logo
DATABASE RESOURCES PRICING ABOUT US

Scientific Linux Security Update : httpd on SL7.x x86_64 (2022:0143)

Description

The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:0143-1 advisory. - httpd: mod_lua: Possible buffer overflow when parsing multipart content (CVE-2021-44790) - httpd: mod_session: Heap overflow via a crafted SessionHeader value (CVE-2021-26691) - httpd: NULL pointer dereference via malformed requests (CVE-2021-34798) - httpd: Out-of-bounds write in ap_escape_quotes() via malicious input (CVE-2021-39275) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.


Related