USN-5839-1: Apache HTTP Server vulnerabilities

It was discovered that the Apache HTTP Server moddav module incorrectly handled certain If: request headers. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. CVE-2006-20001 ZeddYuLu discovered that the Apache HTTP Server modproxyajp...

Ubuntu: Security Advisory (USN-5834-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Apache HTTP Server vulnerabilities (USN-5839-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5839-1 advisory. It was discovered that the Apache HTTP Server moddav module incorrectly handled certain If: request headers. A remote attacker...

USN-5834-1: Apache HTTP Server vulnerabilities

It was discovered that the Apache HTTP Server moddav module did not properly handle specially crafted request headers. A remote attacker could possibly use this issue to cause the process to crash, leading to a denial of service. CVE-2006-20001 It was discovered that the Apache HTTP Server...

Ubuntu 16.04 ESM : Apache HTTP Server vulnerabilities (USN-5834-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5834-1 advisory. It was discovered that the Apache HTTP Server moddav module did not properly handle specially crafted request headers. A remote attacker could possibly u...

CLSA-2023-1675111607 httpd: Fix of CVE-2022-36760

CVE-2022-36760: modproxyajp: fix possible HTTP request smuggling...

EulerOS Virtualization 3.0.2.2 : httpd (EulerOS-SA-2023-1260)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is...

Fedora: Security Advisory for httpd (FEDORA-2023-f6ff3f85eb)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

PT-2023-2262 · Apache +10 · Apache Http Server +10

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.4.30 through 2.4.55 uWSGI PyPI package versions prior to 2.0.22 Description: The issue is related to HTTP Response Smuggling vulnerability in Apache HTTP Server via mod proxy uwsgi. Special characters in the orig...

[SECURITY] Fedora 37 Update: httpd-2.4.55-1.fc37

The Apache HTTP Server is a powerful, efficient, and extensible web server...

Fedora 37 : httpd (2023-f6ff3f85eb)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-f6ff3f85eb advisory. - new version 2.4.55 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not test...

SUSE SLES12 Security Update : apache2 (SUSE-SU-2023:0183-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0183-1 advisory. - A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location...

Rocky Linux 9 : httpd (RLSA-2022:8067)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:8067 advisory. - Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded- headers to the origin server based on client side Connection header hop-by-hop...

K21192332: Apache HTTP Server vulnerability CVE-2022-31813

Security Advisory Description Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded- headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application. CVE-2022-31813 Impact An...

Oracle HTTP Server (Jan 2023 CPU)

The version of Oracle HTTP Server installed on the remote host are affected by multiple vulnerabilities as referenced in the Jan 2023 CPU advisory. - Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware component: Centralized Thirdparty Jars Expat. The supported version tha...

Oracle Enterprise Manager Ops Center UCE Patches (Oct 2021 CPU)

The 12.4.0.0 versions of Enterprise Manager Ops Center installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2021 CPU advisory. - Vulnerability in the Enterprise Manager Ops Center product of Oracle Enterprise Manager component: Networking Apache HTTP...

Oracle Enterprise Manager Ops Center UCE Patches (Jan 2023 CPU)

The 12.4.0.0 versions of Enterprise Manager Ops Center installed on the remote host are affected by a vulnerability as referenced in the January 2023 CPU advisory. - Vulnerability in the Enterprise Manager Ops Center product of Oracle Enterprise Manager component: Update Provisioning Apache HTTP...

Vulnerabilities fixed in Apache web server

Apache has fixed vulnerabilities in Apache HTTP Server. The vulnerabilities potentially allow a malicious party to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Apache has released updates to fix the...

Apache HTTP Server < 2.4.55 Multiple Vulnerabilities - Windows

Apache HTTP Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:httpserver"; if...

FreeBSD : Apache httpd -- Multiple vulnerabilities (00919005-96a3-11ed-86e9-d4c9ef517024)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 00919005-96a3-11ed-86e9-d4c9ef517024 advisory. - A carefully crafted If: request header can cause a memory read, or write of a single zero...