Photon OS 1.0: Httpd PHSA-2019-1.0-0230

An update of the httpd package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0230. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid124870...

EulerOS Virtualization for ARM 64 3.0.1.0 : httpd (EulerOS-SA-2019-1389)

According to the versions of the httpd packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In Apache HTTP Server 2.4 release 2.4.37 and prior, modsession checks the session expiry time before decoding the...

EulerOS Virtualization 3.0.1.0 : httpd (EulerOS-SA-2019-1419)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The logcookie function in modlogconfig.c in the modlogconfig module in the Apache HTTP Server before 2.4.8 allows remote attackers...

[SECURITY] Fedora 30 Update: mod_cluster-1.3.11-1.fc30

Modcluster is an httpd-based load balancer. Like modjk and modproxy, modcluster uses a communication channel to forward requests from httpd to one of a set of application server nodes. Unlike modjk and modproxy, modclus ter leverages an additional connection between the application server nodes a...

EulerOS Virtualization 2.5.3 : httpd (EulerOS-SA-2019-1354)

According to the version of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A race condition was found in modauthdigest when the web server was running in a threaded MPM configuration. It could allow a user wi...

Fedora Update for mod_cluster FEDORA-2019-3877efca99

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 30 : mod_cluster (2019-7813edd5a2)

Security, Performance updates, fiexes blocker with crashing httpd BZ 1708248 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

Photon OS 2.0: Httpd PHSA-2019-2.0-0157

An update of the httpd package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0157. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid124680...

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 8 : httpd:2.4 (RHSA-2019:0980)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0980 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: privilege...

Fedora Update for httpd FEDORA-2019-119b14075a

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Important Photon OS Security Update - PHSA-2019-0157

Updates of 'sqlite', 'httpd' packages of Photon OS have been released...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0157

An update of 'httpd', 'sqlite' packages of Photon OS has been released...

Denial Of Service (DoS)

Apache httpd is vulnerable to denial of serviceDoS attacks. A remote user could send a specially crafted sequence of request headers to trigger a buffer overread error in apfindtoken and cause a segmentation fault which leads application to a crash...

Denial Of Service (DoS)

Apache httpd is vulnerable to NULL pointer dereference vulnerability. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request...

Denial Of Service (DoS)

Apache httpd is vulnerable to denial of serviceDoS attacks. This occurs in modmime when sending a specially crafted Content-Type response header which leads to buffer overread , resulting in a potentially exploitable crash...

Denial Of Service (DoS)

Apache httpd is vulnerable to denial of service attacks. The modauthdigest component does not properly initialize memory used to process 'Digest' type HTTP Authorization headers allowing a remote attacker to send a specially crafted request to view potentially sensitive information from the...

CVE-2019-11675

The groonga-httpd package 6.1.5-1 for Debian sets the /var/log/groonga ownership to the groonga account, which might let local users obtain root access because of unsafe interaction with logrotate. For example, an attacker can exploit a race condition to insert a symlink from /var/log/groonga/htt...

CVE-2019-11675

The groonga-httpd package 6.1.5-1 for Debian sets the /var/log/groonga ownership to the groonga account, which might let local users obtain root access because of unsafe interaction with logrotate. For example, an attacker can exploit a race condition to insert a symlink from /var/log/groonga/htt...

DEBIAN-CVE-2019-11675

The groonga-httpd package 6.1.5-1 for Debian sets the /var/log/groonga ownership to the groonga account, which might let local users obtain root access because of unsafe interaction with logrotate. For example, an attacker can exploit a race condition to insert a symlink from /var/log/groonga/htt...