Lucene search
OracleLinuxELSA-2019-1898HistoryJul 30, 2019 - 12:00 a.m.
httpd security update
2019-07-3000:00:00
linux.oracle.com
194
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.018 Low
EPSS
Percentile
86.8%
[2.4.6-89.0.1]
- replace index.html with Oracle’s index page oracle_index.html
[2.4.6-89.1] - Resolves: #1719722 - CVE-2018-1312 httpd: Weak Digest auth nonce generation
in mod_auth_digest
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | httpd | < 2.4.6-89.0.1.el7_6.1 | httpd-2.4.6-89.0.1.el7_6.1.src.rpm |
| oracle linux | 7 | aarch64 | httpd | < 2.4.6-89.0.1.el7_6.1 | httpd-2.4.6-89.0.1.el7_6.1.aarch64.rpm |
| oracle linux | 7 | aarch64 | httpd-devel | < 2.4.6-89.0.1.el7_6.1 | httpd-devel-2.4.6-89.0.1.el7_6.1.aarch64.rpm |
| oracle linux | 7 | noarch | httpd-manual | < 2.4.6-89.0.1.el7_6.1 | httpd-manual-2.4.6-89.0.1.el7_6.1.noarch.rpm |
| oracle linux | 7 | aarch64 | httpd-tools | < 2.4.6-89.0.1.el7_6.1 | httpd-tools-2.4.6-89.0.1.el7_6.1.aarch64.rpm |
| oracle linux | 7 | aarch64 | mod_ldap | < 2.4.6-89.0.1.el7_6.1 | mod_ldap-2.4.6-89.0.1.el7_6.1.aarch64.rpm |
| oracle linux | 7 | aarch64 | mod_proxy_html | < 2.4.6-89.0.1.el7_6.1 | mod_proxy_html-2.4.6-89.0.1.el7_6.1.aarch64.rpm |
| oracle linux | 7 | aarch64 | mod_session | < 2.4.6-89.0.1.el7_6.1 | mod_session-2.4.6-89.0.1.el7_6.1.aarch64.rpm |
| oracle linux | 7 | aarch64 | mod_ssl | < 2.4.6-89.0.1.el7_6.1 | mod_ssl-2.4.6-89.0.1.el7_6.1.aarch64.rpm |
| oracle linux | 7 | src | httpd | < 2.4.6-89.0.1.el7_6.1 | httpd-2.4.6-89.0.1.el7_6.1.src.rpm |
Related
nessus
nessus
NewStart CGSL CORE 5.04 / MAIN 5.04 : httpd Vulnerability (NS-SA-2019-0182)
2019-10-15 00:00:00
CentOS 7 : httpd (CESA-2019:1898)
2019-08-12 00:00:00
Oracle Linux 7 : httpd (ELSA-2019-1898)
2019-08-12 00:00:00
redhatcve
redhatcve
CVE-2018-1312
2019-10-10 15:19:51
redhat
redhat
debiancve
debiancve
CVE-2018-1312
2018-03-26 15:29:00
prion
prion
Authentication flaw
2018-03-26 15:29:00
ibm
ibm
httpd
httpd
Apache Httpd < 2.4.33 : Weak Digest auth nonce generation in mod_auth_digest
2013-03-05 00:00:00
cve
cve
CVE-2018-1312
2018-03-26 15:29:00
ubuntucve
ubuntucve
CVE-2018-1312
2018-03-26 00:00:00
alpinelinux
alpinelinux
CVE-2018-1312
2018-03-26 15:29:00
veracode
veracode
Privilege Escalation
2019-05-16 03:21:43
Denial Of Service
2019-05-16 03:38:53
Path Traversal
2019-05-16 03:38:52
centos
centos
httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update
2019-07-31 14:15:59
f5
f5
K22902581 : Apache mod_auth_digest vulnerability CVE-2018-1312
2018-04-09 00:00:00
osv
osv
CVE-2018-1312
2018-03-26 15:29:00
apache2 - security update
2018-05-30 00:00:00
apache2 - security update
2018-04-03 00:00:00
openvas
openvas
CentOS Update for httpd CESA-2019:1898 centos7
2019-08-01 00:00:00
Debian: Security Advisory (DLA-1389-1)
2018-06-03 00:00:00
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2018-1152)
2020-01-23 00:00:00
oraclelinux
oraclelinux
httpd security and bug fix update
2019-08-13 00:00:00
debian
debian
[SECURITY] [DLA 1389-1] apache2 security update
2018-05-30 13:24:40
[SECURITY] [DSA 4164-1] apache2 security update
2018-04-03 16:02:15
[SECURITY] [DSA 4164-1] apache2 security update
2018-04-03 16:02:15
ubuntu
ubuntu
Apache vulnerabilities
2019-04-10 00:00:00
Apache HTTP Server vulnerabilities
2018-04-19 00:00:00
Apache HTTP Server vulnerabilities
2018-04-30 00:00:00
suse
suse
Security update for apache2 (important)
2018-04-09 03:07:20
Security update for apache2 (important)
2018-04-05 21:09:45
fedora
fedora
[SECURITY] Fedora 27 Update: httpd-2.4.33-2.fc27
2018-04-05 23:59:00
[SECURITY] Fedora 28 Update: httpd-2.4.33-2.fc28
2018-04-05 11:50:14
[SECURITY] Fedora 26 Update: httpd-2.4.33-4.fc26
2018-05-12 18:27:28
altlinux
altlinux
Security fix for the ALT Linux 10 package apache2 version 1:2.4.33-alt1
2018-03-31 00:00:00
Security fix for the ALT Linux 8 package apache2 version 1:2.4.33-alt1
2018-03-31 00:00:00
Security fix for the ALT Linux 9 package apache2 version 1:2.4.33-alt1
2018-03-31 00:00:00
archlinux
archlinux
[ASA-201804-4] apache: multiple issues
2018-04-04 00:00:00
freebsd
freebsd
apache -- multiple vulnerabilities
2018-03-23 00:00:00
amazon
amazon
Medium: httpd24
2018-05-03 16:29:00
kaspersky
kaspersky
KLA12361 Multiple vulnerabilities in Apache HTTP Server
2018-03-21 00:00:00
mageia
mageia
Updated apache packages fix security vulnerabilities
2018-11-20 14:11:24
symantec
symantec
Apache HTTP Server Vulnerabilities Jul 2017 - Sep 2018
2018-11-07 08:01:01
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.018 Low
EPSS
Percentile
86.8%
Related for ELSA-2019-1898