Apache httpd mod_auth_digest Memory Access Denial of Service (CVE-2017-9788)

A memory access error exists in Apache httpd. This vulnerability is due to an error in accessing uninitialized memory and failing to reset it while processing Authorization and Proxy-Authorization HTTP headers. A remote, unauthenticated attacker could exploit this vulnerability by sending...

CentOS 6 : httpd (CESA-2017:2972) (Optionsbleed)

An update for httpd is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

CentOS Update for httpd CESA-2017:2972 centos6

Check the version of httpd SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882791";...

RedHat Update for httpd RHSA-2017:2972-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : httpd on SL6.x i386/x86_64 (20171019) (Optionsbleed)

Security Fixes : - A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child...

RHEL 6 : httpd (RHSA-2017:2972)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2972 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: A use-after-free flaw w...

Oracle Linux 6 : httpd (ELSA-2017-2972)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-2972 advisory. 2.2.15-60.0.1.6 - replace index.html with Oracle's index page oracleindex.html - update vstring in specfile 2.2.15-60.6 - Resolves: 1493061 -...

httpd: # character matches all IPs

A regression was found in the Red Hat Enterprise Linux 6.9 version of httpd, causing comments in the "Allow" and "Deny" configuration lines to be parsed incorrectly. A web administrator could unintentionally allow any client to access a restricted HTTP resource...

Moderate: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

CVE-2017-12171

A regression was found in the Red Hat Enterprise Linux 6.9 version of httpd, causing comments in the "Allow" and "Deny" configuration lines to be parsed incorrectly. A web administrator could unintentionally allow any client to access a restricted HTTP resource...

httpd security update

2.2.15-60.0.1.6 - replace index.html with Oracle's index page oracleindex.html - update vstring in specfile 2.2.15-60.6 - Resolves: 1493061 - CVE-2017-9798 httpd: various flaws...

Fedora 26 : WebCalendar (2017-c9abeb3158)

New upstream release. Fixes CVE-2017-10840 and CVE-2017-10841. Upstream moved from sourceforge to github. PHP = 5.3 required. Adjust httpd configuration to support PHP FCGI. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system...

CentOS Update for httpd CESA-2017:2882 centos7

Check the version of httpd SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882784";...

RHEL 7 : httpd (RHSA-2017:2882)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:2882 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: A use-after-free flaw was found ...

Scientific Linux Security Update : httpd on SL7.x x86_64 (20171011) (Optionsbleed)

Security Fixes : - A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child...

CentOS 7 : httpd (CESA-2017:2882) (Optionsbleed)

An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Oracle Linux 7 : httpd (ELSA-2017-2882)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-2882 advisory. 2.4.6-67.0.1.el74.5 - replace index.html with Oracle's index page oracleindex.html 2.4.6-67.5 - Resolves: 1493064 - CVE-2017-9798 httpd: Use-after-free by...

httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update

CentOS Errata and Security Advisory CESA-2017:2882 An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Moderate: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

httpd security update

2.4.6-67.0.1.el74.5 - replace index.html with Oracle's index page oracleindex.html 2.4.6-67.5 - Resolves: 1493064 - CVE-2017-9798 httpd: Use-after-free by limiting unregistered HTTP method...