IBM HTTP Server 8.5.0.0 <= 8.5.5.0 / 8.0.0.0 <= 8.0.0.6 / 7.0.0.0 <= 7.0.0.29 / 6.1.0.0 <= 6.1.0.45 (491411)

The version of IBM HTTP Server running on the remote host is affected by a vulnerability. modrewrite.c in the modrewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non- printable characters, which might allow remote attackers to execute...

IBM HTTP Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 < 8.5.5.18 / 9.0.0.0 < 9.0.5.4 Multiple Vulnerabilities (6191631)

The version of IBM HTTP Server running on the remote host is affected by multiple vulnerabilities related to Apache HTTP Server, as follows: - In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded newlines...

IBM HTTP Server 9.0.0.0 < 9.0.0.11 Security Bypass (869064)

The version of IBM HTTP Server running on the remote host is affected by a vulnerability related to Apache HTTP Server. In Apache HTTP Server 2.4 release 2.4.37 and prior, modsession checks the session expiry time before decoding the session. This causes session expiry time to be ignored for...

Moderate: Red Hat Bug Fix Advisory: httpd24 bug fix and enhancement update

Updated httpd24 packages are now available as a part of Red Hat Software Collections for Red Hat Enterprise Linux. The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of version 2.4 of the Apache HTTP Server, along with...

Moderate: Red Hat Security Advisory: rh-php73-php security, bug fix, and enhancement update

An update for rh-php73-php is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Amazon Linux 2 : httpd (ALAS-2020-1490)

The version of httpd installed on the remote host is prior to 2.4.46-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1490 advisory. Apache HTTP server 2.4.32 to 2.4.44 modproxyuwsgi info disclosure and possible RCE A flaw was found in Apache httpd in...

RHEL 8 : mod_auth_mellon (RHSA-2020:1660)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1660 advisory. The modauthmellon module for the Apache HTTP Server is an authentication service that implements the SAML 2.0 federation protocol. The module grants...

Oracle Linux 8 : httpd:2.4 (ELSA-2020-4751)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4751 advisory. - Resolves: 1823263 CVE-2020-1934 - CVE-2020-1934 httpd: modproxyftp use of uninitialized value - Resolves: 1823259 - CVE-2020-1927 httpd:2.4/httpd:...

Apache HTTP Server Site Enumeration

Binary data apachehttpserverenumsites.nbin...

RLSA-2020:4751 Moderate: httpd:2.4 security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. The following packages have been upgraded to a later upstream version: modhttp2 1.15.7. BZ1814236 Security Fixes: httpd: memory corruption on early pushes CVE-2019-10081 httpd: read-after-free in ...

ALSA-2020:4751 Moderate: httpd:2.4 security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. The following packages have been upgraded to a later upstream version: modhttp2 1.15.7. BZ1814236 Security Fixes: httpd: memory corruption on early pushes CVE-2019-10081 httpd: read-after-free in ...

httpd:2.4 security, bug fix, and enhancement update

An update is available for modmd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful, efficient, and...

Moderate: httpd:2.4 security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. The following packages have been upgraded to a later upstream version: modhttp2 1.15.7. BZ1814236 Security Fixes: httpd: memory corruption on early pushes CVE-2019-10081 httpd: read-after-free in ...

Oracle Fusion Middleware Oracle HTTP Server (Oct 2020 CPU)

The version of Oracle HTTP Server installed on the remote host is affected by the following vulnerabilities as referenced in the October 2020 CPU advisory: - A denial of service DoS vulnerability exists in the SSL Module OpenSSL. An unauthenticated, remote attacker with network access via HTTPS,...

Moderate: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP5 security update

Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.37 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of...

Moderate: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP5 security update

Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 5 zip release for RHEL 6, RHEL 7, RHEL 8 and Microsoft Windows is available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which give...

Security Bulletin: Rational Build Forge security advisory for Apache HTTP Server

Summary There are multiple vulnerabilities in Apache HTTP Server affecting IBM Rational Build Forge. Vulnerability Details CVEID: CVE-2020-11984 DESCRIPTION: Apache HTTP Server is vulnerable to a buffer overflow, caused by improper bounds checking by the modproxyuwsgi module. By sending a...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2020-2224)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.2 : httpd (EulerOS-SA-2020-2224)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with modrewrite that were intended to be self-referential might be...

mod_auth_openidc security update

CentOS Errata and Security Advisory CESA-2020:3970 An update for modauthopenidc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...