Lucene search

K
oraclelinuxOracleLinuxELSA-2020-1121
HistoryApr 06, 2020 - 12:00 a.m.

httpd security, bug fix, and enhancement update

2020-04-0600:00:00
linux.oracle.com
28

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.026 Low

EPSS

Percentile

90.3%

[2.4.6-93.0.1]

  • replace index.html with Oracles index page oracle_index.html
    [2.4.6-93]
  • Resolves: #1677496 - CVE-2018-17199 httpd: mod_session_cookie does not respect
    expiry time
    [2.4.6-92]
  • htpasswd: add SHA-2 crypt() support (#1486889)
    [2.4.6-91]
  • Resolves: #1630886 - scriptlet can fail if hostname is not installed
  • Resolves: #1565465 - CVE-2017-15710 httpd: Out of bound write in
    mod_authnz_ldap when using too small Accept-Language values
  • Resolves: #1568298 - CVE-2018-1301 httpd: Out of bounds access after
    failure in reading the HTTP request
  • Resolves: #1673457 - Apache child process crashes because ScriptAliasMatch
    directive
  • Resolves: #1633152 - mod_session missing apr-util-openssl
  • Resolves: #1649470 - httpd response contains garbage in Content-Type header
  • Resolves: #1724034 - Unexpected OCSP in proxy SSL connection

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.026 Low

EPSS

Percentile

90.3%