Lucene search
K

22 matches found

Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.28 views

Oracle Linux 7 : httpd24-httpd (ELSA-2015-1666)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-1666 advisory. - core: fix chunk header parsing defect CVE-2015-3183 - core: replace of apsomeauthrequired with apsomeauthnrequired and apforceauthn hook CVE-2015-318...

5CVSS6.5AI score0.73327EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2016/02/05 12:0 a.m.44 views

Oracle: Security Advisory (ELSA-2015-1666)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.6AI score0.73327EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2016/02/04 12:0 a.m.130 views

httpd24-httpd security update

2.4.12-6.0.1.el7.1 - replace index.html with Oracles index page oracleindex.html - update vstring in specfile 2.4.12-6.1 - core: fix chunk header parsing defect CVE-2015-3183 - core: replace of apsomeauthrequired with apsomeauthnrequired and apforceauthn hook CVE-2015-3185 - core: fix pointer...

5CVSS0.7AI score0.73327EPSS
Exploits0
F5 Networks
F5 Networks
added 2015/08/20 12:0 a.m.83 views

SOL17157 - Apache HTTP server vulnerability CVE-2015-0228

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...

5CVSS0.4AI score0.18812EPSS
Exploits0References5
Amazon
Amazon
added 2015/08/17 12:0 a.m.67 views

Medium: httpd24

Issue Overview: It was discovered that in httpd 2.4, the internal API function apsomeauthrequired could incorrectly indicate that a request was authenticated even when no authentication was used. An httpd module using this API function could consequently allow access that should have been denied...

5CVSS7.1AI score0.73327EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/07/30 12:0 a.m.46 views

Fedora 21 : httpd-2.4.16-1.fc21 (2015-11792)

Update to new version 2.4.16. This update fixed various bugs as well as few security issues. For full changelog, see http://www.apache.org/dist/httpd/CHANGES2.4.16 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...

5CVSS6.3AI score0.73327EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2015/07/30 12:0 a.m.25 views

Fedora Update for httpd FEDORA-2015-11792

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.7AI score0.73327EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2015/07/22 12:0 a.m.54 views

Fedora 22 : httpd-2.4.16-1.fc22 (2015-11689)

Update to new version 2.4.16. This update fixed various bugs as well as few security issues. For full changelog, see http://www.apache.org/dist/httpd/CHANGES2.4.16 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...

5CVSS6.3AI score0.73327EPSS
Exploits0References10
Kaspersky
Kaspersky
added 2015/07/21 12:0 a.m.174 views

KLA10640 Multiple vulnerabilities in Apache HTTP Server

Multiple serious vulnerabilities have been found in Apache HTTP Server. Malicious users can exploit these vulnerabilities to cause a denial of service. Below is a complete list of vulnerabilities 1. Stack recursion crash in the modlua module in the luarequest.c file in luawebsocketread function c...

5CVSS7AI score0.73327EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/07/20 12:0 a.m.46 views

Slackware 14.0 / 14.1 / current : httpd (SSA:2015-198-01)

New httpd packages are available for Slackware 14.0, 14.1, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2015-198-01. The text itself is copyright C...

5CVSS6.6AI score0.73327EPSS
Exploits0References5
securityvulns
securityvulns
added 2015/07/20 12:0 a.m.486 views

[slackware-security] httpd (SSA:2015-198-01)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security httpd SSA:2015-198-01 New httpd packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+...

5CVSS6.2AI score0.73327EPSS
Exploits0
Slackware Linux
Slackware Linux
added 2015/07/17 8:25 p.m.51 views

[slackware-security] httpd

New httpd packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/httpd-2.4.16-i486-1slack14.1.txz: Upgraded. This update fixes the following security issues: CVE-2015-0253: Fix a crash with...

5CVSS7.6AI score0.73327EPSS
Exploits0
ArchLinux
ArchLinux
added 2015/07/17 12:0 a.m.58 views

apache: multiple issues

CVE-2015-0228 denial of service: modlua: A maliciously crafted websockets PING after a script calls r:wsupgrade can cause a child process crash. - CVE-2015-0253 denial of service: Fix a crash with ErrorDocument 400 pointing to a local URL-path with the INCLUDES filter active, introduced in...

5CVSS0.7AI score0.73327EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2015/07/16 12:0 a.m.30 views

FreeBSD : apache24 -- multiple vulnerabilities (a12494c1-2af4-11e5-86ff-14dae9d210b8)

Jim Jagielski reports : CVE-2015-3183 cve.mitre.org core: Fix chunk header parsing defect. Remove aprbrigadeflatten, buffering and duplicated code from the HTTPIN filter, parse chunks in a single pass with zero copy. Limit accepted chunk-size to 2^63-1 and be strict about chunk-ext authorized...

5CVSS6.4AI score0.73327EPSS
Exploits0References6
securityvulns
securityvulns
added 2015/03/15 12:0 a.m.828 views

[USN-2523-1] Apache HTTP Server vulnerabilities

========================================================================== Ubuntu Security Notice USN-2523-1 March 10, 2015 apache2 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

5CVSS1.2AI score0.60205EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2015/03/11 12:0 a.m.51 views

Ubuntu 14.04 LTS : Apache HTTP Server vulnerabilities (USN-2523-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2523-1 advisory. Martin Holst Swende discovered that the modheaders module allowed HTTP trailers to replace HTTP headers during request processing. A remote attacker coul...

5CVSS6.6AI score0.60205EPSS
Exploits2References6
OpenVAS
OpenVAS
added 2015/03/11 12:0 a.m.59 views

Ubuntu: Security Advisory (USN-2523-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6AI score0.60205EPSS
Exploits2References2
OSV
OSV
added 2015/03/08 2:59 a.m.1 views

BELL-CVE-2015-0228 CVE-2015-0228 does not affect BellSoft software

Bulletin has no description...

5CVSS7.3AI score0.18812EPSS
Exploits0References1
CVE
CVE
added 2015/03/08 2:0 a.m.738 views

CVE-2015-0228

Apache HTTP Server mod_lua contains a Denial of Service vulnerability in lua_websocket_read (lua_request.c) affecting versions up to 2.4.12. A remote attacker can crash a child process by sending a crafted WebSocket Ping frame after a Lua script has invoked wsupgrade. The provided documents confi...

5CVSS8.8AI score0.18812EPSS
Exploits0References28Affected Software1
Debian CVE
Debian CVE
added 2015/03/08 2:0 a.m.46 views

CVE-2015-0228

The luawebsocketread function in luarequest.c in the modlua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service child-process crash by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function...

5CVSS7.3AI score0.18812EPSS
Exploits0
Rows per page
Query Builder