Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.7 views

MiracleLinux 4 : httpd24-httpd-2.4.25-9.AXS4.1 (AXSA:2017-2175:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2175:02 advisory. It was discovered that the httpd's modauthdigest module did not properly initialize memory before using it when processing certain headers related t...

9.8CVSS7.3AI score0.57472EPSS
Exploits4References7
RedhatCVE
RedhatCVE
added 2019/10/08 10:48 a.m.49 views

CVE-2017-7668

A buffer over-read flaw was found in the httpd's apfindtoken function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request...

7.5CVSS1.7AI score0.57472EPSS
Exploits1References2
Check Point Advisories
Check Point Advisories
added 2018/07/03 12:0 a.m.14 views

Apache httpd ap_find_token Out of Bounds Read - Ver2 (CVE-2017-7668)

An out-of-bounds read vulnerability exists in Apache HTTP server. This vulnerability is due to improper token list parsing in the apfindtoken function. A remote, unauthenticated attacker could exploit the vulnerability by sending maliciously crafted HTTP request to the affected server...

5CVSS2.7AI score0.57472EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2017/11/13 5:36 p.m.5 views

httpd: ap_find_token() buffer overread

A buffer over-read flaw was found in the httpd's apfindtoken function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request...

7.5CVSS7.5AI score0.57472EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2017/09/22 12:0 a.m.6 views

The vulnerability of the ap_find_token function in the Apache HTTP Server allows a hacker to trigger a segmentation fault.

The vulnerability of the apfindtoken function in the Apache HTTP Server exists due to insufficient validation of input data during the analysis of the token list. Exploiting this vulnerability can allow a malicious actor to trigger a segmentation fault or cause the apfindtoken function to return ...

9.8CVSS7.4AI score0.57472EPSS
Exploits1References5Affected Software3
Broadcom
Broadcom
added 2017/08/25 12:0 a.m.6 views

BSA-2017-364

Security Advisory ID : BSA-2017-364 Component : Apache HTTPD Revision : 2.0: Final The HTTP strict parsing changes added in Apachehttpd2.2.32 and 2.4.24 introduced a bug in token list parsing, which allowsapfindtokento search past the end of its input string. By maliciously crafting a sequence of...

7.5CVSS9.1AI score0.57472EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2017/08/22 12:0 a.m.286 views

Scientific Linux Security Update : httpd on SL7.x x86_64 (20170815)

Security Fixes : - It was discovered that the httpd's modauthdigest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause htt...

9.8CVSS7AI score0.57472EPSS
Exploits4References6
RedHat Linux
RedHat Linux
added 2017/08/15 6:23 p.m.7 views

httpd: ap_find_token() buffer overread

A buffer over-read flaw was found in the httpd's apfindtoken function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request...

7.5CVSS7.5AI score0.57472EPSS
Exploits1References6
Check Point Advisories
Check Point Advisories
added 2017/07/31 12:0 a.m.15 views

Apache httpd ap_find_token Out of Bounds Read (CVE-2017-7668)

An out-of-bounds read vulnerability exists in Apache HTTP server. This vulnerability is due to improper token list parsing in the apfindtoken function. A remote, unauthenticated attacker could exploit the vulnerability by sending maliciously crafted HTTP request to the affected server...

5CVSS2.7AI score0.57472EPSS
Exploits1
OSV
OSV
added 2017/06/20 1:29 a.m.3 views

ALPINE-CVE-2017-7668

The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows apfindtoken to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to...

7.5CVSS6.9AI score0.57472EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2017/06/20 12:0 a.m.122 views

Apache httpd -- several vulnerabilities

The Apache httpd project reports: apgetbasicauthpw Authentication Bypass CVE-2017-3167: Use of the apgetbasicauthpw by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. modssl Null Pointer Dereference CVE-2017-3169:modssl may dereferen...

9.8CVSS9.3AI score0.57472EPSS
Exploits4References2
OSV
OSV
added 2017/06/19 12:0 a.m.5 views

UBUNTU-CVE-2017-7668

The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows apfindtoken to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to...

9.8CVSS7.1AI score0.57472EPSS
Exploits1References5
Apache Httpd
Apache Httpd
added 2017/05/06 12:0 a.m.107 views

Apache Httpd < 2.4.26 : ap_find_token() Buffer Overread

The HTTP strict parsing changes added in 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows apfindtoken to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force...

7.5CVSS2AI score0.57472EPSS
Exploits1Affected Software1
Rows per page
Query Builder