Security Bulletin: IBM InfoSphere Balanced Warehouse C3000, C4000, IBM Smart Analytics System 1050, and 2050 are affected by the following Apache Tomcat vulnerabilities: CVE-2014-0098 and CVE-2013-6438

Summary The IBM InfoSphere Balanced Warehouse C3000 and C4000 for Windows and IBM Smart Analytics System 1050 and 2050 for Windows ship with Apache HTTP Server which contains known security vulnerabilities. Vulnerability Details CVE-ID: CVE-2014-0098 DESCRIPTION: Apache HTTP Server is vulnerable ...

Security Bulletin: IBM API Connect is affected by an Apache HTTP Server vulnerability (CVE-2014-0226)

Summary IBM API Connect has addressed the following vulnerability. Apache HTTP Server is vulnerable to a heap-based buffer overflow, caused by a race condition in the modstatus module when handling the scoreboard. By sending a specially-crafted request, a remote attacker could overflow a buffer a...

Security Bulletin: Multiple vulnerabilities in Apache HTTP Server affect IBM API Connect (CVE-2017-7668, CVE-2017-7679)

Summary IBM API Connect has addressed Apache HTTPD vulnerabilities involving access to sensitive information and potential denial of service. Vulnerability Details CVEID: CVE-2017-7679 DESCRIPTION: Apache HTTPD could allow a remote attacker to obtain sensitive information, caused by a buffer...

Security Bulletin: Open Source Apache HTTP Server Vulnerabilities which is used by IBM PureApplication Systems (CVE-2017-7679 CVE-2017-3169 CVE-2017-3167)

Summary A vulnerability in Open Source Apache HTTP Server affects the PureSystems® Managers used by IBM PureApplication System. Vulnerability Details CVEID: CVE-2017-7679 DESCRIPTION: Apache HTTPD could allow a remote attacker to obtain sensitive information, caused by a buffer overread in modmim...

Security Bulletin: Open Source Apache HTTP Server Vulnerabilities which is used by IBM PureApplication Systems (CVE-2016-0736 CVE-2016-2161 CVE-2016-8743)

Summary A vulnerability in Open Source Apache HTTP Server affects the PureSystems® Managers used by IBM PureApplication System. Vulnerability Details CVEID: CVE-2016-0736 DESCRIPTION: Apache HTTPD could allow a remote attacker to obtain sensitive information, caused by an error in modsessioncrypt...

Security Bulletin: Open Source Apache HTTP Server Vulnerabilities which is used by IBM PureApplication Systems (CVE-2017-7668)

Summary A vulnerability in Open Source Apache HTTP Server affects the PureSystems® Managers used by IBM PureApplication System. Vulnerability Details CVEID: CVE-2017-7668 DESCRIPTION: Apache HTTPD is vulnerable to a denial of service, caused by a buffer overread in the apfindtoken function. By...

Security Bulletin: API Connect is affected by an Apache HTTP Server vulnerability (CVE-2011-3192)

Summary API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2011-3192 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service, caused by an error in the ByteRange filter when processing malicious requests. By sending a specially-crafted HTTP reques...

Security Bulletin: Multiple Security Vulnerabilities fixed in IBM WebSphere Application Server 8.0.0.12

Summary Cross reference list for security vulnerabilites fixed in IBM WebSphere Application Server, IBM WebSphere Application Server Hypervisor, WebSphere Application Server Liberty Profile and IBM HTTP Server. Vulnerability Details CVEID: CVE-2015-1936 DESCRIPTION: IBM WebSphere Application Serv...

Security Bulletin: Vulnerabilities in Bash affect IBM Workload Deployer (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)

Summary Bash is available in Red Hat Linux virtual machine images that can be deployed by using IBM Workload Deployer. Six Bash vulnerabilities were disclosed in September 2014. This bulletin addresses the vulnerabilities that have been referred to as “Bash Bug” or “Shellshock” and two memory...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

Fedora 26 : httpd (2018-e6d9251471)

This update : - fixes the modmd default store directory - fixes a startup failure in certain modssl vhost configurations ---- This update includes the latest upstream release of the Apache HTTP Server, version 2.4.33. A number of security vulnerabilities are fixed in this release : - Low: Possibl...

[SECURITY] Fedora 26 Update: httpd-2.4.33-4.fc26

The Apache HTTP Server is a powerful, efficient, and extensible web server...

Ubuntu: Security Advisory (USN-3627-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 28 Update: php-7.2.5-1.fc28

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

Moderate: Red Hat Security Advisory: rh-php70-php security, bug fix, and enhancement update

An update for rh-php70-php is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Ubuntu 18.04 LTS : Apache HTTP Server vulnerabilities (USN-3627-2)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3627-2 advisory. USN-3627-1 fixed vulnerabilities in Apache HTTP Server. This update provides the corresponding updates for Ubuntu 18.04 LTS. Tenable has extracted the...

USN-3627-2: Apache HTTP Server vulnerabilities

USN-3627-1 fixed vulnerabilities in Apache HTTP Server. This update provides the corresponding updates for Ubuntu 18.04 LTS. Original advisory details: Alex Nichols and Jakob Hirsch discovered that the Apache HTTP Server modauthnzldap module incorrectly handled missing charset encoding headers. A...

RHEL 6 / 7 : apr (RHSA-2018:1253)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1253 advisory. The Apache Portable Runtime APR is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data...

Ubuntu 14.04 LTS / 16.04 LTS : Apache HTTP Server vulnerabilities (USN-3627-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3627-1 advisory. Alex Nichols and Jakob Hirsch discovered that the Apache HTTP Server modauthnzldap module incorrectly handled missing charset encoding header...

Ubuntu: Security Advisory (USN-3627-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...