305", "CVE-2012-3306", "CVE-2012-3311", "CVE-2012-3325", "CVE-2012-3330", "CVE-2012-4850", "CVE-2012-4851", "CVE-2012-4853", "CVE-2012-5783", "CVE-2012-6153", "CVE-2013-0169", "CVE-2013-0440", "CVE-2013-0443", "CVE-2013-0458", "CVE-2013-0459", "CVE-2013-0460", "CVE-2013-0461", "CVE-2013-0462", "CVE-2013-0464", "CVE-2013-0467", "CVE-2013-0482", "CVE-2013-0540", "CVE-2013-0541", "CVE-2013-0542", "CVE-2013-0543", "CVE-2013-0544", "CVE-2013-0565", "CVE-2013-0596", "CVE-2013-0597", "CVE-2013-0599", "CVE-2013-1571", "CVE-2013-1768", "CVE-2013-1862", "CVE-2013-1896", "CVE-2013-2967", "CVE-2013-2976", "CVE-2013-3024", "CVE-2013-3029", "CVE-2013-4004", "CVE-2013-4005", "CVE-2013-4006", "CVE-2013-4039", "CVE-2013-4052", "CVE-2013-4053", "CVE-2013-5372", "CVE-2013-5414", "CVE-2013-5417", "CVE-2013-5418", "CVE-2013-5425", "CVE-2013-5704", "CVE-2013-5780", "CVE-2013-5802", "CVE-2013-6323", "CVE-2013-6325", "CVE-2013-6329", "CVE-2013-6330", "CVE-2013-6438", "CVE-2013-6440", "CVE-2013-6725", "CVE-2013-6738", "CVE-2013-6747", "CVE-2014-0050", "CVE-2014-0076", "CVE-2014-0098", "CVE-2014-0114", "CVE-2014-0118", "CVE-2014-0160", "CVE-2014-0226", "CVE-2014-0231", "CVE-2014-0411", "CVE-2014-0453", "CVE-2014-0460", "CVE-2014-0823", "CVE-2014-0857", "CVE-2014-0859", "CVE-2014-0878", "CVE-2014-0891", "CVE-2014-0896", "CVE-2014-0963", "CVE-2014-0964", "CVE-2014-0965", "CVE-2014-3021", "CVE-2014-3022", "CVE-2014-3068", "CVE-2014-3070", "CVE-2014-3083", "CVE-2014-3566", "CVE-2014-3577", "CVE-2014-3603", "CVE-2014-4244", "CVE-2014-4263", "CVE-2014-4764", "CVE-2014-4767", "CVE-2014-4770", "CVE-2014-4816", "CVE-2014-6164", "CVE-2014-6166", "CVE-2014-6167", "CVE-2014-6174", "CVE-2014-6271", "CVE-2014-6277", "CVE-2014-6278", "CVE-2014-6457", "CVE-2014-6512", "CVE-2014-6558", "CVE-2014-6593", "CVE-2014-7169", "CVE-2014-7186", "CVE-2014-7189", "CVE-2014-7810", "CVE-2014-8730", "CVE-2014-8890", "CVE-2014-8917", "CVE-2015-0138", "CVE-2015-0174", "CVE-2015-0175", "CVE-2015-0204", "CVE-2015-0226", "CVE-2015-0235", "CVE-2015-0250", "CVE-2015-0254", "CVE-2015-0400", "CVE-2015-0410", "CVE-2015-0478", "CVE-2015-0488", "CVE-2015-0899", "CVE-2015-1283", "CVE-2015-1788", "CVE-2015-1829", "CVE-2015-1882", "CVE-2015-1885", "CVE-2015-1916", "CVE-2015-1920", "CVE-2015-1927", "CVE-2015-1931", "CVE-2015-1932", "CVE-2015-1936", "CVE-2015-1946", "CVE-2015-2017", "CVE-2015-2601", "CVE-2015-2613", "CVE-2015-2625", "CVE-2015-2808", "CVE-2015-3183", "CVE-2015-4000", "CVE-2015-4734", "CVE-2015-4749", "CVE-2015-4872", "CVE-2015-4938", "CVE-2015-4947", "CVE-2015-5006", "CVE-2015-5262", "CVE-2015-7417", "CVE-2015-7420", "CVE-2015-7450", "CVE-2015-7575", "CVE-2016-0201", "CVE-2016-0283", "CVE-2016-0306", "CVE-2016-0359", "CVE-2016-0360", "CVE-2016-0377", "CVE-2016-0378", "CVE-2016-0385", "CVE-2016-0389", "CVE-2016-0466", "CVE-2016-0475", "CVE-2016-0488", "CVE-2016-0702", "CVE-2016-0718", "CVE-2016-0800", "CVE-2016-1000031", "CVE-2016-1181", "CVE-2016-1182", "CVE-2016-2183", "CVE-2016-2923", "CVE-2016-2945", "CVE-2016-2960", "CVE-2016-3040", "CVE-2016-3042", "CVE-2016-3092", "CVE-2016-3426", "CVE-2016-3427", "CVE-2016-3485", "CVE-2016-4472", "CVE-2016-4975", "CVE-2016-5387", "CVE-2016-5546", "CVE-2016-5547", "CVE-2016-5548", "CVE-2016-5549", "CVE-2016-5573", "CVE-2016-5597", "CVE-2016-5983", "CVE-2016-5986", "CVE-2016-7056", "CVE-2016-8743", "CVE-2016-8919", "CVE-2016-8934", "CVE-2016-9736", "CVE-2017-10102", "CVE-2017-10115", "CVE-2017-10116", "CVE-2017-10356", "CVE-2017-10388", "CVE-2017-1121", "CVE-2017-1137", "CVE-2017-1151", "CVE-2017-1194", "CVE-2017-12613", "CVE-2017-12618", "CVE-2017-12624", "CVE-2017-1380", "CVE-2017-1381", "CVE-2017-1382", "CVE-2017-1501", "CVE-2017-1503", "CVE-2017-1504", "CVE-2017-15710", "CVE-2017-15715", "CVE-2017-1583", "CVE-2017-1681", "CVE-2017-1731", "CVE-2017-1741", "CVE-2017-1743", "CVE-2017-1788", "CVE-2017-3167", "CVE-2017-3511", "CVE-2017-3732", "CVE-2017-3736", "CVE-2017-5638", "CVE-2017-7668", "CVE-2017-7679", "CVE-2017-9798", "CVE-2018-10237", "CVE-2018-12539", "CVE-2018-12547", "CVE-2018-1301", "CVE-2018-1388", "CVE-2018-1426", "CVE-2018-1427", "CVE-2018-1447", "CVE-2018-1553", "CVE-2018-1567", "CVE-2018-1614", "CVE-2018-1621", "CVE-2018-1626", "CVE-2018-1643", "CVE-2018-1656", "CVE-2018-1683", "CVE-2018-1695", "CVE-2018-1719", "CVE-2018-17199", "CVE-2018-1755", "CVE-2018-1767", "CVE-2018-1770", "CVE-2018-1777", "CVE-2018-1793", "CVE-2018-1794", "CVE-2018-1797", "CVE-2018-1798", "CVE-2018-1840", "CVE-2018-1851", "CVE-2018-1890", "CVE-2018-1901", "CVE-2018-1902", "CVE-2018-1904", "CVE-2018-1905", "CVE-2018-1926", "CVE-2018-1957", "CVE-2018-1996", "CVE-2018-20843", "CVE-2018-25031", "CVE-2018-2579", "CVE-2018-2602", "CVE-2018-2603", "CVE-2018-2633", "CVE-2018-2634", "CVE-2018-2637", "CVE-2018-2783", "CVE-2018-2800", "CVE-2018-3139", "CVE-2018-3180", "CVE-2018-8039", "CVE-2019-0211", "CVE-2019-0220", "CVE-2019-10086", "CVE-2019-10092", "CVE-2019-10098", "CVE-2019-11777", "CVE-2019-12402", "CVE-2019-12406", "CVE-2019-17495", "CVE-2019-17566", "CVE-2019-17573", "CVE-2019-2426", "CVE-2019-2949", "CVE-2019-2989", "CVE-2019-4030", "CVE-2019-4046", "CVE-2019-4080", "CVE-2019-4268", "CVE-2019-4269", "CVE-2019-4270", "CVE-2019-4271", "CVE-2019-4279", "CVE-2019-4285", "CVE-2019-4304", "CVE-2019-4305", "CVE-2019-4441", "CVE-2019-4442", "CVE-2019-4477", "CVE-2019-4505", "CVE-2019-4663", "CVE-2019-4670", "CVE-2019-4720", "CVE-2019-4732", "CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9517", "CVE-2019-9518", "CVE-2020-10693", "CVE-2020-11985", "CVE-2020-13938", "CVE-2020-14577", "CVE-2020-14578", "CVE-2020-14579", "CVE-2020-14581", "CVE-2020-14621", "CVE-2020-14781", "CVE-2020-14782", "CVE-2020-14797", "CVE-2020-1927", "CVE-2020-1934", "CVE-2020-2590", "CVE-2020-2593", "CVE-2020-2601", "CVE-2020-2654", "CVE-2020-27221", "CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-4163", "CVE-2020-4276", "CVE-2020-4303", "CVE-2020-4304", "CVE-2020-4329", "CVE-2020-4362", "CVE-2020-4365", "CVE-2020-4421", "CVE-2020-4448", "CVE-2020-4449", "CVE-2020-4450", "CVE-2020-4464", "CVE-2020-4534", "CVE-2020-4575", "CVE-2020-4576", "CVE-2020-4578", "CVE-2020-4589", "CVE-2020-4590", "CVE-2020-4629", "CVE-2020-4643", "CVE-2020-4782", "CVE-2020-4949", "CVE-2020-5016", "CVE-2020-5258", "CVE-2021-20353", "CVE-2021-20354", "CVE-2021-20453", "CVE-2021-20454", "CVE-2021-20480", "CVE-2021-20492", "CVE-2021-20517", "CVE-2021-2161", "CVE-2021-23450", "CVE-2021-2369", "CVE-2021-26296", "CVE-2021-26690", "CVE-2021-26691", "CVE-2021-29736", "CVE-2021-29754", "CVE-2021-29842", "CVE-2021-30641", "CVE-2021-34798", "CVE-2021-35517", "CVE-2021-35550", "CVE-2021-35564", "CVE-2021-35578", "CVE-2021-35603", "CVE-2021-36090", "CVE-2021-38951", "CVE-2021-39031", "CVE-2021-39038", "CVE-2021-39275", "CVE-2021-40438", "CVE-2021-4104", "CVE-2021-44224", "CVE-2021-44228", "CVE-2021-44790", "CVE-2021-44832", "CVE-2021-45046", "CVE-2021-45105", "CVE-2021-45960", "CVE-2021-46143", "CVE-2021-46708", "CVE-2022-21229", "CVE-2022-21299", "CVE-2022-21340", "CVE-2022-21496", "CVE-2022-22310", "CVE-2022-22365", "CVE-2022-22393", "CVE-2022-22473", "CVE-2022-22475", "CVE-2022-22476", "CVE-2022-22477", "CVE-2022-22719", "CVE-2022-22720", "CVE-2022-22721", "CVE-2022-22822", "CVE-2022-22823", "CVE-2022-22824", "CVE-2022-22825", "CVE-2022-22826", "CVE-2022-22827", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307", "CVE-2022-23852", "CVE-2022-23990", "CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25313", "CVE-2022-25315", "CVE-2022-26377", "CVE-2022-28614", "CVE-2022-28615", "CVE-2022-29404", "CVE-2022-30556", "CVE-2022-31813"], "modified": "2022-07-13T18:04:48", "id": "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "href": "https://www.ibm.com/support/pages/node/710969", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "amazon": [{"lastseen": "2022-01-28T03:18:25", "description": "**Issue Overview:**\n\nThere's a null pointer dereference and server-side request forgery flaw in httpd's mod_proxy module, when it is configured to be used as a forward proxy. A crafted packet could be sent on the adjacent network to the forward proxy that could cause a crash, or potentially SSRF via misdirected Unix Domain Socket requests. In the worst case, this could cause a denial of service or compromise to confidentiality of data. (CVE-2021-44224)\n\nA buffer overflow flaw in httpd's lua module could allow an out-of-bounds write. An attacker who is able to submit a crafted request to an httpd instance that is using the lua module may be able to cause an impact to confidentiality, integrity, and/or availability. (CVE-2021-44790)\n\n \n**Affected Packages:** \n\n\nhttpd\n\n \n**Issue Correction:** \nRun _yum update httpd_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n \u00a0\u00a0\u00a0 httpd-2.4.52-1.amzn2.aarch64 \n \u00a0\u00a0\u00a0 httpd-devel-2.4.52-1.amzn2.aarch64 \n \u00a0\u00a0\u00a0 httpd-tools-2.4.52-1.amzn2.aarch64 \n \u00a0\u00a0\u00a0 mod_ssl-2.4.52-1.amzn2.aarch64 \n \u00a0\u00a0\u00a0 mod_md-2.4.52-1.amzn2.aarch64 \n \u00a0\u00a0\u00a0 mod_proxy_html-2.4.52-1.amzn2.aarch64 \n \u00a0\u00a0\u00a0 mod_ldap-2.4.52-1.amzn2.aarch64 \n \u00a0\u00a0\u00a0 mod_session-2.4.52-1.amzn2.aarch64 \n \u00a0\u00a0\u00a0 httpd-debuginfo-2.4.52-1.amzn2.aarch64 \n \n i686: \n \u00a0\u00a0\u00a0 httpd-2.4.52-1.amzn2.i686 \n \u00a0\u00a0\u00a0 httpd-devel-2.4.52-1.amzn2.i686 \n \u00a0\u00a0\u00a0 httpd-tools-2.4.52-1.amzn2.i686 \n \u00a0\u00a0\u00a0 mod_ssl-2.4.52-1.amzn2.i686 \n \u00a0\u00a0\u00a0 mod_md-2.4.52-1.amzn2.i686 \n \u00a0\u00a0\u00a0 mod_proxy_html-2.4.52-1.amzn2.i686 \n \u00a0\u00a0\u00a0 mod_ldap-2.4.52-1.amzn2.i686 \n \u00a0\u00a0\u00a0 mod_session-2.4.52-1.amzn2.i686 \n \u00a0\u00a0\u00a0 httpd-debuginfo-2.4.52-1.amzn2.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 httpd-manual-2.4.52-1.amzn2.noarch \n \u00a0\u00a0\u00a0 httpd-filesystem-2.4.52-1.amzn2.noarch \n \n src: \n \u00a0\u00a0\u00a0 httpd-2.4.52-1.amzn2.src \n \n x86_64: \n \u00a0\u00a0\u00a0 httpd-2.4.52-1.amzn2.x86_64 \n \u00a0\u00a0\u00a0 httpd-devel-2.4.52-1.amzn2.x86_64 \n \u00a0\u00a0\u00a0 httpd-tools-2.4.52-1.amzn2.x86_64 \n \u00a0\u00a0\u00a0 mod_ssl-2.4.52-1.amzn2.x86_64 \n \u00a0\u00a0\u00a0 mod_md-2.4.52-1.amzn2.x86_64 \n \u00a0\u00a0\u00a0 mod_proxy_html-2.4.52-1.amzn2.x86_64 \n \u00a0\u00a0\u00a0 mod_ldap-2.4.52-1.amzn2.x86_64 \n \u00a0\u00a0\u00a0 mod_session-2.4.52-1.amzn2.x86_64 \n \u00a0\u00a0\u00a0 httpd-debuginfo-2.4.52-1.amzn2.x86_64 \n \n \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-18T21:37:00", "type": "amazon", "title": "Important: httpd", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-01-20T19:32:00", "id": "ALAS2-2022-1737", "href": "https://alas.aws.amazon.com/AL2/ALAS-2022-1737.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-20T02:29:19", "description": "**Issue Overview:**\n\nThere's a null pointer dereference and server-side request forgery flaw in httpd's mod_proxy module, when it is configured to be used as a forward proxy. A crafted packet could be sent on the adjacent network to the forward proxy that could cause a crash, or potentially SSRF via misdirected Unix Domain Socket requests. In the worst case, this could cause a denial of service or compromise to confidentiality of data. (CVE-2021-44224)\n\nA buffer overflow flaw in httpd's lua module could allow an out-of-bounds write. An attacker who is able to submit a crafted request to an httpd instance that is using the lua module may be able to cause an impact to confidentiality, integrity, and/or availability. (CVE-2021-44790)\n\n \n**Affected Packages:** \n\n\nhttpd24\n\n \n**Issue Correction:** \nRun _yum update httpd24_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 mod24_ssl-2.4.52-1.95.amzn1.i686 \n \u00a0\u00a0\u00a0 httpd24-2.4.52-1.95.amzn1.i686 \n \u00a0\u00a0\u00a0 httpd24-devel-2.4.52-1.95.amzn1.i686 \n \u00a0\u00a0\u00a0 httpd24-tools-2.4.52-1.95.amzn1.i686 \n \u00a0\u00a0\u00a0 mod24_md-2.4.52-1.95.amzn1.i686 \n \u00a0\u00a0\u00a0 mod24_proxy_html-2.4.52-1.95.amzn1.i686 \n \u00a0\u00a0\u00a0 httpd24-debuginfo-2.4.52-1.95.amzn1.i686 \n \u00a0\u00a0\u00a0 mod24_session-2.4.52-1.95.amzn1.i686 \n \u00a0\u00a0\u00a0 mod24_ldap-2.4.52-1.95.amzn1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 httpd24-manual-2.4.52-1.95.amzn1.noarch \n \n src: \n \u00a0\u00a0\u00a0 httpd24-2.4.52-1.95.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 mod24_ssl-2.4.52-1.95.amzn1.x86_64 \n \u00a0\u00a0\u00a0 httpd24-tools-2.4.52-1.95.amzn1.x86_64 \n \u00a0\u00a0\u00a0 mod24_ldap-2.4.52-1.95.amzn1.x86_64 \n \u00a0\u00a0\u00a0 httpd24-debuginfo-2.4.52-1.95.amzn1.x86_64 \n \u00a0\u00a0\u00a0 mod24_proxy_html-2.4.52-1.95.amzn1.x86_64 \n \u00a0\u00a0\u00a0 mod24_session-2.4.52-1.95.amzn1.x86_64 \n \u00a0\u00a0\u00a0 mod24_md-2.4.52-1.95.amzn1.x86_64 \n \u00a0\u00a0\u00a0 httpd24-devel-2.4.52-1.95.amzn1.x86_64 \n \u00a0\u00a0\u00a0 httpd24-2.4.52-1.95.amzn1.x86_64 \n \n \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-18T20:14:00", "type": "amazon", "title": "Important: httpd24", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-01-19T22:20:00", "id": "ALAS-2022-1560", "href": "https://alas.aws.amazon.com/ALAS-2022-1560.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:30", "description": "\n\nThe Apache httpd project reports:\n\nmoderate: Possible NULL dereference or SSRF in forward proxy\n\t configurations in Apache HTTP Server 2.4.51 and earlier (CVE-2021-44224)\n\t A crafted URI sent to httpd configured as a forward proxy\n\t (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for\n\t configurations mixing forward and reverse proxy declarations, can allow\n\t for requests to be directed to a declared Unix Domain Socket endpoint\n\t (Server Side Request Forgery).\nhigh: Possible buffer overflow when parsing multipart content in\n\t mod_lua of Apache HTTP Server 2.4.51 and earlier (CVE-2021-44790)A\n\t carefully crafted request body can cause a buffer overflow in the\n\t mod_lua multipart parser (r:parsebody() called from Lua scripts).\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-20T00:00:00", "type": "freebsd", "title": "Apache httpd -- Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2021-12-20T00:00:00", "id": "CA982E2D-61A9-11EC-8BE6-D4C9EF517024", "href": "https://vuxml.freebsd.org/freebsd/ca982e2d-61a9-11ec-8be6-d4c9ef517024.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "cisa": [{"lastseen": "2021-12-23T18:09:37", "description": "The Apache Software Foundation has released [Apache HTTP Server 2.4.52](<https://httpd.apache.org/security/vulnerabilities_24.html>). This version addresses vulnerabilities\u2014[CVE-2021-44790](<https://nvd.nist.gov/vuln/detail/CVE-2021-44790>) and [CVE-2021-44224](<https://nvd.nist.gov/vuln/detail/CVE-2021-44224>)\u2014one of which may allow a remote attacker to take control of an affected system.\n\nCISA encourages users and administrators to review the Apache [announcement](<https://downloads.apache.org/httpd/Announcement2.4.html>) and update as soon as possible.\n\nThis product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ncas/current-activity/2021/12/22/apache-releases-security-update-http-server>); we'd welcome your feedback.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-22T00:00:00", "type": "cisa", "title": "Apache Releases Security Update for HTTP Server", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2021-12-22T00:00:00", "id": "CISA:9A63A82185908DF2BCB5D41CDBBEDC3A", "href": "https://us-cert.cisa.gov/ncas/current-activity/2021/12/22/apache-releases-security-update-http-server", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2022-06-27T06:20:07", "description": "- -------------------------------------------------------------------------\nDebian LTS Advisory DLA-2907-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Anton Gladky\nFebruary 01, 2022 https://wiki.debian.org/LTS\n- -------------------------------------------------------------------------\n\nPackage : apache2\nVersion : 2.4.25-3+deb9u12\nCVE ID : CVE-2021-44224 CVE-2021-44790\n\nTwo vulnerabilities have been discovered in the Apache HTTP server:\n\nCVE-2021-44224\n\n When operating as a forward proxy, Apache was depending on the setup\n suspectable to denial of service or Server Side Request forgery.\n\nCVE-2021-44790\n\n A buffer overflow in mod_lua may result in denial of service or potentially\n the execution of arbitrary code.\n\nFor Debian 9 stretch, these problems have been fixed in version\n2.4.25-3+deb9u12.\n\nWe recommend that you upgrade your apache2 packages.\n\nFor the detailed security status of apache2 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/apache2\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-01T21:18:26", "type": "debian", "title": "[SECURITY] [DLA 2907-1] apache2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-02-01T21:18:26", "id": "DEBIAN:DLA-2907-1:982EB", "href": "https://lists.debian.org/debian-lts-announce/2022/02/msg00001.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:35", "description": "Updated apache packages fix security vulnerabilities: A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery) (CVE-2021-44224). A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one (CVE-2021-44790). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-21T23:27:37", "type": "mageia", "title": "Updated apache packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2021-12-21T23:27:37", "id": "MGASA-2021-0577", "href": "https://advisories.mageia.org/MGASA-2021-0577.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2021-12-25T00:51:19", "description": "The Apache HTTP Server is a powerful, efficient, and extensible web server. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-24T01:26:46", "type": "fedora", "title": "[SECURITY] Fedora 35 Update: httpd-2.4.52-1.fc35", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2021-12-24T01:26:46", "id": "FEDORA:55B1B31B81E8", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-23T01:36:55", "description": "The Apache HTTP Server is a powerful, efficient, and extensible web server. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-22T03:44:42", "type": "fedora", "title": "[SECURITY] Fedora 35 Update: httpd-2.4.53-1.fc35", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44790", "CVE-2022-22719", "CVE-2022-22720", "CVE-2022-22721", "CVE-2022-23943"], "modified": "2022-03-22T03:44:42", "id": "FEDORA:71CB730B3C94", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-26T01:36:50", "description": "The Apache HTTP Server is a powerful, efficient, and extensible web server. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-25T22:06:50", "type": "fedora", "title": "[SECURITY] Fedora 34 Update: httpd-2.4.53-1.fc34", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44790", "CVE-2022-22719", "CVE-2022-22720", "CVE-2022-22721", "CVE-2022-23943"], "modified": "2022-03-25T22:06:50", "id": "FEDORA:495F130B9B1C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T02:19:21", "description": "The Apache HTTP Server is a powerful, efficient, and extensible web server. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-26T15:55:33", "type": "fedora", "title": "[SECURITY] Fedora 36 Update: httpd-2.4.53-1.fc36", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44790", "CVE-2022-22719", "CVE-2022-22720", "CVE-2022-22721", "CVE-2022-23943"], "modified": "2022-03-26T15:55:33", "id": "FEDORA:9BA73312EC38", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fortinet": [{"lastseen": "2022-04-28T11:29:29", "description": "The Apache project released an advisory, describing the following vulnerabilities:\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-28T00:00:00", "type": "fortinet", "title": "Multiple Apache Vulnerabilities fixed in 2.4.52", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2021-12-28T00:00:00", "id": "FG-IR-21-253", "href": "https://www.fortiguard.com/psirt/FG-IR-21-253", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2022-07-13T15:41:40", "description": "The version of Apache httpd installed on the remote host is prior to 2.4.52. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.52 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-12-21T00:00:00", "type": "nessus", "title": "Apache 2.4.x < 2.4.52 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-01-06T00:00:00", "cpe": ["cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_113079", "href": "https://www.tenable.com/plugins/was/113079", "sourceData": "No source data", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:30:47", "description": "The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2907 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-02-02T00:00:00", "type": "nessus", "title": "Debian DLA-2907-1 : apache2 - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-04-27T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:apache2", "p-cpe:/a:debian:debian_linux:apache2-bin", "p-cpe:/a:debian:debian_linux:apache2-data", "p-cpe:/a:debian:debian_linux:apache2-dbg", "p-cpe:/a:debian:debian_linux:apache2-dev", "p-cpe:/a:debian:debian_linux:apache2-doc", "p-cpe:/a:debian:debian_linux:apache2-ssl-dev", "p-cpe:/a:debian:debian_linux:apache2-suexec-custom", "p-cpe:/a:debian:debian_linux:apache2-suexec-pristine", "p-cpe:/a:debian:debian_linux:apache2-utils", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2907.NASL", "href": "https://www.tenable.com/plugins/nessus/157321", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-2907. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157321);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/27\");\n\n script_cve_id(\"CVE-2021-44224\", \"CVE-2021-44790\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"Debian DLA-2907-1 : apache2 - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-2907 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL\n pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for\n requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This\n issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/apache2\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2022/dla-2907\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-44224\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-44790\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/apache2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the apache2 packages.\n\nFor Debian 9 stretch, these problems have been fixed in version 2.4.25-3+deb9u12.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:apache2-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:apache2-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:apache2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:apache2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:apache2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:apache2-ssl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:apache2-suexec-custom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:apache2-suexec-pristine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '9.0', 'prefix': 'apache2', 'reference': '2.4.25-3+deb9u12'},\n {'release': '9.0', 'prefix': 'apache2-bin', 'reference': '2.4.25-3+deb9u12'},\n {'release': '9.0', 'prefix': 'apache2-data', 'reference': '2.4.25-3+deb9u12'},\n {'release': '9.0', 'prefix': 'apache2-dbg', 'reference': '2.4.25-3+deb9u12'},\n {'release': '9.0', 'prefix': 'apache2-dev', 'reference': '2.4.25-3+deb9u12'},\n {'release': '9.0', 'prefix': 'apache2-doc', 'reference': '2.4.25-3+deb9u12'},\n {'release': '9.0', 'prefix': 'apache2-ssl-dev', 'reference': '2.4.25-3+deb9u12'},\n {'release': '9.0', 'prefix': 'apache2-suexec-custom', 'reference': '2.4.25-3+deb9u12'},\n {'release': '9.0', 'prefix': 'apache2-suexec-pristine', 'reference': '2.4.25-3+deb9u12'},\n {'release': '9.0', 'prefix': 'apache2-utils', 'reference': '2.4.25-3+deb9u12'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apache2 / apache2-bin / apache2-data / apache2-dbg / apache2-dev / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:30:48", "description": "The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0440-1 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-02-17T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : apache2 (SUSE-SU-2022:0440-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-04-27T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2", "p-cpe:/a:novell:suse_linux:apache2-devel", "p-cpe:/a:novell:suse_linux:apache2-doc", "p-cpe:/a:novell:suse_linux:apache2-example-pages", "p-cpe:/a:novell:suse_linux:apache2-prefork", "p-cpe:/a:novell:suse_linux:apache2-utils", "p-cpe:/a:novell:suse_linux:apache2-worker", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2022-0440-1.NASL", "href": "https://www.tenable.com/plugins/nessus/158128", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0440-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158128);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/27\");\n\n script_cve_id(\"CVE-2021-44224\", \"CVE-2021-44790\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0440-1\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"SUSE SLES12 Security Update : apache2 (SUSE-SU-2022:0440-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:0440-1 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL\n pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for\n requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This\n issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193942\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193943\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-February/010231.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?38f59bdc\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44224\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44790\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-example-pages\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP5\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'apache2-2.4.51-35.7.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'apache2-doc-2.4.51-35.7.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'apache2-example-pages-2.4.51-35.7.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'apache2-prefork-2.4.51-35.7.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'apache2-utils-2.4.51-35.7.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'apache2-worker-2.4.51-35.7.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'apache2-devel-2.4.51-35.7.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'apache2-2.4.51-35.7.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'apache2-doc-2.4.51-35.7.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'apache2-example-pages-2.4.51-35.7.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'apache2-prefork-2.4.51-35.7.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'apache2-utils-2.4.51-35.7.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'},\n {'reference':'apache2-worker-2.4.51-35.7.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apache2 / apache2-devel / apache2-doc / apache2-example-pages / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:32:46", "description": "According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-03-02T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : httpd (EulerOS-SA-2022-1290)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-04-27T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:httpd", "p-cpe:/a:huawei:euleros:httpd-filesystem", "p-cpe:/a:huawei:euleros:httpd-tools", "p-cpe:/a:huawei:euleros:mod_ssl", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1290.NASL", "href": "https://www.tenable.com/plugins/nessus/158529", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158529);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/27\");\n\n script_cve_id(\"CVE-2021-44224\", \"CVE-2021-44790\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"EulerOS 2.0 SP9 : httpd (EulerOS-SA-2022-1290)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL\n pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for\n requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This\n issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1290\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b64db391\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected httpd packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"httpd-2.4.34-24.h11.eulerosv2r9\",\n \"httpd-filesystem-2.4.34-24.h11.eulerosv2r9\",\n \"httpd-tools-2.4.34-24.h11.eulerosv2r9\",\n \"mod_ssl-2.4.34-24.h11.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:32:45", "description": "According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-03-02T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : httpd (EulerOS-SA-2022-1306)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-04-27T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:httpd", "p-cpe:/a:huawei:euleros:httpd-filesystem", "p-cpe:/a:huawei:euleros:httpd-tools", "p-cpe:/a:huawei:euleros:mod_ssl", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1306.NASL", "href": "https://www.tenable.com/plugins/nessus/158541", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158541);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/27\");\n\n script_cve_id(\"CVE-2021-44224\", \"CVE-2021-44790\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"EulerOS 2.0 SP9 : httpd (EulerOS-SA-2022-1306)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL\n pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for\n requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This\n issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1306\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b322ec84\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected httpd packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"httpd-2.4.34-24.h11.eulerosv2r9\",\n \"httpd-filesystem-2.4.34-24.h11.eulerosv2r9\",\n \"httpd-tools-2.4.34-24.h11.eulerosv2r9\",\n \"mod_ssl-2.4.34-24.h11.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:32:46", "description": "According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-03-28T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : httpd (EulerOS-SA-2022-1349)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-04-27T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:httpd", "p-cpe:/a:huawei:euleros:httpd-devel", "p-cpe:/a:huawei:euleros:httpd-filesystem", "p-cpe:/a:huawei:euleros:httpd-manual", "p-cpe:/a:huawei:euleros:httpd-tools", "p-cpe:/a:huawei:euleros:mod_session", "p-cpe:/a:huawei:euleros:mod_ssl", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1349.NASL", "href": "https://www.tenable.com/plugins/nessus/159251", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159251);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/27\");\n\n script_cve_id(\"CVE-2021-44224\", \"CVE-2021-44790\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"EulerOS 2.0 SP8 : httpd (EulerOS-SA-2022-1349)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL\n pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for\n requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This\n issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1349\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1401a017\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected httpd packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:mod_session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"httpd-2.4.34-8.h23.eulerosv2r8\",\n \"httpd-devel-2.4.34-8.h23.eulerosv2r8\",\n \"httpd-filesystem-2.4.34-8.h23.eulerosv2r8\",\n \"httpd-manual-2.4.34-8.h23.eulerosv2r8\",\n \"httpd-tools-2.4.34-8.h23.eulerosv2r8\",\n \"mod_session-2.4.34-8.h23.eulerosv2r8\",\n \"mod_ssl-2.4.34-8.h23.eulerosv2r8\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:34:03", "description": "According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-04-20T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : httpd (EulerOS-SA-2022-1488)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-04-27T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:httpd", "p-cpe:/a:huawei:euleros:httpd-filesystem", "p-cpe:/a:huawei:euleros:httpd-tools", "p-cpe:/a:huawei:euleros:mod_ssl", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1488.NASL", "href": "https://www.tenable.com/plugins/nessus/160002", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160002);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/27\");\n\n script_cve_id(\"CVE-2021-44224\", \"CVE-2021-44790\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"EulerOS 2.0 SP10 : httpd (EulerOS-SA-2022-1488)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL\n pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for\n requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This\n issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1488\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?389473c9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected httpd packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"httpd-2.4.43-4.h12.eulerosv2r10\",\n \"httpd-filesystem-2.4.43-4.h12.eulerosv2r10\",\n \"httpd-tools-2.4.43-4.h12.eulerosv2r10\",\n \"mod_ssl-2.4.43-4.h12.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:34:21", "description": "According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-04-20T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : httpd (EulerOS-SA-2022-1507)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-04-27T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:httpd", "p-cpe:/a:huawei:euleros:httpd-filesystem", "p-cpe:/a:huawei:euleros:httpd-tools", "p-cpe:/a:huawei:euleros:mod_ssl", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1507.NASL", "href": "https://www.tenable.com/plugins/nessus/160017", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160017);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/27\");\n\n script_cve_id(\"CVE-2021-44224\", \"CVE-2021-44790\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"EulerOS 2.0 SP10 : httpd (EulerOS-SA-2022-1507)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL\n pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for\n requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This\n issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1507\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a053f66a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected httpd packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"httpd-2.4.43-4.h12.eulerosv2r10\",\n \"httpd-filesystem-2.4.43-4.h12.eulerosv2r10\",\n \"httpd-tools-2.4.43-4.h12.eulerosv2r10\",\n \"mod_ssl-2.4.43-4.h12.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:34:56", "description": "The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ca982e2d-61a9-11ec-8be6-d4c9ef517024 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-12-20T00:00:00", "type": "nessus", "title": "FreeBSD : Apache httpd -- Multiple vulnerabilities (ca982e2d-61a9-11ec-8be6-d4c9ef517024)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-01-20T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:apache24", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_CA982E2D61A911EC8BE6D4C9EF517024.NASL", "href": "https://www.tenable.com/plugins/nessus/156199", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n#\n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156199);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/20\");\n\n script_cve_id(\"CVE-2021-44224\", \"CVE-2021-44790\");\n\n script_name(english:\"FreeBSD : Apache httpd -- Multiple vulnerabilities (ca982e2d-61a9-11ec-8be6-d4c9ef517024)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ca982e2d-61a9-11ec-8be6-d4c9ef517024 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL\n pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for\n requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This\n issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://httpd.apache.org/security/vulnerabilities_24.html\");\n # https://vuxml.freebsd.org/freebsd/ca982e2d-61a9-11ec-8be6-d4c9ef517024.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6401a966\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:apache24\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nvar flag = 0;\n\nvar packages = [\n 'apache24<2.4.52'\n];\n\nforeach var package( packages ) {\n if (pkg_test(save_report:TRUE, pkg: package)) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : pkg_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:35:18", "description": "The version of httpd installed on the remote host is prior to 2.4.52. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2021-354-01 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-12-20T00:00:00", "type": "nessus", "title": "Slackware Linux 14.0 / 14.1 / 14.2 / current httpd Multiple Vulnerabilities (SSA:2021-354-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-01-20T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:httpd", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2021-354-01.NASL", "href": "https://www.tenable.com/plugins/nessus/156200", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Slackware Security Advisory SSA:2021-354-01. The text\n# itself is copyright (C) Slackware Linux, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156200);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/20\");\n\n script_cve_id(\"CVE-2021-44224\", \"CVE-2021-44790\");\n\n script_name(english:\"Slackware Linux 14.0 / 14.1 / 14.2 / current httpd Multiple Vulnerabilities (SSA:2021-354-01)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Slackware Linux host is missing a security update to httpd.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of httpd installed on the remote host is prior to 2.4.52. It is, therefore, affected by multiple\nvulnerabilities as referenced in the SSA:2021-354-01 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL\n pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for\n requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This\n issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the affected httpd package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Slackware Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\nvar flag = 0;\nvar constraints = [\n { 'fixed_version' : '2.4.52', 'product' : 'httpd', 'os_name' : 'Slackware Linux', 'os_version' : '14.0', 'service_pack' : '1_slack14.0', 'arch' : 'i486' },\n { 'fixed_version' : '2.4.52', 'product' : 'httpd', 'os_name' : 'Slackware Linux', 'os_version' : '14.0', 'service_pack' : '1_slack14.0', 'arch' : 'x86_64' },\n { 'fixed_version' : '2.4.52', 'product' : 'httpd', 'os_name' : 'Slackware Linux', 'os_version' : '14.1', 'service_pack' : '1_slack14.1', 'arch' : 'i486' },\n { 'fixed_version' : '2.4.52', 'product' : 'httpd', 'os_name' : 'Slackware Linux', 'os_version' : '14.1', 'service_pack' : '1_slack14.1', 'arch' : 'x86_64' },\n { 'fixed_version' : '2.4.52', 'product' : 'httpd', 'os_name' : 'Slackware Linux', 'os_version' : '14.2', 'service_pack' : '1_slack14.2', 'arch' : 'i586' },\n { 'fixed_version' : '2.4.52', 'product' : 'httpd', 'os_name' : 'Slackware Linux', 'os_version' : '14.2', 'service_pack' : '1_slack14.2', 'arch' : 'x86_64' },\n { 'fixed_version' : '2.4.52', 'product' : 'httpd', 'os_name' : 'Slackware Linux', 'os_version' : 'current', 'service_pack' : '1', 'arch' : 'i586' },\n { 'fixed_version' : '2.4.52', 'product' : 'httpd', 'os_name' : 'Slackware Linux', 'os_version' : 'current', 'service_pack' : '1', 'arch' : 'x86_64' }\n];\n\nforeach constraint (constraints) {\n var pkg_arch = constraint['arch'];\n var arch = NULL;\n if (pkg_arch == \"x86_64\") {\n arch = pkg_arch;\n }\n if (slackware_check(osver:constraint['os_version'],\n arch:arch,\n pkgname:constraint['product'],\n pkgver:constraint['fixed_version'],\n pkgarch:pkg_arch,\n pkgnum:constraint['service_pack'])) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : slackware_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:27:13", "description": "The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5035 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-01-05T00:00:00", "type": "nessus", "title": "Debian DSA-5035-1 : apache2 - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-04-27T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:apache2", "p-cpe:/a:debian:debian_linux:apache2-bin", "p-cpe:/a:debian:debian_linux:apache2-data", "p-cpe:/a:debian:debian_linux:apache2-dev", "p-cpe:/a:debian:debian_linux:apache2-doc", "p-cpe:/a:debian:debian_linux:apache2-ssl-dev", "p-cpe:/a:debian:debian_linux:apache2-suexec-custom", "p-cpe:/a:debian:debian_linux:apache2-suexec-pristine", "p-cpe:/a:debian:debian_linux:apache2-utils", "p-cpe:/a:debian:debian_linux:libapache2-mod-md", "p-cpe:/a:debian:debian_linux:libapache2-mod-proxy-uwsgi", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:debian:debian_linux:11.0"], "id": "DEBIAN_DSA-5035.NASL", "href": "https://www.tenable.com/plugins/nessus/156466", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-5035. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156466);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/27\");\n\n script_cve_id(\"CVE-2021-44224\", \"CVE-2021-44790\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"Debian DSA-5035-1 : apache2 - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndsa-5035 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL\n pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for\n requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This\n issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/apache2\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2022/dsa-5035\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-44224\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-44790\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/buster/apache2\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/bullseye/apache2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the apache2 packages.\n\nFor the stable distribution (bullseye), these problems have been fixed in version 2.4.52-1~deb11u2.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:apache2-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:apache2-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:apache2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:apache2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:apache2-ssl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:apache2-suexec-custom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:apache2-suexec-pristine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libapache2-mod-md\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libapache2-mod-proxy-uwsgi\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:11.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(10)\\.[0-9]+|^(11)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 10.0 / 11.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '10.0', 'prefix': 'apache2', 'reference': '2.4.38-3+deb10u7'},\n {'release': '10.0', 'prefix': 'apache2-bin', 'reference': '2.4.38-3+deb10u7'},\n {'release': '10.0', 'prefix': 'apache2-data', 'reference': '2.4.38-3+deb10u7'},\n {'release': '10.0', 'prefix': 'apache2-dev', 'reference': '2.4.38-3+deb10u7'},\n {'release': '10.0', 'prefix': 'apache2-doc', 'reference': '2.4.38-3+deb10u7'},\n {'release': '10.0', 'prefix': 'apache2-ssl-dev', 'reference': '2.4.38-3+deb10u7'},\n {'release': '10.0', 'prefix': 'apache2-suexec-custom', 'reference': '2.4.38-3+deb10u7'},\n {'release': '10.0', 'prefix': 'apache2-suexec-pristine', 'reference': '2.4.38-3+deb10u7'},\n {'release': '10.0', 'prefix': 'apache2-utils', 'reference': '2.4.38-3+deb10u7'},\n {'release': '10.0', 'prefix': 'libapache2-mod-md', 'reference': '2.4.38-3+deb10u7'},\n {'release': '10.0', 'prefix': 'libapache2-mod-proxy-uwsgi', 'reference': '2.4.38-3+deb10u7'},\n {'release': '11.0', 'prefix': 'apache2', 'reference': '2.4.52-1~deb11u2'},\n {'release': '11.0', 'prefix': 'apache2-bin', 'reference': '2.4.52-1~deb11u2'},\n {'release': '11.0', 'prefix': 'apache2-data', 'reference': '2.4.52-1~deb11u2'},\n {'release': '11.0', 'prefix': 'apache2-dev', 'reference': '2.4.52-1~deb11u2'},\n {'release': '11.0', 'prefix': 'apache2-doc', 'reference': '2.4.52-1~deb11u2'},\n {'release': '11.0', 'prefix': 'apache2-ssl-dev', 'reference': '2.4.52-1~deb11u2'},\n {'release': '11.0', 'prefix': 'apache2-suexec-custom', 'reference': '2.4.52-1~deb11u2'},\n {'release': '11.0', 'prefix': 'apache2-suexec-pristine', 'reference': '2.4.52-1~deb11u2'},\n {'release': '11.0', 'prefix': 'apache2-utils', 'reference': '2.4.52-1~deb11u2'},\n {'release': '11.0', 'prefix': 'libapache2-mod-md', 'reference': '2.4.52-1~deb11u2'},\n {'release': '11.0', 'prefix': 'libapache2-mod-proxy-uwsgi', 'reference': '2.4.52-1~deb11u2'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apache2 / apache2-bin / apache2-data / apache2-dev / apache2-doc / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:28:31", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS / 21.04 / 21.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5212-1 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-01-06T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS / 21.04 / 21.10 : Apache HTTP Server vulnerabilities (USN-5212-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-04-27T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:21.04", "cpe:/o:canonical:ubuntu_linux:21.10", "p-cpe:/a:canonical:ubuntu_linux:apache2", "p-cpe:/a:canonical:ubuntu_linux:apache2-bin", "p-cpe:/a:canonical:ubuntu_linux:apache2-data", "p-cpe:/a:canonical:ubuntu_linux:apache2-dev", "p-cpe:/a:canonical:ubuntu_linux:apache2-ssl-dev", "p-cpe:/a:canonical:ubuntu_linux:apache2-suexec-custom", "p-cpe:/a:canonical:ubuntu_linux:apache2-suexec-pristine", "p-cpe:/a:canonical:ubuntu_linux:apache2-utils", "p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-md", "p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-proxy-uwsgi"], "id": "UBUNTU_USN-5212-1.NASL", "href": "https://www.tenable.com/plugins/nessus/156544", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5212-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156544);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/27\");\n\n script_cve_id(\"CVE-2021-44224\", \"CVE-2021-44790\");\n script_xref(name:\"USN\", value:\"5212-1\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS / 21.04 / 21.10 : Apache HTTP Server vulnerabilities (USN-5212-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS / 21.04 / 21.10 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the USN-5212-1 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL\n pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for\n requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This\n issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5212-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:21.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:21.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-ssl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-suexec-custom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-suexec-pristine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-md\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-proxy-uwsgi\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022 Canonical, Inc. / NASL script (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('misc_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(18\\.04|20\\.04|21\\.04|21\\.10)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04 / 21.04 / 21.10', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\n\nvar pkgs = [\n {'osver': '18.04', 'pkgname': 'apache2', 'pkgver': '2.4.29-1ubuntu4.21'},\n {'osver': '18.04', 'pkgname': 'apache2-bin', 'pkgver': '2.4.29-1ubuntu4.21'},\n {'osver': '18.04', 'pkgname': 'apache2-data', 'pkgver': '2.4.29-1ubuntu4.21'},\n {'osver': '18.04', 'pkgname': 'apache2-dev', 'pkgver': '2.4.29-1ubuntu4.21'},\n {'osver': '18.04', 'pkgname': 'apache2-ssl-dev', 'pkgver': '2.4.29-1ubuntu4.21'},\n {'osver': '18.04', 'pkgname': 'apache2-suexec-custom', 'pkgver': '2.4.29-1ubuntu4.21'},\n {'osver': '18.04', 'pkgname': 'apache2-suexec-pristine', 'pkgver': '2.4.29-1ubuntu4.21'},\n {'osver': '18.04', 'pkgname': 'apache2-utils', 'pkgver': '2.4.29-1ubuntu4.21'},\n {'osver': '20.04', 'pkgname': 'apache2', 'pkgver': '2.4.41-4ubuntu3.9'},\n {'osver': '20.04', 'pkgname': 'apache2-bin', 'pkgver': '2.4.41-4ubuntu3.9'},\n {'osver': '20.04', 'pkgname': 'apache2-data', 'pkgver': '2.4.41-4ubuntu3.9'},\n {'osver': '20.04', 'pkgname': 'apache2-dev', 'pkgver': '2.4.41-4ubuntu3.9'},\n {'osver': '20.04', 'pkgname': 'apache2-ssl-dev', 'pkgver': '2.4.41-4ubuntu3.9'},\n {'osver': '20.04', 'pkgname': 'apache2-suexec-custom', 'pkgver': '2.4.41-4ubuntu3.9'},\n {'osver': '20.04', 'pkgname': 'apache2-suexec-pristine', 'pkgver': '2.4.41-4ubuntu3.9'},\n {'osver': '20.04', 'pkgname': 'apache2-utils', 'pkgver': '2.4.41-4ubuntu3.9'},\n {'osver': '20.04', 'pkgname': 'libapache2-mod-md', 'pkgver': '2.4.41-4ubuntu3.9'},\n {'osver': '20.04', 'pkgname': 'libapache2-mod-proxy-uwsgi', 'pkgver': '2.4.41-4ubuntu3.9'},\n {'osver': '21.04', 'pkgname': 'apache2', 'pkgver': '2.4.46-4ubuntu1.5'},\n {'osver': '21.04', 'pkgname': 'apache2-bin', 'pkgver': '2.4.46-4ubuntu1.5'},\n {'osver': '21.04', 'pkgname': 'apache2-data', 'pkgver': '2.4.46-4ubuntu1.5'},\n {'osver': '21.04', 'pkgname': 'apache2-dev', 'pkgver': '2.4.46-4ubuntu1.5'},\n {'osver': '21.04', 'pkgname': 'apache2-ssl-dev', 'pkgver': '2.4.46-4ubuntu1.5'},\n {'osver': '21.04', 'pkgname': 'apache2-suexec-custom', 'pkgver': '2.4.46-4ubuntu1.5'},\n {'osver': '21.04', 'pkgname': 'apache2-suexec-pristine', 'pkgver': '2.4.46-4ubuntu1.5'},\n {'osver': '21.04', 'pkgname': 'apache2-utils', 'pkgver': '2.4.46-4ubuntu1.5'},\n {'osver': '21.04', 'pkgname': 'libapache2-mod-md', 'pkgver': '2.4.46-4ubuntu1.5'},\n {'osver': '21.04', 'pkgname': 'libapache2-mod-proxy-uwsgi', 'pkgver': '2.4.46-4ubuntu1.5'},\n {'osver': '21.10', 'pkgname': 'apache2', 'pkgver': '2.4.48-3.1ubuntu3.2'},\n {'osver': '21.10', 'pkgname': 'apache2-bin', 'pkgver': '2.4.48-3.1ubuntu3.2'},\n {'osver': '21.10', 'pkgname': 'apache2-data', 'pkgver': '2.4.48-3.1ubuntu3.2'},\n {'osver': '21.10', 'pkgname': 'apache2-dev', 'pkgver': '2.4.48-3.1ubuntu3.2'},\n {'osver': '21.10', 'pkgname': 'apache2-ssl-dev', 'pkgver': '2.4.48-3.1ubuntu3.2'},\n {'osver': '21.10', 'pkgname': 'apache2-suexec-custom', 'pkgver': '2.4.48-3.1ubuntu3.2'},\n {'osver': '21.10', 'pkgname': 'apache2-suexec-pristine', 'pkgver': '2.4.48-3.1ubuntu3.2'},\n {'osver': '21.10', 'pkgname': 'apache2-utils', 'pkgver': '2.4.48-3.1ubuntu3.2'},\n {'osver': '21.10', 'pkgname': 'libapache2-mod-md', 'pkgver': '2.4.48-3.1ubuntu3.2'},\n {'osver': '21.10', 'pkgname': 'libapache2-mod-proxy-uwsgi', 'pkgver': '2.4.48-3.1ubuntu3.2'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apache2 / apache2-bin / apache2-data / apache2-dev / apache2-ssl-dev / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:26:44", "description": "The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5212-2 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-01-10T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : Apache HTTP Server vulnerabilities (USN-5212-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-04-27T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:apache2", "p-cpe:/a:canonical:ubuntu_linux:apache2-bin", "p-cpe:/a:canonical:ubuntu_linux:apache2-data", "p-cpe:/a:canonical:ubuntu_linux:apache2-dev", "p-cpe:/a:canonical:ubuntu_linux:apache2-suexec-custom", "p-cpe:/a:canonical:ubuntu_linux:apache2-suexec-pristine", "p-cpe:/a:canonical:ubuntu_linux:apache2-utils"], "id": "UBUNTU_USN-5212-2.NASL", "href": "https://www.tenable.com/plugins/nessus/156568", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5212-2. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156568);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/27\");\n\n script_cve_id(\"CVE-2021-44224\", \"CVE-2021-44790\");\n script_xref(name:\"USN\", value:\"5212-2\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"Ubuntu 16.04 LTS : Apache HTTP Server vulnerabilities (USN-5212-2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe USN-5212-2 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL\n pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for\n requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This\n issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5212-2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-suexec-custom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-suexec-pristine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-utils\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022 Canonical, Inc. / NASL script (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('misc_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\n\nvar pkgs = [\n {'osver': '16.04', 'pkgname': 'apache2', 'pkgver': '2.4.18-2ubuntu3.17+esm4'},\n {'osver': '16.04', 'pkgname': 'apache2-bin', 'pkgver': '2.4.18-2ubuntu3.17+esm4'},\n {'osver': '16.04', 'pkgname': 'apache2-data', 'pkgver': '2.4.18-2ubuntu3.17+esm4'},\n {'osver': '16.04', 'pkgname': 'apache2-dev', 'pkgver': '2.4.18-2ubuntu3.17+esm4'},\n {'osver': '16.04', 'pkgname': 'apache2-suexec-custom', 'pkgver': '2.4.18-2ubuntu3.17+esm4'},\n {'osver': '16.04', 'pkgname': 'apache2-suexec-pristine', 'pkgver': '2.4.18-2ubuntu3.17+esm4'},\n {'osver': '16.04', 'pkgname': 'apache2-utils', 'pkgver': '2.4.18-2ubuntu3.17+esm4'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apache2 / apache2-bin / apache2-data / apache2-dev / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:28:32", "description": "The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0065-1 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-01-13T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : apache2 (SUSE-SU-2022:0065-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-04-27T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2", "p-cpe:/a:novell:suse_linux:apache2-doc", "p-cpe:/a:novell:suse_linux:apache2-example-pages", "p-cpe:/a:novell:suse_linux:apache2-prefork", "p-cpe:/a:novell:suse_linux:apache2-utils", "p-cpe:/a:novell:suse_linux:apache2-worker", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2022-0065-1.NASL", "href": "https://www.tenable.com/plugins/nessus/156701", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0065-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156701);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/27\");\n\n script_cve_id(\"CVE-2021-44224\", \"CVE-2021-44790\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0065-1\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"SUSE SLES12 Security Update : apache2 (SUSE-SU-2022:0065-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:0065-1 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL\n pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for\n requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This\n issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193942\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193943\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-January/010001.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2bdbb81c\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44224\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44790\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-example-pages\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'apache2-2.4.23-29.83.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'apache2-doc-2.4.23-29.83.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'apache2-example-pages-2.4.23-29.83.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'apache2-prefork-2.4.23-29.83.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'apache2-utils-2.4.23-29.83.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'apache2-worker-2.4.23-29.83.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'apache2-2.4.23-29.83.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'apache2-doc-2.4.23-29.83.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'apache2-example-pages-2.4.23-29.83.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'apache2-prefork-2.4.23-29.83.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'apache2-utils-2.4.23-29.83.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'apache2-worker-2.4.23-29.83.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'apache2-2.4.23-29.83.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.2'},\n {'reference':'apache2-doc-2.4.23-29.83.1', 'sp':'2', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.2'},\n {'reference':'apache2-example-pages-2.4.23-29.83.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.2'},\n {'reference':'apache2-prefork-2.4.23-29.83.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.2'},\n {'reference':'apache2-utils-2.4.23-29.83.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.2'},\n {'reference':'apache2-worker-2.4.23-29.83.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.2'},\n {'reference':'apache2-2.4.23-29.83.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'apache2-2.4.23-29.83.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'apache2-doc-2.4.23-29.83.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'apache2-doc-2.4.23-29.83.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'apache2-example-pages-2.4.23-29.83.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'apache2-example-pages-2.4.23-29.83.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'apache2-prefork-2.4.23-29.83.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'apache2-prefork-2.4.23-29.83.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'apache2-utils-2.4.23-29.83.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'apache2-utils-2.4.23-29.83.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'apache2-worker-2.4.23-29.83.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'apache2-worker-2.4.23-29.83.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'apache2-2.4.23-29.83.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'apache2-doc-2.4.23-29.83.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'apache2-example-pages-2.4.23-29.83.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'apache2-prefork-2.4.23-29.83.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'apache2-utils-2.4.23-29.83.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'apache2-worker-2.4.23-29.83.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apache2 / apache2-doc / apache2-example-pages / apache2-prefork / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:27:17", "description": "The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0091-1 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-01-17T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : apache2 (SUSE-SU-2022:0091-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-04-27T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2", "p-cpe:/a:novell:suse_linux:apache2-devel", "p-cpe:/a:novell:suse_linux:apache2-doc", "p-cpe:/a:novell:suse_linux:apache2-event", "p-cpe:/a:novell:suse_linux:apache2-prefork", "p-cpe:/a:novell:suse_linux:apache2-utils", "p-cpe:/a:novell:suse_linux:apache2-worker", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0091-1.NASL", "href": "https://www.tenable.com/plugins/nessus/156776", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0091-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156776);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/27\");\n\n script_cve_id(\"CVE-2021-44224\", \"CVE-2021-44790\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0091-1\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : apache2 (SUSE-SU-2022:0091-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2022:0091-1 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL\n pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for\n requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This\n issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193942\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193943\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-January/010009.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?690f602a\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44224\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44790\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-event\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP2/3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP2/3\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'apache2-2.4.51-3.37.1', 'sp':'2', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.2'},\n {'reference':'apache2-2.4.51-3.37.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.2'},\n {'reference':'apache2-prefork-2.4.51-3.37.1', 'sp':'2', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.2'},\n {'reference':'apache2-prefork-2.4.51-3.37.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.2'},\n {'reference':'apache2-utils-2.4.51-3.37.1', 'sp':'2', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.2'},\n {'reference':'apache2-utils-2.4.51-3.37.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.2'},\n {'reference':'apache2-2.4.51-3.37.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apache2-2.4.51-3.37.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apache2-prefork-2.4.51-3.37.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apache2-prefork-2.4.51-3.37.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apache2-utils-2.4.51-3.37.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apache2-utils-2.4.51-3.37.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-basesystem-release-15.3'},\n {'reference':'apache2-event-2.4.51-3.37.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-packagehub-subpackages-release-15.3'},\n {'reference':'apache2-devel-2.4.51-3.37.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.2'},\n {'reference':'apache2-doc-2.4.51-3.37.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.2'},\n {'reference':'apache2-worker-2.4.51-3.37.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.2'},\n {'reference':'apache2-devel-2.4.51-3.37.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.3'},\n {'reference':'apache2-doc-2.4.51-3.37.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.3'},\n {'reference':'apache2-worker-2.4.51-3.37.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-server-applications-release-15.3'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apache2 / apache2-devel / apache2-doc / apache2-event / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:27:14", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0091-1 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-01-18T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : apache2 (openSUSE-SU-2022:0091-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-04-27T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2", "p-cpe:/a:novell:opensuse:apache2-devel", "p-cpe:/a:novell:opensuse:apache2-event", "p-cpe:/a:novell:opensuse:apache2-example-pages", "p-cpe:/a:novell:opensuse:apache2-prefork", "p-cpe:/a:novell:opensuse:apache2-utils", "p-cpe:/a:novell:opensuse:apache2-worker", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2022-0091-1.NASL", "href": "https://www.tenable.com/plugins/nessus/156778", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2022:0091-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156778);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/27\");\n\n script_cve_id(\"CVE-2021-44224\", \"CVE-2021-44790\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"openSUSE 15 Security Update : apache2 (openSUSE-SU-2022:0091-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2022:0091-1 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL\n pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for\n requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This\n issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193942\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193943\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LQX4BVMFKUTV6DOPDTL26H5DQJJFUPXZ/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fbb79ac6\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44224\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44790\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-event\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-example-pages\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'apache2-2.4.51-3.37.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apache2-devel-2.4.51-3.37.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apache2-event-2.4.51-3.37.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apache2-example-pages-2.4.51-3.37.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apache2-prefork-2.4.51-3.37.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apache2-utils-2.4.51-3.37.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apache2-worker-2.4.51-3.37.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apache2 / apache2-devel / apache2-event / apache2-example-pages / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:27:13", "description": "The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0119-1 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-01-19T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : apache2 (SUSE-SU-2022:0119-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-04-27T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2", "p-cpe:/a:novell:suse_linux:apache2-devel", "p-cpe:/a:novell:suse_linux:apache2-doc", "p-cpe:/a:novell:suse_linux:apache2-prefork", "p-cpe:/a:novell:suse_linux:apache2-utils", "p-cpe:/a:novell:suse_linux:apache2-worker", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0119-1.NASL", "href": "https://www.tenable.com/plugins/nessus/156808", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0119-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156808);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/27\");\n\n script_cve_id(\"CVE-2021-44224\", \"CVE-2021-44790\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0119-1\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"SUSE SLES15 Security Update : apache2 (SUSE-SU-2022:0119-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:0119-1 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL\n pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for\n requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This\n issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193942\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193943\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-January/010025.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?280226d4\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44224\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44790\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'apache2-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'apache2-devel-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'apache2-doc-2.4.33-3.61.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'apache2-prefork-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'apache2-utils-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'apache2-worker-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'apache2-2.4.33-3.61.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'apache2-devel-2.4.33-3.61.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'apache2-doc-2.4.33-3.61.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'apache2-prefork-2.4.33-3.61.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'apache2-utils-2.4.33-3.61.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'apache2-worker-2.4.33-3.61.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.1'},\n {'reference':'apache2-2.4.33-3.61.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'apache2-2.4.33-3.61.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'apache2-devel-2.4.33-3.61.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'apache2-devel-2.4.33-3.61.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'apache2-doc-2.4.33-3.61.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'apache2-prefork-2.4.33-3.61.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'apache2-prefork-2.4.33-3.61.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'apache2-utils-2.4.33-3.61.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'apache2-utils-2.4.33-3.61.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'apache2-worker-2.4.33-3.61.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'apache2-worker-2.4.33-3.61.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-1'},\n {'reference':'apache2-2.4.33-3.61.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'apache2-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'apache2-2.4.33-3.61.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'apache2-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'apache2-devel-2.4.33-3.61.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'apache2-devel-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'apache2-devel-2.4.33-3.61.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'apache2-devel-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'apache2-doc-2.4.33-3.61.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'apache2-doc-2.4.33-3.61.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'apache2-prefork-2.4.33-3.61.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'apache2-prefork-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'apache2-prefork-2.4.33-3.61.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'apache2-prefork-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'apache2-utils-2.4.33-3.61.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'apache2-utils-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'apache2-utils-2.4.33-3.61.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'apache2-utils-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'apache2-worker-2.4.33-3.61.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'apache2-worker-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'apache2-worker-2.4.33-3.61.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'apache2-worker-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'apache2-2.4.33-3.61.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'apache2-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'apache2-2.4.33-3.61.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'apache2-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'apache2-devel-2.4.33-3.61.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'apache2-devel-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'apache2-devel-2.4.33-3.61.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'apache2-devel-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'apache2-doc-2.4.33-3.61.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'apache2-doc-2.4.33-3.61.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'apache2-prefork-2.4.33-3.61.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'apache2-prefork-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'apache2-prefork-2.4.33-3.61.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'apache2-prefork-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'apache2-utils-2.4.33-3.61.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'apache2-utils-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'apache2-utils-2.4.33-3.61.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'apache2-utils-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'apache2-worker-2.4.33-3.61.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'apache2-worker-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'apache2-worker-2.4.33-3.61.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'apache2-worker-2.4.33-3.61.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'apache2-2.4.33-3.61.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'apache2-2.4.33-3.61.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'apache2-devel-2.4.33-3.61.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'apache2-devel-2.4.33-3.61.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'apache2-doc-2.4.33-3.61.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'apache2-prefork-2.4.33-3.61.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'apache2-prefork-2.4.33-3.61.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'apache2-utils-2.4.33-3.61.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'apache2-utils-2.4.33-3.61.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'apache2-worker-2.4.33-3.61.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'apache2-worker-2.4.33-3.61.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15.1'},\n {'reference':'apache2-2.4.33-3.61.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'apache2-devel-2.4.33-3.61.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'apache2-doc-2.4.33-3.61.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'apache2-prefork-2.4.33-3.61.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'apache2-utils-2.4.33-3.61.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'apache2-worker-2.4.33-3.61.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'apache2-2.4.33-3.61.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'apache2-devel-2.4.33-3.61.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'apache2-doc-2.4.33-3.61.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'apache2-prefork-2.4.33-3.61.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'apache2-utils-2.4.33-3.61.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'apache2-worker-2.4.33-3.61.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15.1'},\n {'reference':'apache2-2.4.33-3.61.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'apache2-devel-2.4.33-3.61.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'apache2-doc-2.4.33-3.61.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'apache2-prefork-2.4.33-3.61.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'apache2-utils-2.4.33-3.61.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'},\n {'reference':'apache2-worker-2.4.33-3.61.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.1'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apache2 / apache2-devel / apache2-doc / apache2-prefork / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:27:41", "description": "The version of httpd24 installed on the remote host is prior to 2.4.52-1.95. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1560 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-01-19T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : httpd24 (ALAS-2022-1560)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-04-27T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:httpd24", "p-cpe:/a:amazon:linux:httpd24-debuginfo", "p-cpe:/a:amazon:linux:httpd24-devel", "p-cpe:/a:amazon:linux:httpd24-manual", "p-cpe:/a:amazon:linux:httpd24-tools", "p-cpe:/a:amazon:linux:mod24_ldap", "p-cpe:/a:amazon:linux:mod24_md", "p-cpe:/a:amazon:linux:mod24_proxy_html", "p-cpe:/a:amazon:linux:mod24_session", "p-cpe:/a:amazon:linux:mod24_ssl", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2022-1560.NASL", "href": "https://www.tenable.com/plugins/nessus/156868", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2022-1560.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156868);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/27\");\n\n script_cve_id(\"CVE-2021-44224\", \"CVE-2021-44790\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n script_xref(name:\"ALAS\", value:\"2022-1560\");\n\n script_name(english:\"Amazon Linux AMI : httpd24 (ALAS-2022-1560)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of httpd24 installed on the remote host is prior to 2.4.52-1.95. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS-2022-1560 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL\n pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for\n requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This\n issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2022-1560.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-44224.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-44790.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update httpd24' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd24-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd24-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd24-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd24-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_md\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_proxy_html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'httpd24-2.4.52-1.95.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd24-2.4.52-1.95.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd24-debuginfo-2.4.52-1.95.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd24-debuginfo-2.4.52-1.95.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd24-devel-2.4.52-1.95.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd24-devel-2.4.52-1.95.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd24-manual-2.4.52-1.95.amzn1', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd24-tools-2.4.52-1.95.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd24-tools-2.4.52-1.95.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod24_ldap-2.4.52-1.95.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod24_ldap-2.4.52-1.95.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod24_md-2.4.52-1.95.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod24_md-2.4.52-1.95.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod24_proxy_html-2.4.52-1.95.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod24_proxy_html-2.4.52-1.95.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod24_session-2.4.52-1.95.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod24_session-2.4.52-1.95.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod24_ssl-2.4.52-1.95.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod24_ssl-2.4.52-1.95.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd24 / httpd24-debuginfo / httpd24-devel / etc\");\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:27:14", "description": "The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0091-2 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-01-21T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : apache2 (SUSE-SU-2022:0091-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-04-27T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2-event", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0091-2.NASL", "href": "https://www.tenable.com/plugins/nessus/156923", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0091-2. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156923);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/27\");\n\n script_cve_id(\"CVE-2021-44224\", \"CVE-2021-44790\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0091-2\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"SUSE SLES15 Security Update : apache2 (SUSE-SU-2022:0091-2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:0091-2 advisory.\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL\n pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for\n requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This\n issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193942\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193943\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-January/010042.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b35ca336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44224\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44790\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected apache2-event package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-event\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP2\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'apache2-event-2.4.51-3.37.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-packagehub-subpackages-release-15.2'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apache2-event');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:36:38", "description": "The version of Apache httpd installed on the remote host is equal to or greater than 2.4.7 and prior to 2.4.52.\nIt is, therefore, affected by a flaw related to acting as a forward proxy.\n\nA crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery).\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-12-23T00:00:00", "type": "nessus", "title": "Apache 2.4.x >= 2.4.7 / < 2.4.52 Forward Proxy DoS / SSRF", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790"], "modified": "2022-05-25T00:00:00", "cpe": ["cpe:/a:apache:httpd", "cpe:/a:apache:http_server"], "id": "APACHE_2_4_52.NASL", "href": "https://www.tenable.com/plugins/nessus/156255", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156255);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\"CVE-2021-44224\", \"CVE-2021-44790\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"Apache 2.4.x >= 2.4.7 / < 2.4.52 Forward Proxy DoS / SSRF\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by a denial of service or server-side request forgery vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apache httpd installed on the remote host is equal to or greater than 2.4.7 and prior to 2.4.52.\nIt is, therefore, affected by a flaw related to acting as a forward proxy.\n\nA crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL\npointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for\nrequests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery).\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache version 2.4.52 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:http_server\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"apache_http_version.nasl\", \"apache_http_server_nix_installed.nbin\", \"apache_httpd_win_installed.nbin\");\n script_require_keys(\"installed_sw/Apache\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\napp_info = vcf::apache_http_server::combined_get_app_info(app:'Apache');\n\nvar constraints = [\n { 'min_version' : '2.4.7', 'max_version' : '2.4.51', 'fixed_version' : '2.4.52' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:27:42", "description": "According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is less than 5.20.0 and is therefore affected by multiple vulnerabilities:\n\n- A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n- A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790) Note that successful exploitation of the most serious issues can result in arbitrary code execution.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-01-07T00:00:00", "type": "nessus", "title": "Tenable SecurityCenter < 5.20.0 Multiple Vulnerabilities (TNS-2022-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790", "CVE-2022-0130"], "modified": "2022-01-10T00:00:00", "cpe": ["cpe:/a:tenable:securitycenter"], "id": "SECURITYCENTER_5_20_0_TNS_2022_01.NASL", "href": "https://www.tenable.com/plugins/nessus/156557", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156557);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/10\");\n\n script_cve_id(\"CVE-2021-44224\", \"CVE-2021-44790\", \"CVE-2022-0130\");\n\n script_name(english:\"Tenable SecurityCenter < 5.20.0 Multiple Vulnerabilities (TNS-2022-01)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is less \nthan 5.20.0 and is therefore affected by multiple vulnerabilities:\n\n- A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer \n dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be \n directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP \n Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n- A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called \n from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible \n to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n \nNote that successful exploitation of the most serious issues can result in arbitrary code execution.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/tns-2022-01\");\n script_set_attribute(attribute:\"see_also\", value:\"https://httpd.apache.org/security/vulnerabilities_24.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the security patch referenced in the vendor advisory or upgrade to 5.20.0 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:tenable:securitycenter\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"securitycenter_installed.nbin\");\n script_require_ports(\"installed_sw/Tenable SecurityCenter\");\n\n exit(0);\n}\n\ninclude('vcf_extras.inc');\n\nvar patches = make_list('SC-202201.1');\nvar app_info = vcf::tenable_sc::get_app_info();\n\nvcf::tenable_sc::check_for_patch(app_info:app_info, patches:patches);\n\nvar constraints = [\n { 'min_version' : '5.14.0', 'max_version': '5.15', 'fixed_display' : 'Upgrade to 5.20.0 or later'},\n { 'min_version' : '5.16.0', 'max_version' : '5.19.1', 'fixed_display' : 'Apply Patch SC-202201.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-05T14:32:30", "description": "According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\n - A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier. (CVE-2022-22719)\n\n - Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling (CVE-2022-22720)\n\n - If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier. (CVE-2022-22721)\n\n - Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions. (CVE-2022-23943)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-07-15T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.1 : httpd (EulerOS-SA-2022-2053)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790", "CVE-2022-22719", "CVE-2022-22720", "CVE-2022-22721", "CVE-2022-23943"], "modified": "2022-07-15T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:httpd", "p-cpe:/a:huawei:euleros:httpd-filesystem", "p-cpe:/a:huawei:euleros:httpd-tools", "cpe:/o:huawei:euleros:uvp:2.10.1"], "id": "EULEROS_SA-2022-2053.NASL", "href": "https://www.tenable.com/plugins/nessus/163204", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163204);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/07/15\");\n\n script_cve_id(\n \"CVE-2021-44224\",\n \"CVE-2021-44790\",\n \"CVE-2022-22719\",\n \"CVE-2022-22720\",\n \"CVE-2022-22721\",\n \"CVE-2022-23943\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.10.1 : httpd (EulerOS-SA-2022-2053)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL\n pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for\n requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This\n issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\n - A carefully crafted request body can cause a read to a random memory area which could cause the process to\n crash. This issue affects Apache HTTP Server 2.4.52 and earlier. (CVE-2022-22719)\n\n - Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered\n discarding the request body, exposing the server to HTTP Request Smuggling (CVE-2022-22720)\n\n - If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems\n an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server\n 2.4.52 and earlier. (CVE-2022-22721)\n\n - Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap\n memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and\n prior versions. (CVE-2022-23943)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2053\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3db9cdcc\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected httpd packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23943\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"httpd-2.4.43-4.h14.eulerosv2r10\",\n \"httpd-filesystem-2.4.43-4.h14.eulerosv2r10\",\n \"httpd-tools-2.4.43-4.h14.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-05T14:33:31", "description": "According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\n - A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier. (CVE-2022-22719)\n\n - Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling (CVE-2022-22720)\n\n - If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier. (CVE-2022-22721)\n\n - Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions. (CVE-2022-23943)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-07-14T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.0 : httpd (EulerOS-SA-2022-2025)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44224", "CVE-2021-44790", "CVE-2022-22719", "CVE-2022-22720", "CVE-2022-22721", "CVE-2022-23943"], "modified": "2022-07-14T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:httpd", "p-cpe:/a:huawei:euleros:httpd-filesystem", "p-cpe:/a:huawei:euleros:httpd-tools", "cpe:/o:huawei:euleros:uvp:2.10.0"], "id": "EULEROS_SA-2022-2025.NASL", "href": "https://www.tenable.com/plugins/nessus/163151", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163151);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/07/14\");\n\n script_cve_id(\n \"CVE-2021-44224\",\n \"CVE-2021-44790\",\n \"CVE-2022-22719\",\n \"CVE-2022-22720\",\n \"CVE-2022-22721\",\n \"CVE-2022-23943\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.10.0 : httpd (EulerOS-SA-2022-2025)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL\n pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for\n requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This\n issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). (CVE-2021-44224)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\n - A carefully crafted request body can cause a read to a random memory area which could cause the process to\n crash. This issue affects Apache HTTP Server 2.4.52 and earlier. (CVE-2022-22719)\n\n - Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered\n discarding the request body, exposing the server to HTTP Request Smuggling (CVE-2022-22720)\n\n - If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems\n an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server\n 2.4.52 and earlier. (CVE-2022-22721)\n\n - Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap\n memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and\n prior versions. (CVE-2022-23943)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2025\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?84447ff8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected httpd packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23943\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"httpd-2.4.43-4.h14.eulerosv2r10\",\n \"httpd-filesystem-2.4.43-4.h14.eulerosv2r10\",\n \"httpd-tools-2.4.43-4.h14.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:33:23", "description": "The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:0258 advisory.\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-03-11T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : httpd:2.4 (ALSA-2022:0258)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44790"], "modified": "2022-04-27T00:00:00", "cpe": ["p-cpe:/a:alma:linux:httpd", "p-cpe:/a:alma:linux:httpd-devel", "p-cpe:/a:alma:linux:httpd-filesystem", "p-cpe:/a:alma:linux:httpd-manual", "p-cpe:/a:alma:linux:httpd-tools", "p-cpe:/a:alma:linux:mod_http2", "p-cpe:/a:alma:linux:mod_ldap", "p-cpe:/a:alma:linux:mod_md", "p-cpe:/a:alma:linux:mod_proxy_html", "p-cpe:/a:alma:linux:mod_session", "p-cpe:/a:alma:linux:mod_ssl", "cpe:/o:alma:linux:8"], "id": "ALMA_LINUX_ALSA-2022-0258.NASL", "href": "https://www.tenable.com/plugins/nessus/158859", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2022:0258.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158859);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/27\");\n\n script_cve_id(\"CVE-2021-44790\");\n script_xref(name:\"ALSA\", value:\"2022:0258\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"AlmaLinux 8 : httpd:2.4 (ALSA-2022:0258)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the\nALSA-2022:0258 advisory.\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2022-0258.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:httpd-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:mod_http2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:mod_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:mod_md\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:mod_proxy_html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:mod_session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar module_ver = get_kb_item('Host/AlmaLinux/appstream/httpd');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module httpd:2.4');\nif ('2.4' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module httpd:' + module_ver);\n\nvar appstreams = {\n 'httpd:2.4': [\n {'reference':'httpd-2.4.37-43.module_el8.5.0+2609+b30d9eec.1.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd-devel-2.4.37-43.module_el8.5.0+2609+b30d9eec.1.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd-filesystem-2.4.37-43.module_el8.5.0+2609+b30d9eec.1.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd-manual-2.4.37-43.module_el8.5.0+2609+b30d9eec.1.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd-tools-2.4.37-43.module_el8.5.0+2609+b30d9eec.1.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod_http2-1.15.7-3.module_el8.5.0+2609+b30d9eec', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod_ldap-2.4.37-43.module_el8.5.0+2609+b30d9eec.1.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod_md-2.0.8-8.module_el8.5.0+2609+b30d9eec', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mod_proxy_html-2.4.37-43.module_el8.5.0+2609+b30d9eec.1.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mod_session-2.4.37-43.module_el8.5.0+2609+b30d9eec.1.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod_ssl-2.4.37-43.module_el8.5.0+2609+b30d9eec.1.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n};\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/AlmaLinux/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module httpd:2.4');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'httpd / httpd-devel / httpd-filesystem / httpd-manual / httpd-tools / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:33:42", "description": "According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-03-21T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : httpd (EulerOS-SA-2022-1326)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44790"], "modified": "2022-04-27T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:httpd", "p-cpe:/a:huawei:euleros:httpd-devel", "p-cpe:/a:huawei:euleros:httpd-manual", "p-cpe:/a:huawei:euleros:httpd-tools", "p-cpe:/a:huawei:euleros:mod_session", "p-cpe:/a:huawei:euleros:mod_ssl", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1326.NASL", "href": "https://www.tenable.com/plugins/nessus/159102", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159102);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/27\");\n\n script_cve_id(\"CVE-2021-44790\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"EulerOS 2.0 SP5 : httpd (EulerOS-SA-2022-1326)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1326\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?77b12b08\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected httpd packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:mod_session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"httpd-2.4.6-80.1.h15.eulerosv2r7\",\n \"httpd-devel-2.4.6-80.1.h15.eulerosv2r7\",\n \"httpd-manual-2.4.6-80.1.h15.eulerosv2r7\",\n \"httpd-tools-2.4.6-80.1.h15.eulerosv2r7\",\n \"mod_session-2.4.6-80.1.h15.eulerosv2r7\",\n \"mod_ssl-2.4.6-80.1.h15.eulerosv2r7\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:37:19", "description": "According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-05-07T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.0 : httpd (EulerOS-SA-2022-1671)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44790"], "modified": "2022-05-09T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:httpd", "p-cpe:/a:huawei:euleros:httpd-tools", "p-cpe:/a:huawei:euleros:mod_ssl", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2022-1671.NASL", "href": "https://www.tenable.com/plugins/nessus/160697", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160697);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\"CVE-2021-44790\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"EulerOS Virtualization 3.0.2.0 : httpd (EulerOS-SA-2022-1671)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1671\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b59472a0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected httpd packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"httpd-2.4.6-80.1.h15\",\n \"httpd-tools-2.4.6-80.1.h15\",\n \"mod_ssl-2.4.6-80.1.h15\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:37:46", "description": "The version of Apache httpd installed on the remote host is prior to 2.4.52. It is, therefore, affected by a flaw related to mod_lua when handling multipart content. A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerability though it might be possible to craft one.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-05-24T00:00:00", "type": "nessus", "title": "Apache 2.4.x < 2.4.52 mod_lua Buffer Overflow", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44790"], "modified": "2022-05-26T00:00:00", "cpe": ["cpe:/a:apache:httpd", "cpe:/a:apache:http_server"], "id": "APACHE_2_4_52_CVE-2021-44790.NASL", "href": "https://www.tenable.com/plugins/nessus/161454", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161454);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/26\");\n\n script_cve_id(\"CVE-2021-44790\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"Apache 2.4.x < 2.4.52 mod_lua Buffer Overflow\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by a buffer overflow vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apache httpd installed on the remote host is prior to 2.4.52. It is, therefore, affected by \na flaw related to mod_lua when handling multipart content. A carefully crafted request body can cause a \nbuffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd\nteam is not aware of an exploit for the vulnerability though it might be possible to craft one.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache version 2.4.52 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:http_server\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"apache_http_version.nasl\", \"apache_http_server_nix_installed.nbin\", \"apache_httpd_win_installed.nbin\");\n script_require_keys(\"installed_sw/Apache\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\napp_info = vcf::apache_http_server::combined_get_app_info(app:'Apache');\n\nvar constraints = [\n { 'min_version' : '2.4.0', 'max_version' : '2.4.51', 'fixed_version' : '2.4.52' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:27:16", "description": "An update of the httpd package has been released.\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-01-10T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Httpd PHSA-2021-3.0-0346", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44790"], "modified": "2022-04-27T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:httpd", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2021-3_0-0346_HTTPD.NASL", "href": "https://www.tenable.com/plugins/nessus/156585", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2021-3.0-0346. The text\n# itself is copyright (C) VMware, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156585);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/27\");\n\n script_cve_id(\"CVE-2021-44790\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"Photon OS 3.0: Httpd PHSA-2021-3.0-0346\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the httpd package has been released.\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-346.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item('Host/PhotonOS/release');\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, 'PhotonOS');\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, 'PhotonOS 3.0');\n\nif (!get_kb_item('Host/PhotonOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'PhotonOS', cpu);\n\nvar flag = 0;\n\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'httpd-2.4.52-1.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'httpd-devel-2.4.52-1.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'httpd-docs-2.4.52-1.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'httpd-tools-2.4.52-1.ph3')) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'httpd');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:27:12", "description": "The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:0258 advisory.\n\n - httpd: mod_lua: Possible buffer overflow when parsing multipart content (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-01-26T00:00:00", "type": "nessus", "title": "CentOS 8 : httpd:2.4 (CESA-2022:0258)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44790"], "modified": "2022-04-27T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:httpd", "p-cpe:/a:centos:centos:httpd-devel", "p-cpe:/a:centos:centos:httpd-filesystem", "p-cpe:/a:centos:centos:httpd-manual", "p-cpe:/a:centos:centos:httpd-tools", "p-cpe:/a:centos:centos:mod_http2", "p-cpe:/a:centos:centos:mod_ldap", "p-cpe:/a:centos:centos:mod_md", "p-cpe:/a:centos:centos:mod_proxy_html", "p-cpe:/a:centos:centos:mod_session", "p-cpe:/a:centos:centos:mod_ssl"], "id": "CENTOS8_RHSA-2022-0258.NASL", "href": "https://www.tenable.com/plugins/nessus/157080", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2022:0258. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157080);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/27\");\n\n script_cve_id(\"CVE-2021-44790\");\n script_xref(name:\"RHSA\", value:\"2022:0258\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"CentOS 8 : httpd:2.4 (CESA-2022:0258)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nCESA-2022:0258 advisory.\n\n - httpd: mod_lua: Possible buffer overflow when parsing multipart content (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0258\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mod_http2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mod_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mod_md\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mod_proxy_html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mod_session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mod_ssl\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nvar os_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'httpd-2.4.37-43.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd-2.4.37-43.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd-devel-2.4.37-43.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd-devel-2.4.37-43.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd-filesystem-2.4.37-43.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd-filesystem-2.4.37-43.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd-manual-2.4.37-43.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd-manual-2.4.37-43.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd-tools-2.4.37-43.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd-tools-2.4.37-43.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod_http2-1.15.7-3.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod_http2-1.15.7-3.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod_ldap-2.4.37-43.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod_ldap-2.4.37-43.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod_md-2.0.8-8.module_el8.3.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mod_md-2.0.8-8.module_el8.3.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mod_proxy_html-2.4.37-43.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mod_proxy_html-2.4.37-43.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mod_session-2.4.37-43.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod_session-2.4.37-43.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod_ssl-2.4.37-43.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mod_ssl-2.4.37-43.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'httpd / httpd-devel / httpd-filesystem / httpd-manual / httpd-tools / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:26:43", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:0258 advisory.\n\n - httpd: mod_lua: Possible buffer overflow when parsing multipart content (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-01-26T00:00:00", "type": "nessus", "title": "RHEL 8 : httpd:2.4 (RHSA-2022:0258)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44790"], "modified": "2022-04-27T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_tus:8.2", "cpe:/o:redhat:rhel_tus:8.4", "p-cpe:/a:redhat:enterprise_linux:httpd", "p-cpe:/a:redhat:enterprise_linux:httpd-devel", "p-cpe:/a:redhat:enterprise_linux:httpd-filesystem", "p-cpe:/a:redhat:enterprise_linux:httpd-manual", "p-cpe:/a:redhat:enterprise_linux:httpd-tools", "p-cpe:/a:redhat:enterprise_linux:mod_http2", "p-cpe:/a:redhat:enterprise_linux:mod_ldap", "p-cpe:/a:redhat:enterprise_linux:mod_md", "p-cpe:/a:redhat:enterprise_linux:mod_proxy_html", "p-cpe:/a:redhat:enterprise_linux:mod_session", "p-cpe:/a:redhat:enterprise_linux:mod_ssl"], "id": "REDHAT-RHSA-2022-0258.NASL", "href": "https://www.tenable.com/plugins/nessus/157099", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0258. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157099);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/27\");\n\n script_cve_id(\"CVE-2021-44790\");\n script_xref(name:\"RHSA\", value:\"2022:0258\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"RHEL 8 : httpd:2.4 (RHSA-2022:0258)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:0258 advisory.\n\n - httpd: mod_lua: Possible buffer overflow when parsing multipart content (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/787.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-44790\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0258\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2034674\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(400, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_http2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_md\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_proxy_html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ssl\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'enterprise_linux_8_appstream': [\n 'rhel-8-for-aarch64-appstream-debug-rpms',\n 'rhel-8-for-aarch64-appstream-rpms',\n 'rhel-8-for-aarch64-appstream-source-rpms',\n 'rhel-8-for-s390x-appstream-debug-rpms',\n 'rhel-8-for-s390x-appstream-rpms',\n 'rhel-8-for-s390x-appstream-source-rpms',\n 'rhel-8-for-x86_64-appstream-debug-rpms',\n 'rhel-8-for-x86_64-appstream-rpms',\n 'rhel-8-for-x86_64-appstream-source-rpms'\n ],\n 'enterprise_linux_8_baseos': [\n 'rhel-8-for-aarch64-baseos-debug-rpms',\n 'rhel-8-for-aarch64-baseos-rpms',\n 'rhel-8-for-aarch64-baseos-source-rpms',\n 'rhel-8-for-s390x-baseos-debug-rpms',\n 'rhel-8-for-s390x-baseos-rpms',\n 'rhel-8-for-s390x-baseos-source-rpms',\n 'rhel-8-for-x86_64-baseos-debug-rpms',\n 'rhel-8-for-x86_64-baseos-rpms',\n 'rhel-8-for-x86_64-baseos-source-rpms'\n ],\n 'enterprise_linux_8_crb': [\n 'codeready-builder-for-rhel-8-aarch64-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-rpms',\n 'codeready-builder-for-rhel-8-aarch64-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-rpms',\n 'codeready-builder-for-rhel-8-s390x-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-rpms',\n 'codeready-builder-for-rhel-8-x86_64-source-rpms'\n ],\n 'enterprise_linux_8_highavailability': [\n 'rhel-8-for-aarch64-highavailability-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-rpms',\n 'rhel-8-for-aarch64-highavailability-source-rpms',\n 'rhel-8-for-s390x-highavailability-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-rpms',\n 'rhel-8-for-s390x-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-rpms',\n 'rhel-8-for-x86_64-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'enterprise_linux_8_nfv': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'enterprise_linux_8_realtime': [\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'enterprise_linux_8_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-rpms',\n 'rhel-8-for-s390x-resilientstorage-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-rpms',\n 'rhel-8-for-x86_64-resilientstorage-source-rpms'\n ],\n 'enterprise_linux_8_sap': [\n 'rhel-8-for-s390x-sap-netweaver-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-rpms',\n 'rhel-8-for-s390x-sap-netweaver-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-source-rpms'\n ],\n 'enterprise_linux_8_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-rpms',\n 'rhel-8-for-x86_64-sap-solutions-source-rpms'\n ],\n 'enterprise_linux_8_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-rpms',\n 'rhel-8-for-aarch64-supplementary-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-rpms',\n 'rhel-8-for-s390x-supplementary-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-rpms',\n 'rhel-8-for-x86_64-supplementary-source-rpms'\n ],\n 'rhel_aus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_aus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_2_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms'\n ],\n 'rhel_eus_8_4_baseos': [\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms',\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-baseos-eus-rpms',\n 'rhel-8-for-aarch64-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-rpms',\n 'rhel-8-for-s390x-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-source-rpms',\n 'rhel-8-for-s390x-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-eus-rpms',\n 'rhel-8-for-x86_64-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms'\n ],\n 'rhel_eus_8_4_crb': [\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_highavailability': [\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'rhel_eus_8_4_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_sap': [\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_extras_nfv_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms'\n ],\n 'rhel_extras_rt_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms'\n ],\n 'rhel_tus_8_2_appstream': [\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms__8_DOT_2'\n ],\n 'rhel_tus_8_2_baseos': [\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms__8_DOT_2'\n ],\n 'rhel_tus_8_2_highavailability': [\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms__8_DOT_2'\n ],\n 'rhel_tus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms__8_DOT_4'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nvar enterprise_linux_flag = rhel_repo_sets_has_enterprise_linux(repo_sets:repo_sets);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'httpd-2.4.37-21.module+el8.2.0+13808+dea277df.3', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'httpd-2.4.37-21.module+el8.2.0+13808+dea277df.3', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'httpd-2.4.37-21.module+el8.2.0+13808+dea277df.3', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'httpd-devel-2.4.37-21.module+el8.2.0+13808+dea277df.3', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'httpd-devel-2.4.37-21.module+el8.2.0+13808+dea277df.3', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'httpd-devel-2.4.37-21.module+el8.2.0+13808+dea277df.3', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'httpd-filesystem-2.4.37-21.module+el8.2.0+13808+dea277df.3', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'httpd-manual-2.4.37-21.module+el8.2.0+13808+dea277df.3', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'httpd-tools-2.4.37-21.module+el8.2.0+13808+dea277df.3', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'httpd-tools-2.4.37-21.module+el8.2.0+13808+dea277df.3', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'httpd-tools-2.4.37-21.module+el8.2.0+13808+dea277df.3', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'mod_http2-1.11.3-3.module+el8.2.0+7758+84b4ca3e.1', 'sp':'2', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability']},\n {'reference':'mod_http2-1.11.3-3.module+el8.2.0+7758+84b4ca3e.1', 'sp':'2', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability']},\n {'reference':'mod_http2-1.11.3-3.module+el8.2.0+7758+84b4ca3e.1', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability']},\n {'reference':'mod_http2-1.15.7-3.module+el8.4.0+8625+d397f3da', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'mod_http2-1.15.7-3.module+el8.4.0+8625+d397f3da', 'cpu':'s390x', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'mod_http2-1.15.7-3.module+el8.4.0+8625+d397f3da', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'mod_ldap-2.4.37-21.module+el8.2.0+13808+dea277df.3', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'mod_ldap-2.4.37-21.module+el8.2.0+13808+dea277df.3', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'mod_ldap-2.4.37-21.module+el8.2.0+13808+dea277df.3', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'mod_md-2.0.8-7.module+el8.2.0+5531+7e4d69a2', 'sp':'2', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability']},\n {'reference':'mod_md-2.0.8-7.module+el8.2.0+5531+7e4d69a2', 'sp':'2', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability']},\n {'reference':'mod_md-2.0.8-7.module+el8.2.0+5531+7e4d69a2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability']},\n {'reference':'mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611', 'cpu':'s390x', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'mod_proxy_html-2.4.37-21.module+el8.2.0+13808+dea277df.3', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'mod_proxy_html-2.4.37-21.module+el8.2.0+13808+dea277df.3', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'mod_proxy_html-2.4.37-21.module+el8.2.0+13808+dea277df.3', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'mod_session-2.4.37-21.module+el8.2.0+13808+dea277df.3', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'mod_session-2.4.37-21.module+el8.2.0+13808+dea277df.3', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'mod_session-2.4.37-21.module+el8.2.0+13808+dea277df.3', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'mod_ssl-2.4.37-21.module+el8.2.0+13808+dea277df.3', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'mod_ssl-2.4.37-21.module+el8.2.0+13808+dea277df.3', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'mod_ssl-2.4.37-21.module+el8.2.0+13808+dea277df.3', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'httpd / httpd-devel / httpd-filesystem / httpd-manual / httpd-tools / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:26:44", "description": "The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-0258 advisory.\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-01-26T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : httpd:2.4 (ELSA-2022-0258)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44790"], "modified": "2022-04-27T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:httpd", "p-cpe:/a:oracle:linux:httpd-devel", "p-cpe:/a:oracle:linux:httpd-filesystem", "p-cpe:/a:oracle:linux:httpd-manual", "p-cpe:/a:oracle:linux:httpd-tools", "p-cpe:/a:oracle:linux:mod_http2", "p-cpe:/a:oracle:linux:mod_ldap", "p-cpe:/a:oracle:linux:mod_md", "p-cpe:/a:oracle:linux:mod_proxy_html", "p-cpe:/a:oracle:linux:mod_session", "p-cpe:/a:oracle:linux:mod_ssl"], "id": "ORACLELINUX_ELSA-2022-0258.NASL", "href": "https://www.tenable.com/plugins/nessus/157121", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-0258.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157121);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/27\");\n\n script_cve_id(\"CVE-2021-44790\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n\n script_name(english:\"Oracle Linux 8 : httpd:2.4 (ELSA-2022-0258)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2022-0258 advisory.\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser\n (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the\n vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and\n earlier. (CVE-2021-44790)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-0258.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44790\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mod_http2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mod_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mod_md\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mod_proxy_html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mod_session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mod_ssl\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/httpd');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module httpd:2.4');\nif ('2.4' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module httpd:' + module_ver);\n\nvar appstreams = {\n 'httpd:2.4': [\n {'reference':'httpd-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd-devel-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd-devel-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd-filesystem-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd-manual-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd-tools-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'httpd-tools-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod_http2-1.15.7-3.module+el8.4.0+20024+b87b2deb', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod_http2-1.15.7-3.module+el8.4.0+20024+b87b2deb', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod_ldap-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod_ldap-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mod_proxy_html-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mod_proxy_html-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mod_session-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod_session-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mod_ssl-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mod_ssl-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n};\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var package_array ( appstreams[module] ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module httpd:2.4');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'httpd / httpd-devel / httpd-filesystem / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-05T14:27:49", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1136 advisory.\n\n - httpd: mod_lua: Possible buffer overflow when parsing multipart content (CVE-2021-44790)\n\n - httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling (CVE-2022-22720)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-04-02T00:00:00", "type": "nessus", "title": "RHEL 7 : httpd (RHSA-2022:1136)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44790", "CVE-2022-22720"], "modified": "2022-06-13T00:00:00", "cpe": ["cpe:/o:redhat:rhel_tus:7.6", "p-cpe:/a:redhat:enterprise_linux:httpd", "p-cpe:/a:redhat:enterprise_linux:httpd-devel", "p-cpe:/a:redhat:enterprise_linux:httpd-manual", "p-cpe:/a:redhat:enterprise_linux:httpd-tools", "p-cpe:/a:redhat:enterprise_linux:mod_ldap", "p-cpe:/a:redhat:enterprise_linux:mod_proxy_html", "p-cpe:/a:redhat:enterprise_linux:mod_session", "p-cpe:/a:redhat:enterprise_linux:mod_ssl"], "id": "REDHAT-RHSA-2022-1136.NASL", "href": "https://www.tenable.com/plugins/nessus/159468", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:1136. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159468);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/13\");\n\n script_cve_id(\"CVE-2021-44790\", \"CVE-2022-22720\");\n script_xref(name:\"RHSA\", value:\"2022:1136\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0124-S\");\n\n script_name(english:\"RHEL 7 : httpd (RHSA-2022:1136)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:1136 advisory.\n\n - httpd: mod_lua: Possible buffer overflow when parsing multipart content (CVE-2021-44790)\n\n - httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling\n (CVE-2022-22720)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/444.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/787.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-44790\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-22720\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:1136\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2034674\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2064321\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22720\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(400, 444, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_proxy_html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ssl\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.6')) audit(AUDIT_OS_NOT, 'Red Hat 7.6', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'rhel_tus_7_6_server': [\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-optional-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-rpms',\n 'rhel-7-server-tus-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-7-server-tus-source-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-debug-rpms',\n 'rhel-ha-for-rhel-7-server-tus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-rpms',\n 'rhel-ha-for-rhel-7-server-tus-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-source-rpms',\n 'rhel-ha-for-rhel-7-server-tus-source-rpms__7_DOT_6__x86_64'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar pkgs = [\n {'reference':'httpd-2.4.6-89.el7_6.4', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_tus_7_6_server']},\n {'reference':'httpd-devel-2.4.6-89.el7_6.4', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_tus_7_6_server']},\n {'reference':'httpd-manual-2.4.6-89.el7_6.4', 'sp':'6', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_tus_7_6_server']},\n {'reference':'httpd-tools-2.4.6-89.el7_6.4', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_tus_7_6_server']},\n {'reference':'mod_ldap-2.4.6-89.el7_6.4', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_tus_7_6_server']},\n {'reference':'mod_proxy_html-2.4.6-89.el7_6.4', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_tus_7_6_server']},\n {'reference':'mod_session-2.4.6-89.el7_6.4', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_tus_7_6_server']},\n {'reference':'mod_ssl-2.4.6-89.el7_6.4', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_tus_7_6_server']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Telco Extended Update Support repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'httpd / httpd-devel / httpd-manual / httpd-tools / mod_ldap / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-05T14:28:37", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1138 advisory.\n\n - httpd: mod_lua: Possible buffer overflow when parsing multipart content (CVE-2021-44790)\n\n - httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling (CVE-2022-22720)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-04-02T00:00:00", "type": "nessus", "title": "RHEL 7 : httpd (RHSA-2022:1138)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44790", "CVE-2022-22720"], "modified": "2022-06-13T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:7.4", "p-cpe:/a:redhat:enterprise_linux:httpd", "p-cpe:/a:redhat:enterprise_linux:httpd-devel", "p-cpe:/a:redhat:enterprise_linux:httpd-manual", "p-cpe:/a:redhat:enterprise_linux:httpd-tools", "p-cpe:/a:redhat:enterprise_linux:mod_ldap", "p-cpe:/a:redhat:enterprise_linux:mod_proxy_html", "p-cpe:/a:redhat:enterprise_linux:mod_session", "p-cpe:/a:redhat:enterprise_linux:mod_ssl"], "id": "REDHAT-RHSA-2022-1138.NASL", "href": "https://www.tenable.com/plugins/nessus/159469", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:1138. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159469);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/13\");\n\n script_cve_id(\"CVE-2021-44790\", \"CVE-2022-22720\");\n script_xref(name:\"RHSA\", value:\"2022:1138\");\n script_xref(name:\"IAVA\", value:\"2021-A-0604-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0124-S\");\n\n script_name(english:\"RHEL 7 : httpd (RHSA-2022:1138)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:1138 advisory.\n\n - httpd: mod_lua: Possible buffer overflow when parsing multipart content (CVE-2021-44790)\n\n - httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling\n (CVE-2022-22720)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/444.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/787.html\");\n script
[SECURITY] [DSA 5035-1] apache2 security update
