MGASA-2022-0349 Updated perl-HTTP-Daemon packages fix security vulnerability

Request smuggling in HTTP::Daemon CVE-2022-31081...

CVE-2022-40076

Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: fromSetWifiGusetBasic...

Tenda AC21 缓冲区错误漏洞

The Tenda AC21 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC21 version V16.03.08.15, which stems from the lack of length checking of input data in the fromSetSysTime function of /bin/httpd, which can be exploited to cause httpd to restart...

Tenda AC21 缓冲区错误漏洞

The Tenda AC21 is a wireless router from China-based Tenda. A security vulnerability exists in firmware version 16.03.08.15 of the Tenda AC21 V. The vulnerability stems from a buffer overflow in the formSetVirtualSer function of its /bin/httpd component...

CVE-2022-38831

Tenda RX9Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/SetNetControlList...

CVE-2022-36585

In Tenda G3 USG3V3.0brV15.11.0.67663ENTDE, in httpd binary, the addDhcpRule function has a buffer overflow caused by sscanf...

Ubuntu: Security Advisory (USN-5520-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:2874-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : perl-HTTP-Daemon (SUSE-SU-2022:2872-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:2872-1 advisory. - HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially ...

openSUSE: Security Advisory for perl-HTTP-Daemon (SUSE-SU-2022:2874-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE: Security Advisory (SUSE-SU-2022:2872-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 Security Update : perl-HTTP-Daemon (SUSE-SU-2022:2874-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:2874-1 advisory. - HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability whi...

SUSE-SU-2022:2874-1 Security update for perl-HTTP-Daemon

This update for perl-HTTP-Daemon fixes the following issues: - CVE-2022-31081: Fixed request smuggling in HTTP::Daemon bsc1201157...

SUSE-SU-2022:2872-1 Security update for perl-HTTP-Daemon

This update for perl-HTTP-Daemon fixes the following issues: - CVE-2022-31081: Fixed request smuggling in HTTP::Daemon bsc1201157...

PT-2022-19151 · Unknown +1 · Freshtomato +1

Name of the Vulnerable Software and Affected Versions: FreshTomato version 2022.1 Description: A memory corruption issue exists in the httpd unescape functionality. This can be triggered by a specially-crafted HTTP request, leading to memory corruption. An attacker can exploit this by sending a...

PT-2022-19150 · Unknown +1 · Freshtomato +1

Name of the Vulnerable Software and Affected Versions: FreshTomato version 2022.1 Description: A memory corruption issue exists in the httpd unescape functionality. This can be triggered by a specially-crafted HTTP request, leading to memory corruption. An attacker can exploit this by sending a...

USN-5520-2: HTTP-Daemon vulnerability

USN-5520-1 fixed a vulnerability in HTTP-Daemon. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that HTTP-Daemon incorrectly handled certain crafted requests. A remote attacker could possibly use this issue to...

Ubuntu 16.04 ESM : HTTP-Daemon vulnerability (USN-5520-2)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-5520-2 advisory. USN-5520-1 fixed a vulnerability in HTTP-Daemon. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has extracted th...

USN-5520-1: HTTP-Daemon vulnerability

It was discovered that HTTP-Daemon incorrectly handled certain crafted requests. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : HTTP-Daemon vulnerability (USN-5520-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5520-1 advisory. It was discovered that HTTP-Daemon incorrectly handled certain crafted requests. A remote attacker could possibly use this issue to perfor...