Lucene search
K

19 matches found

F5 Networks
F5 Networks
added 2022/12/16 7:36 p.m.101 views

K16847: Apache vulnerabilities CVE-2014-8109, CVE-2014-3581, CVE-2014-3583

Security Advisory Description Description CVE-2014-8109 modlua.c in the modlua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which...

5CVSS6.2AI score0.22016EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.31 views

Slackware: Security Advisory (SSA:2015-111-03)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.4AI score0.60205EPSS
Exploits2References2
Hacker One
Hacker One
added 2016/05/18 4:33 p.m.54 views

Open-Xchange: Outdated Apache Server in www.dovecot.fi is vulnerable to various attack.

Apache HTTP Server NULL Pointer Dereference Vulnerability CVE 2014-3581. Apache HTTP Server 2.4.10 and earlier is prone to a vulnerability, which can be exploited to cause a DoS Denial of Service. The vulnerability exists because the application contains flaw in the cachemergeheadersout function...

5CVSS6.6AI score0.22016EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/10/02 12:0 a.m.35 views

RHEL 6 : mod_proxy_fcgi (RHSA-2015:1855)

An updated modproxyfcgi package that fixes one security issue is now available for Red Hat Ceph Storage 1.2 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

5CVSS7.5AI score0.10783EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2015/10/01 8:25 p.m.33 views

Low: Red Hat Security Advisory: mod_proxy_fcgi security update

An updated modproxyfcgi package that fixes one security issue is now available for Red Hat Ceph Storage 1.2 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

5CVSS7.2AI score0.10783EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.45 views

Amazon Linux: Security Advisory (ALAS-2015-483)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6AI score0.60205EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2015/07/30 12:0 a.m.25 views

Fedora Update for httpd FEDORA-2015-11792

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.7AI score0.73327EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2015/06/09 12:0 a.m.27 views

Fedora Update for httpd FEDORA-2015-9216

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS5.9AI score0.60205EPSS
Exploits2References2
Slackware Linux
Slackware Linux
added 2015/04/22 1:20 a.m.42 views

[slackware-security] httpd

New httpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/httpd-2.4.12-i486-1slack14.1.txz: Upgraded. This update fixes the following security issues: CVE-2014-3583...

5CVSS6.5AI score0.60205EPSS
Exploits2
OpenVAS
OpenVAS
added 2015/03/16 12:0 a.m.36 views

Fedora Update for httpd FEDORA-2014-17195

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS5.9AI score0.60205EPSS
Exploits2References2
securityvulns
securityvulns
added 2015/03/15 12:0 a.m.825 views

[USN-2523-1] Apache HTTP Server vulnerabilities

========================================================================== Ubuntu Security Notice USN-2523-1 March 10, 2015 apache2 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

5CVSS1.2AI score0.60205EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2015/03/11 12:0 a.m.51 views

Ubuntu 14.04 LTS : Apache HTTP Server vulnerabilities (USN-2523-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2523-1 advisory. Martin Holst Swende discovered that the modheaders module allowed HTTP trailers to replace HTTP headers during request processing. A remote attacker coul...

5CVSS6.6AI score0.60205EPSS
Exploits2References6
OpenVAS
OpenVAS
added 2015/03/11 12:0 a.m.59 views

Ubuntu: Security Advisory (USN-2523-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6AI score0.60205EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2015/03/02 12:0 a.m.55 views

Fedora 20 : httpd-2.4.10-2.fc20 (2014-17153)

core: fix bypassing of modheaders rules via chunked requests CVE-2013-5704 - modcache: fix NULL pointer dereference on empty Content-Type CVE-2014-3581 - modproxyfcgi: fix a potential crash with long headers CVE-2014-3583 - modlua: fix handling of the Require line when a LuaAuthzProvider is used...

5CVSS6.3AI score0.60205EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2015/03/01 12:0 a.m.38 views

Fedora Update for httpd FEDORA-2014-17153

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS5.9AI score0.60205EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2015/02/13 12:0 a.m.53 views

Amazon Linux AMI : httpd24 (ALAS-2015-483)

modlua.c in the modlua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intended access...

5CVSS6.2AI score0.60205EPSS
Exploits2References5
Amazon
Amazon
added 2015/02/12 12:0 a.m.56 views

Low: httpd24

Issue Overview: modlua.c in the modlua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intended...

5CVSS6.7AI score0.60205EPSS
Exploits2
CVE
CVE
added 2014/12/15 5:27 p.m.709 views

CVE-2014-3583

CVE-2014-3583 affects Apache HTTP Server 2.4.10 and earlier, where the handle_headers function in mod_proxy_fcgi.c can be triggered by long response headers to cause a denial of service (buffer over-read and daemon crash). The vulnerability stems from the proxy/Fcgi header handling in mod_proxy_f...

5CVSS8AI score0.10783EPSS
Exploits0References26Affected Software2
UbuntuCve
UbuntuCve
added 2014/12/15 12:0 a.m.32 views

CVE-2014-3583

The handleheaders function in modproxyfcgi.c in the modproxyfcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service buffer over-read and daemon crash via long response headers...

5CVSS7.1AI score0.10783EPSS
Exploits0References2
Rows per page
Query Builder