httpd: mod_macro: out-of-bounds read vulnerability

A flaw was found in the modmacro module of httpd. When processing a very long macro, the null byte terminator will not be added, leading to an out-of-bounds read, resulting in a crash...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-1380)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-1359)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-1273)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : httpd (EulerOS-SA-2024-1273)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. CVE-2023-31122 - When a...

BIT-APACHE-2021-44790 Possible buffer overflow when parsing multipart content in mod_lua of Apache HTTP Server 2.4.51 and earlier

A carefully crafted request body can cause a buffer overflow in the modlua multipart parser r:parsebody called from Lua scripts. The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier...

CentOS 9 : httpd-2.4.53-11.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the httpd-2.4.53-11.el9 build changelog. - out-of-bounds read/write of zero byte CVE-2006-20001 - Possible request smuggling CVE-2022-36760 - HTTP response splitting CVE-2022-37436...

CentOS 9 : httpd-2.4.57-2.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the httpd-2.4.57-2.el9 build changelog. - HTTP request splitting with modrewrite and modproxy CVE-2023-25690 Note that Nessus has not tested for this issue but has instead relied only on th...

CVE-2024-26342

A Null pointer dereference in usr/sbin/httpd in ASUS AC68U 3.0.0.4.384.82230 allows remote attackers to trigger DoS via network packet...

Null pointer dereference

A Null pointer dereference in usr/sbin/httpd in ASUS AC68U 3.0.0.4.384.82230 allows remote attackers to trigger DoS via network packet...

PT-2024-21362 · Asus · Asus Ac68U

Name of the Vulnerable Software and Affected Versions: ASUS AC68U version 3.0.0.4.384.82230 Description: A Null pointer dereference in usr/sbin/httpd allows remote attackers to trigger a denial of service DoS via a network packet. This issue can be exploited to cause a disruption in service...

PT-2024-13449 · Tenda · Tenda Ax12 +3

Name of the Vulnerable Software and Affected Versions: Tenda TX9 V1 version 22.03.02.54 Tenda AX3 V3 version 16.03.12.11 Tenda AX9 V1 version 22.03.01.46 Tenda AX12 V1 version 22.03.01.46 Description: An access control issue in /usr/sbin/httpd allows attackers to bypass authentication on any...

CVE-2023-47422

An access control issue in /usr/sbin/httpd in Tenda TX9 V1 V22.03.02.54, Tenda AX3 V3 V16.03.12.11, Tenda AX9 V1 V22.03.01.46, and Tenda AX12 V1 V22.03.01.46 allows attackers to bypass authentication on any endpoint via a crafted URL...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-1143)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : httpd (EulerOS-SA-2024-1143)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. CVE-2023-31122 Note tha...

The vulnerability of the formwrlSSIDset() function in the httpd daemon of the wireless access point Tenda W6 allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formwrlSSIDset function in the httpd daemon of the microprogrammed wireless access points Tenda W6 is related to the operation that goes beyond the buffer in memory when processing the index parameter. Exploiting this vulnerability could allow an attacker to compromise th...

The vulnerability of the formSetCfm() function in the httpd daemon of the wireless access points’ microprogramming software from Tenda i9, which allows a intruder to trigger a service failure.

The vulnerability of the formSetCfm function in the httpd daemon of the microprogrammed wireless access points from Tenda i9 is related to the operation that goes beyond the buffer in memory when processing the funcpara1 parameter. Exploiting this vulnerability could allow a malicious actor to...

CVE-2024-0996

A vulnerability classified as critical has been found in Tenda i9 1.0.0.94122. This affects the function formSetCfm of the file /goform/setcfm of the component httpd. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. It is possible to initiate the attack remotely. T...

CVE-2024-0996 Tenda i9 httpd setcfm formSetCfm stack-based overflow

A vulnerability classified as critical has been found in Tenda i9 1.0.0.94122. This affects the function formSetCfm of the file /goform/setcfm of the component httpd. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. It is possible to initiate the attack remotely. T...

CVE-2024-0993

A vulnerability was found in Tenda i6 1.0.0.93857. It has been classified as critical. Affected is the function formWifiMacFilterGet of the file /goform/WifiMacFilterGet of the component httpd. The manipulation of the argument index leads to stack-based buffer overflow. It is possible to launch t...