163 matches found
Medium: httpd
Issue Overview: By specially crafting HTTP requests, the modmd challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 Affected 2.4.33. CVE-2018-8011 Affected Packages: httpd Note: This...
openSUSE Security Update : apache2 (openSUSE-2018-907)
This update for apache2 fixes the following issues : The following security vulnerabilities were fixed : - CVE-2018-1333: Fixed a worker exhaustion that could have lead to a denial of service via specially crafted HTTP/2 requests bsc1101689. - CVE-2018-8011: Fixed a NULL pointer dereference in...
Apache 2.4.x < 2.4.34 Multiple Vulnerabilities
According to its banner, the version of Apache running on the remote host is 2.4.x prior to 2.4.34. It is, therefore, affected by the following vulnerabilities: - By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a...
Security fix for the ALT Linux 9 package apache2 version 1:2.4.34-alt1
July 31, 2018 Anton Farygin 1:2.4.34-alt1 - 2.4.34 - fixes: CVE-2018-1333 DoS for HTTP/2 connections by crafted requests CVE-2018-8011 modmd, DoS via Coredumps on specially crafted requests...
Security fix for the ALT Linux 8 package apache2 version 1:2.4.34-alt1
July 31, 2018 Anton Farygin 1:2.4.34-alt1 - 2.4.34 - fixes: CVE-2018-1333 DoS for HTTP/2 connections by crafted requests CVE-2018-8011 modmd, DoS via Coredumps on specially crafted requests...
Security fix for the ALT Linux 10 package apache2 version 1:2.4.34-alt1
July 31, 2018 Anton Farygin 1:2.4.34-alt1 - 2.4.34 - fixes: CVE-2018-1333 DoS for HTTP/2 connections by crafted requests CVE-2018-8011 modmd, DoS via Coredumps on specially crafted requests...
Fedora 27 : httpd (2018-c3dc008c54)
This update includes the latest upstream release, httpd 2.4.34, with multiple bug fixes and enhancements. See http://www.apache.org/dist/httpd/CHANGES2.4.34 for more information on the changes in this version. A security vulnerability is addressed in this update : - modmd: DoS via Coredumps on...
CVE-2018-8011
By specially crafting HTTP requests, the modmd challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 Affected 2.4.33...
Apache HTTP Server 'mod_md' Denial of Service Vulnerability - Windows
Apache HTTP Server is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
FreeBSD : Apache httpd -- multiple vulnerabilities (8b1a50ab-8a8e-11e8-add2-b499baebfeaf)
The Apache project reports : - DoS for HTTP/2 connections by crafted requests CVE-2018-1333. By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service. low - modmd, DoS via Coredumps on specially crafte...
[ASA-201807-12] apache: denial of service
Arch Linux Security Advisory ASA-201807-12 ========================================== Severity: Medium Date : 2018-07-20 CVE-ID : CVE-2018-1333 CVE-2018-8011 Package : apache Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-736 Summary ======= The package apache...
[slackware-security] httpd
New httpd packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/httpd-2.4.34-i586-1slack14.2.txz: Upgraded. This update fixes two denial of service issues: modmd: DoS via Coredumps on...
CVE-2018-8011
By specially crafting HTTP requests, the modmd challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 Affected 2.4.33...
UBUNTU-CVE-2018-8011
By specially crafting HTTP requests, the modmd challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 Affected 2.4.33...
Null pointer dereference
By specially crafting HTTP requests, the modmd challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 Affected 2.4.33...
ALPINE-CVE-2018-8011
By specially crafting HTTP requests, the modmd challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 Affected 2.4.33...
CVE-2018-8011
By specially crafting HTTP requests, the modmd challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 Affected 2.4.33...
CVE-2018-8011
By specially crafting HTTP requests, the modmd challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 Affected 2.4.33...
CVE-2018-8011
CVE-2018-8011 affects the Apache httpd mod_md component. By sending specially crafted HTTP requests, the mod_md challenge handler could dereference a NULL pointer and cause the child process to segfault, enabling a denial of service. Impact: DoS via crafted requests; affected version: 2.4.33, fix...
CVE-2018-8011
By specially crafting HTTP requests, the modmd challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 Affected 2.4.33...