logo
DATABASE RESOURCES PRICING ABOUT US

Oracle Linux 8 : httpd:2.4 (ELSA-2022-0258)

Description

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-0258 advisory. - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. (CVE-2021-44790) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.


Related