56 matches found
CVE-2019-11989
A security vulnerability in HPE IceWall SSO Agent Option and IceWall MFA Agent module could be exploited remotely to cause a denial of service. The versions and platforms of Agent Option modules that are impacted are as follows: 10.0 for Apache 2.2 on RHEL 5 and 6, 10.0 for Apache 2.4 on RHEL 7,...
Solaris 10 (sparc) : 152643-07
SunOS 5.10: Apache 2.4 Patch. Date this patch was last updated by Sun : Jul/15/19 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include"compat.inc"; if description scriptid126723; scriptversion"1.2"; scriptcvsdate"Date:...
CARPE (DIEM) Apache 2.4.x Local Privilege Escalation
?php CARPE DIEM: CVE-2019-0211 Apache Root Privilege Escalation Charles Fol @cfreal 2019-04-08 INFOS https://cfreal.github.io/carpe-diem-cve-2019-0211-apache-local-root.html USAGE 1. Upload exploit to Apache HTTP server 2. Send request to page 3. Await 6:25AM for logrotate to restart Apache 4...
Apache 2.4.x < 2.4.33 Multiple Vulnerabilities
According to its banner, the version of Apache running on the remote host is 2.4.x prior to 2.4.33. It is, therefore, affected by the following vulnerabilities: - An out-of-bounds write flaw exists within the derivecodepagefromlang function of the modules/aaa/modauthnzldap.c script due to imprope...
Apache 2.4.x < 2.4.3 Multiple Vulnerabilities
According to its banner, the version of Apache 2.4.x running on the remote host is prior 2.4.3. It is, therefore, affected by the following vulnerabilities : - An input validation error exists related to 'modnegotiation', 'Multiviews' and untrusted uploads that can allow cross-site scripting...
Solaris 10 (x86) : 152644-06
SunOS 5.10x86: Apache 2.4 Patch. Date this patch was last updated by Sun : Apr/16/18 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include"compat.inc"; if description scriptid109082; scriptversion"1.3"; scriptcvsdate"Date:...
Apache 2.4.x < 2.4.33 Multiple Vulnerabilities (deprecated)
This plugin has been deprecated due to apache2433.nasl plugin ID 122060 performing the same version check. Use apache2433.nasl plugin ID 122060 instead. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2019/10/21. Deprecated by apache2433.nasl plugin ID 122060. include"compat.inc"; if...
Solaris 10 (x86) : 152644-03
SunOS 5.10x86: Apache 2.4 Patch. Date this patch was last updated by Sun : Mar/09/17 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Solaris 10 (sparc) : 152643-05
SunOS 5.10: Apache 2.4 Patch. Date this patch was last updated by Sun : Sep/06/17 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Solaris 10 (x86) : 152644-05
SunOS 5.10x86: Apache 2.4 Patch. Date this patch was last updated by Sun : Sep/06/17 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Solaris 10 (sparc) : 152643-03
SunOS 5.10: Apache 2.4 Patch. Date this patch was last updated by Sun : Mar/09/17 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
CVE-2014-3250
The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4...
CVE-2014-3250
The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4...
Design/Logic Flaw
The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4...
UBUNTU-CVE-2014-3250
The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4...
CVE-2014-3250
The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4...
CVE-2014-3250
CVE-2014-3250 affects Puppet before 3.6.2. The issue is that the default vhost configuration file does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4. The availa...
CVE-2014-3250
The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4...
CVE-2014-3250
The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4...
Apache 2.4.x < 2.4.27 Multiple Vulnerabilities
According to its banner, the version of Apache running on the remote host is 2.4.x prior to 2.4.27. It is, therefore, affected by the following vulnerabilities : - A denial of service vulnerability exists in httpd due to a failure to initialize or reset the value placeholder in Proxy-Authorizatio...