CVE-2023-25803

Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Versions prior to 6.3.5.0 have a directory traversal vulnerability that allows the inclusion of server-side files. This issue is fixed in version 6.3.5.0...

CVE-2023-25803

Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Versions prior to 6.3.5.0 have a directory traversal vulnerability that allows the inclusion of server-side files. This issue is fixed in version 6.3.5.0...

DLA-3359-1 libapache2-mod-auth-mellon - security update

Bulletin has no description...

[SECURITY] [DLA 3359-1] libapache2-mod-auth-mellon security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-3359-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta March 13, 2023 https://wiki.debian.org/LTS -...

[SECURITY] Fedora 37 Update: httpd-2.4.56-1.fc37

The Apache HTTP Server is a powerful, efficient, and extensible web server...

CVE-2023-26464

UNSUPPORTED WHEN ASSIGNED When using the Chainsaw or SocketAppender components with Log4j 1.x on JRE less than 1.7, an attacker that manages to cause a logging entry involving a specially-crafted ie, deeply nested hashmap or hashtable depending on which logging component is in use to be processed...

[slackware-security] httpd

New httpd packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/httpd-2.4.56-i586-1slack15.0.txz: Upgraded. This update fixes two security issues: HTTP Response Smuggling...

Apache 2.4.x < 2.4.56 Multiple Vulnerabilities

According to its banner, the version of Apache running on the remote host is 2.4.x prior to 2.4.56. It is, therefore, affected by multiple vulnerabilities: - Some modproxy configurations allow a HTTP Request Smuggling attack. CVE-2023-25690 - HTTP Response Smuggling vulnerability via modproxyuwsg...

Fedora 36 : perl-HTTP-Daemon (2023-c230cc08c4)

The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-c230cc08c4 advisory. 6.16 2023-02-24 03:07:14Z - Bump LWP::UserAgent to 6.37 in TestSuggests GH65 Olaf Alders 6.15 2023-02-22 22:02:46Z - Fix CVE-2022-31081: Inconsistent...

Debian: Security Advisory (DLA-240-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1970-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apache HTTP Server 2.4.30 - 2.4.55 HTTP Request Smuggling Vulnerability - Windows

Apache HTTP Server is prone to a HTTP request smuggling vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Apache HTTP Server 2.4.0 - 2.4.55 HTTP Request Smuggling Vulnerability - Linux

Apache HTTP Server is prone to a HTTP request smuggling vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Apache HTTP Server 2.4.0 - 2.4.55 HTTP Request Smuggling Vulnerability - Windows

Apache HTTP Server is prone to a HTTP request smuggling vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Debian: Security Advisory (DLA-520-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-2117-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-2035-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-27522

HTTP Response Smuggling vulnerability in Apache HTTP Server via modproxyuwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special characters in the origin response header can truncate/split the response forwarded to the client...

Fedora 37 : perl-HTTP-Daemon (2023-424636c7cb)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-424636c7cb advisory. 6.16 2023-02-24 03:07:14Z - Bump LWP::UserAgent to 6.37 in TestSuggests GH65 Olaf Alders ---- 6.15 2023-02-22 22:02:46Z Fix CVE-2022-31081: Inconsistent...

[SECURITY] [DLA 3351-1] apache2 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3351-1 [email protected] https://www.debian.org/lts/security/ Lee Garrett March 03, 2023 https://wiki.debian.org/LTS -...