Apache HTTP Server Memory Access Vulnerability - Windows

Apache HTTP Server is prone to a memory access vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:httpserver";...

Apache HTTP Server Stack Overflow Vulnerability - Windows

Apache HTTP Server is prone to a stack overflow vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:httpserver"...

NewStart CGSL CORE 5.04 / MAIN 5.04 : httpd Multiple Vulnerabilities (NS-SA-2019-0202)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has httpd packages installed that are affected by multiple vulnerabilities: - A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes '/',...

Security Bulletin: Security vulnerabilities have been identified in IBM HTTP Server used by IBM Rational ClearQuest

Summary IBM HTTP Server IHS is used by IBM Rational ClearQuest. Information about security vulnerabilities affecting IHS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section. Affected Products and Versions IBM...

CVE-2018-1303

A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of modcachesocache. The vulnerability is considere...

Security Bulletin: Multiple vulnerabilities in IBM HTTP Server affect IBM Security Access Manager for Enterprise Single Sign-On

Summary These issues were also addressed by IBM WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On. Vulnerability Details CVEID: CVE-2018-20843 DESCRIPTION: libexpat is vulnerable to a denial of service, caused by an error in the XML parser. By...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearCase (CVE-2019-10092, CVE-2019-10098)

Summary IBM HTTP Server IHS is shipped as a component of IBM Rational ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section. Affected Products and...

CVE-2019-17104

In Centreon VM through 19.04.3, the cookie configuration within the Apache HTTP Server does not protect against theft because the HTTPOnly flag is not set...

Code injection

In Centreon VM through 19.04.3, the cookie configuration within the Apache HTTP Server does not protect against theft because the HTTPOnly flag is not set...

CVE-2019-17104

In Centreon VM through 19.04.3, the cookie configuration within the Apache HTTP Server does not protect against theft because the HTTPOnly flag is not set...

CVE-2019-17104

Centreon VM (through 19.04.3) is affected by a cookie-configuration issue in the Apache HTTP Server: the HTTPOnly flag is not set, enabling potential theft of cookies. This vulnerability is documented across multiple sources (NVD, Red Hat, GHSA, OSV, CNVD, Veracode, CVE lists) and is tied to Cent...

Cisco IOS XE Software HTTP Server DoS (cisco-sa-20190925-httpserv-dos)

According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability in the HTTP server code. This is due to a logical error in the HTTP server logging mechanism. An unauthenticated, remote attacker can exploit this by generating a large amount of long-lived connections to...

Apache Httpd < 2.4.48 : mod_proxy_wstunnel tunneling of non Upgraded connections

Apache HTTP Server versions 2.4.6 to 2.4.46 modproxywstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authenticati...

CVE-2008-1390

The AsteriskGUI HTTP server in Asterisk Open Source 1.4.x before 1.4.19-rc3 and 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6, AsteriskNOW before 1.0.2, Appliance Developer Kit before revision 104704, and s800i 1.0.x before 1.1.0.2 generates insufficiently random manager ID values...

Debian: Security Advisory (DLA-1945-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 6 / 7 : Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP3 (RHSA-2019:2946)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2946 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP...

Important: Red Hat Security Advisory: httpd24-httpd and httpd24-nghttp2 security update

An update for httpd24-httpd and httpd24-nghttp2 is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP3 security update

An update is now available for JBoss Core Services on RHEL 6 and RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP3 security update

Red Hat JBoss Core Services Pack Apache Server 2.4.29 Service Pack 3 packages for RHEL 6, RHEL 7, Microsoft Windows and Oracle Solaris are now available. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score...

Fedora Update for httpd FEDORA-2019-e00c65ec6f

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...