Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2020-1289)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-20335

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APPInstallation.asp?= URI...

Denial of service

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APPInstallation.asp?= URI...

CVE-2018-20335

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APPInstallation.asp?= URI...

Slowness in Presenting Citrix Gateway/AAA Login page on Client Browsers

Sometimes Citrix Gateway login page takes a long time to be presented on the client’s browsers. When this issue occurs, you might observe any of the following conditions. The number of established connections to Apache counter has hit the default configured limit of 30 or a customized value, if...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2020-1250)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

D-Link DIR-825 Stack Buffer Overflow Vulnerability

The D-Link DIR-825 is an AC 1200 Wi-Fi dual-band Gigabit LAN/WAN router. A stack buffer overflow vulnerability exists in the httpd binary in the D-Link DIR-825 Rev. B 2.10. An attacker can exploit this vulnerability by sending a POST request to ntpsync.cgi with a sufficiently long parameter...

CVE-2020-10214

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntpsync.cgi with a sufficiently long parameter ntpserver...

Stack overflow

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntpsync.cgi with a sufficiently long parameter ntpserver...

CVE-2020-10214

Affected product: D-Link DIR-825 Rev.B (firmware 2.10). Vulnerability: stack-based buffer overflow in the httpd binary that can be triggered by a POST to ntp_sync.cgi with a sufficiently long ntp_server parameter. Impact: allows an authenticated user to execute arbitrary code on the device. Root ...

CVE-2020-10214

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntpsync.cgi with a sufficiently long parameter ntpserver...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2020-1155)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : ipa on SL7.x x86_64 (20200205)

Security Fixes : - ipa: Denial of service in IPA server due to wrong use of berscanf CVE-2019-14867 - ipa: Batch API logging user passwords to /var/log/httpd/errorlog CVE-2019-10195 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description...

Critical Photon OS Security Update - PHSA-2020-0272

Updates of 'unbound', 'libxml2', 'libarchive', 'salt' packages of Photon OS have been released...

ipa: Batch API logging user passwords to /var/log/httpd/error_log

A flaw was found in the way that FreeIPA's batch processing API logged operations. This included passing user passwords in clear text on FreeIPA masters. Batch processing of commands with passwords as arguments or options is not performed by default in FreeIPA but is possible by third-party...

CVE-2019-10081

A vulnerability was found in Apache httpd, in modhttp2. Under certain circumstances, HTTP/2 early pushes could lead to memory corruption, causing a server to crash. Mitigation This flaw is only exploitable if Apache httpd is configured to respond to HTTP/2 requests, which is done by including "h2...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-1389)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-2249)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2016-1030)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2017-1178)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...