Exploit for Path Traversal in Apache Http_Server

Mitigation-CVE-2021-41773- Shell Script to mitigate CVE-2021-4...

Oracle Enterprise Manager Ops Center (Jul 2022 CPU)

The 12.4.0.0 versions of Enterprise Manager Ops Center installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2022 CPU advisory. - Vulnerability in the Enterprise Manager Ops Center product of Oracle Enterprise Manager component: Networking Apache HTTP...

Security Bulletin: IBM Rational Build Forge is vulnerable to HTTP request smuggling due to use of Apache HTTP server CVE-2022-22720

Summary Apache HTTP server is used by IBM Rational Build Forge. This fix includes Apache Http Server 2.4.54 Vulnerability Details CVEID:CVE-2022-22720 DESCRIPTION: Apache HTTP Server is vulnerable to HTTP request smuggling, caused by the failure to close inbound connection when errors are...

Security Bulletin: IBM Rational Build Forge is vulnerable to disclosure of sensitive information due to use of Apache HTTP server (CVE-2022-28330).

Summary Apache HTTP server is used by IBM Rational Build Forge. This fix includes Apache Http Server 2.4.54 Vulnerability Details CVEID:CVE-2022-28330 DESCRIPTION: Apache HTTP Server could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to rea...

Amazon Linux 2 : httpd (ALAS-2022-1812)

The version of httpd installed on the remote host is prior to 2.4.54-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1812 advisory. An HTTP request smuggling vulnerability was found in the modproxyajp module of httpd. This flaw allows an attacker to smugg...

Zimbra Collaboration Server 8.8.x < 8.8.15 Patch 23 / 9.0.0 < 9.0.0 Patch 16 Multiple Vulnerabilities

According to its self-reported version number, Zimbra Collaboration Server is affected by a multiple vulnerabilities, including the following: - An open redirect vulnerability exists in the /preauth Servlet in Zimbra Collaboration Suite through 9.0. To exploit the vulnerability, an attacker would...

EulerOS Virtualization 2.10.1 : httpd (EulerOS-SA-2022-2053)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A crafted URI sent to httpd configured as a forward proxy ProxyRequests on can cause a crash NULL pointer dereference or, for...

Zimbra Collaboration Server 8.8.x < 8.8.15 Patch 31 / 9.0.0 < 9.0.0 Patch 24 Multiple Vulnerabilities

According to its self-reported version number, Zimbra Collaboration Server is affected by a multiple vulnerabilities, including the following: - A vulnerability that allows an unauthenticated attacker to inject arbitrary memcache commands into a targeted instance. These memcache commands becomes...

Security Bulletin: IBM Rational Build Forge is affected by Apache Http Server version used in it. (CVE-2022-22719)

Summary IBM Rational Build Forge is affected by the CVE-2022-22719 Vulnerability Details CVEID: CVE-2022-22719 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service. By using a specially crafted request body to read a random memory area, a remote attacker could exploit this...

Security Bulletin: IBM Rational Build Forge is affected by Apache HTTP Server version used in it. (CVE-2022-22721)

Summary IBM Rational Build Forge is affected by CVE-2022-22721. Vulnerability Details CVEID: CVE-2022-22721 DESCRIPTION: Apache HTTP Server is vulnerable to a buffer overflow, caused by an integer overflow. By sending an overly large LimitXMLRequestBody, a remote attacker could overflow a buffer...

PT-2022-6218 · Apache +10 · Apache Http Server +10

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.4.54 and prior versions Description: The issue is related to the inconsistent interpretation of HTTP requests, also known as 'HTTP Request Smuggling', in the mod proxy ajp module of the Apache HTTP Server. This...

SUSE SLED15 / SLES15 Security Update : apache2 (SUSE-SU-2022:2342-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2342-1 advisory. - Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache...

F5 Networks BIG-IP : Apache HTTP server vulnerability (K40582331)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.9 / 16.1.4 / 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K40582331 advisory. Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in...

Amazon Linux AMI : httpd24 (ALAS-2022-1607)

The version of httpd24 installed on the remote host is prior to 2.4.54-1.98. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1607 advisory. An HTTP request smuggling vulnerability was found in the modproxyajp module of httpd. This flaw allows an attacker to...

Fedora: Security Advisory for httpd (FEDORA-2022-b54a8dee29)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: httpd-2.4.54-1.fc35

The Apache HTTP Server is a powerful, efficient, and extensible web server...

F5 Networks BIG-IP : Apache HTTP server vulnerability (K58003591)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.9 / 16.1.4 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K58003591 advisory. - The aprwrite function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker ca...

CLSA-2022-1656958687 Fixed CVE-2022-31813 in httpd-39.module_el8.4.0+2066+54659116.1.tuxcare.els8

ELS-190: Fix undefined reference to PROXYSHOULDPING100CONTINUE in approxycreatehdrbrgd that occured in httpd-2.4.37-CVE-2022-31813.patch...

Important: Red Hat Security Advisory: rh-php73-php security and bug fix update

An update for rh-php73-php is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

[SECURITY] Fedora 36 Update: httpd-2.4.54-3.fc36

The Apache HTTP Server is a powerful, efficient, and extensible web server...