httpd: NULL pointer dereference via crafted request during HTTP/2 request processing

While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No exploit is known to the project...

httpd: possible NULL dereference or SSRF in forward proxy configurations

There's a null pointer dereference and server-side request forgery flaw in httpd's modproxy module, when it is configured to be used as a forward proxy. A crafted packet could be sent on the adjacent network to the forward proxy that could cause a crash, or potentially SSRF via misdirected Unix...

httpd: Out-of-bounds write in ap_escape_quotes() via malicious input

An out-of-bounds write in function apescapequotes of httpd allows an unauthenticated remote attacker to crash the server or potentially execute code on the system with the privileges of the httpd user, by providing malicious input to the function...

httpd: Request splitting via HTTP/2 method injection and mod_proxy

A NULL pointer dereference was found in Apache httpd modh2. The highest threat from this flaw is to system integrity...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

Tenda AC1206 setSchedWifi function sched_end_time buffer overflow vulnerability

The AC1206 is a high performance router designed with Gigabit ports for both WAN and LAN ports. A buffer overflow vulnerability exists in the Tenda AC1206 firmware version USAC1206V1.0RTLV15.03.06.23multiTD01, which originates from the /bin/httpd file /goform/openSchedWifi in the function scheden...

Tenda AC1206 fromSysToolRestoreSet Function Cross-Site Request Forgery Vulnerability

The AC1206 is a high performance router designed with Gigabit ports for both WAN and LAN ports. Tenda AC1206 firmware version USAC1206V1.0RTLV15.03.06.23multiTD01 has a cross-site request forgery vulnerability in the /bin/httpd file in the fromSysToolRestoreSet function /goform/ SysToolRestoreSet...

Tenda AC1206 setSchedWifi function sched_start_time buffer overflow vulnerability

The AC1206 is a high performance router designed with Gigabit ports for both WAN and LAN ports. A buffer overflow vulnerability exists in Tenda AC1206 firmware version USAC1206V1.0RTLV15.03.06.23multiTD01, which originates from the schedstarttime parameter in the setSchedWifi function of the...

CVE-2021-40556

A stack overflow vulnerability exists in the httpd service in ASUS RT-AX56U Router Version 3.0.0.4.386.44266. This vulnerability is caused by the strcat function called by "caupload" input handle function allowing the user to enter 0xFFFF bytes into the stack. This vulnerability allows an attacke...

CVE-2021-40556

A stack overflow vulnerability exists in the httpd service in ASUS RT-AX56U Router Version 3.0.0.4.386.44266. This vulnerability is caused by the strcat function called by "caupload" input handle function allowing the user to enter 0xFFFF bytes into the stack. This vulnerability allows an attacke...

CVE-2021-40556

CVE-2021-40556 affects ASUS RT-AX56U Router (firmware version 3.0.0.4.386.44266). The issue is a stack overflow in the httpd service caused by the strcat call in the caupload input handler, allowing an attacker to inject up to 0xFFFF bytes into the stack and potentially gain remote code execution...

httpd: possible NULL dereference or SSRF in forward proxy configurations

There's a null pointer dereference and server-side request forgery flaw in httpd's modproxy module, when it is configured to be used as a forward proxy. A crafted packet could be sent on the adjacent network to the forward proxy that could cause a crash, or potentially SSRF via misdirected Unix...

httpd: mod_lua: Use of uninitialized value of in r:parsebody

A flaw was found in the modlua module of httpd. A crafted request body can cause a read to a random memory area due to an uninitialized value in functions called by the parsebody function. The highest threat from this vulnerability is to system availability...

httpd: Request splitting via HTTP/2 method injection and mod_proxy

A NULL pointer dereference was found in Apache httpd modh2. The highest threat from this flaw is to system integrity...

httpd: mod_lua: DoS in r:parsebody

A flaw was found in the modlua module of httpd. A malicious request to a Lua script that calls parsebody0 can lead to a denial of service due to no default limit on the possible input size...

httpd: mod_lua: Information disclosure with websockets

A flaw was found in the modlua module of httpd. The data returned by the wsread function may point past the end of the storage allocated for the buffer, resulting in information disclosure...

httpd: mod_sed: DoS vulnerability

A flaw was found in the modsed module of httpd. A very large input to the modsed module can result in a denial of service due to excessively large memory allocations...

httpd: Out-of-bounds read in ap_strcmp_match()

An out-of-bounds read vulnerability was found in httpd. A very large input to the apstrcmpmatch function can lead to an integer overflow and result in an out-of-bounds read...

httpd: NULL pointer dereference via malformed requests

A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to system availability...

Moderate: Red Hat Security Advisory: httpd24-httpd security and bug fix update

An update for httpd24-httpd is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...