[SECURITY] Fedora 34 Update: httpd-2.4.51-1.fc34

The Apache HTTP Server is a powerful, efficient, and extensible web server...

RLSA-2021:3816 Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modproxy: SSRF via a crafted request uri-path containing "unix:" CVE-2021-40438 httpd: modsession: Heap overflow via a crafted SessionHeader value CVE-2021-26691 For more...

Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modproxy: SSRF via a crafted request uri-path containing "unix:" CVE-2021-40438 httpd: modsession: Heap overflow via a crafted SessionHeader value CVE-2021-26691 For more...

httpd:2.4 security update

An update is available for httpd, modhttp2, modmd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful,...

ALSA-2021:3816 Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modproxy: SSRF via a crafted request uri-path containing "unix:" CVE-2021-40438 httpd: modsession: Heap overflow via a crafted SessionHeader value CVE-2021-26691 For more...

RHEL 7 : httpd24-httpd (RHSA-2021:3754)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3754 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modproxy: SSRF via a...

Important: Red Hat Security Advisory: httpd24-httpd security update

An update for httpd24-httpd is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:"

A Server-Side Request Forgery SSRF flaw was found in modproxy of httpd. This flaw allows a remote, unauthenticated attacker to make the httpd server forward requests to an arbitrary server. The attacker could get, modify, or delete resources on other services that may be behind a firewall and...

FreeBSD : Apache httpd -- Path Traversal and Remote Code Execution (d001c189-2793-11ec-8fb1-206a8a720317)

The Apache http server project reports : critical: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 incomplete fix of CVE-2021-41773 CVE-2021-42013. It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a...

Critical Photon OS Security Update - PHSA-2021-3.0-0312

Updates of 'vim', 'httpd', 'apache-tomcat' packages of Photon OS have been released...

[slackware-security] httpd

New httpd packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/httpd-2.4.51-i586-1slack14.2.txz: Upgraded. SECURITY: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache...

Fedora: Security Advisory for httpd (FEDORA-2021-5d2d4b6ac5)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Photon OS 3.0: Httpd PHSA-2021-3.0-0309

An update of the httpd package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-3.0-0309. The text itself is copyright C VMware, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if descripti...

Photon OS 1.0: Httpd PHSA-2021-1.0-0437

An update of the httpd package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-1.0-0437. The text itself is copyright C VMware, Inc...

Photon OS 2.0: Httpd PHSA-2021-2.0-0399

An update of the httpd package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-2.0-0399. The text itself is copyright C VMware, Inc...

httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:"

A Server-Side Request Forgery SSRF flaw was found in modproxy of httpd. This flaw allows a remote, unauthenticated attacker to make the httpd server forward requests to an arbitrary server. The attacker could get, modify, or delete resources on other services that may be behind a firewall and...

httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:"

A Server-Side Request Forgery SSRF flaw was found in modproxy of httpd. This flaw allows a remote, unauthenticated attacker to make the httpd server forward requests to an arbitrary server. The attacker could get, modify, or delete resources on other services that may be behind a firewall and...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 Playground === This is a small Docker recipe for...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 Playground === This is a small Docker recipe for...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 Playground === This is a small Docker recipe for...