PT-2021-5651 · Apache +1 · Apache Http Server +6

Name of the Vulnerable Software and Affected Versions: SonicWall SMA 100 Appliances version 10.2.0.8-37sv SonicWall SMA 100 Appliances version 10.2.1.1-19sv SonicWall SMA 100 Appliances version 10.2.1.2-24sv SonicWall SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19s...

PT-2021-6473 · NetGear · Netgear Rax50 +20

Name of the Vulnerable Software and Affected Versions: NETGEAR R6700v3 version 1.0.4.120 10.0.91 NETGEAR R6400 versions affected versions not specified NETGEAR R6400v2 versions affected versions not specified NETGEAR R6900P versions affected versions not specified NETGEAR R7000 versions affected...

Oracle Linux 8 : httpd:2.4 (ELSA-2021-4537)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-4537 advisory. - Related: 2007235 - CVE-2021-40438 httpd:2.4/httpd: modproxy: SSRF via a crafted request uri-path - Resolves: 2007235 - CVE-2021-40438 httpd:2.4/httpd: modprox...

httpd:2.4 security update

httpd 2.4.37-43.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html. 2.4.37-43 - Related: 2007235 - CVE-2021-40438 httpd:2.4/httpd: modproxy: SSRF via a crafted request uri-path 2.4.37-42 - Resolves: 2007235 - CVE-2021-40438...

CentOS: Security Advisory for httpd (CESA-2021:3856)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CentOS 7 : httpd (RHSA-2021:3856)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3856 advisory. - A crafted request uri-path can cause modproxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server...

Oracle Linux 8 : httpd:2.4 (ELSA-2021-4257)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-4257 advisory. - Add checks on the configured UDS path Orabug: 33412270CVE-2021-40438 - Resolves: 1972500 - CVE-2021-30641 httpd:2.4/httpd: MergeSlashes regression -...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2021-2746)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2021-2779)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

httpd:2.4 security update

httpd 2.4.37-39.0.2.1 - modsession: save one aprstrtok Orabug: 33338149CVE-2021-26690...

RHEL 8 : httpd:2.4 (RHSA-2021:4257)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4257 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsession: NULL...

CentOS 8 : httpd:2.4 (CESA-2021:4257)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4257 advisory. - httpd: modsession: NULL pointer dereference when parsing Cookie header CVE-2021-26690 - httpd: Unexpected URL matching with 'MergeSlashes OFF'...

CentOS 8 : httpd:2.4 (CESA-2021:4537)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:4537 advisory. - httpd: Regression of CVE-2021-40438 and CVE-2021-26691 fixes in Red Hat Enterprise Linux 8.5 CVE-2021-20325 Note that Nessus has not tested for this issue but...

RHEL 8 : httpd:2.4 (RHSA-2021:4537)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4537 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Regression of...

httpd: mod_session: Heap overflow via a crafted SessionHeader value

A heap overflow flaw was found In Apache httpd modsession. The highest threat from this vulnerability is to system availability...

httpd: mod_proxy_wstunnel tunneling of non Upgraded connection

A flaw was found in Apache httpd. The modproxywstunnel module tunnels non-upgraded connections...

httpd: NULL pointer dereference via malformed requests

A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to system availability...

httpd: mod_proxy_wstunnel tunneling of non Upgraded connection

A flaw was found in Apache httpd. The modproxywstunnel module tunnels non-upgraded connections...

2.4 bug fix update

An update is available for httpd, modhttp2, modmd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful,...

ALBA-2021:4604 httpd:2.4 bug fix update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Bug Fixes: proxy rewrite to unix socket fails with CVE-2021-40438 fix BZ2017854, BZ2017855, BZ2017856...