45 matches found
Oracle Linux 7 : httpd24-httpd (ELSA-2015-1666)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-1666 advisory. - core: fix chunk header parsing defect CVE-2015-3183 - core: replace of apsomeauthrequired with apsomeauthnrequired and apforceauthn hook CVE-2015-318...
K17236: Apache HTTP server vulnerability CVE-2015-3185
Security Advisory Description The apsomeauthrequired function in server/request.c in the Apache HTTP Server 2.4.x before 2.4.14 does not consider that a Require directive may be associated with an authorization setting rather than an authentication setting, which allows remote attackers to bypass...
SUSE: Security Advisory (SUSE-SU-2015:1851-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-1419)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerabilities in the Apache HTTP Server affect PowerKVM (CVE-2015-3183,CVE-2015-3185)
Summary PowerKVM is affected by vulnerabilities in the Apache HTTP Server httpd. These vulnerabilities are now fixed. Vulnerability Details CVEID: CVE-2015-3183 DESCRIPTION: Apache HTTP Server is vulnerable to HTTP request smuggling, caused by a chunk header parsing flaw in the aprbrigadeflatten...
RHEL 6 : Red Hat JBoss Core Services (RHSA-2017:2710)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2710 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP...
RHEL 7 : Red Hat JBoss Core Services (RHSA-2017:2709)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2709 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP...
Important: Red Hat Security Advisory: Red Hat JBoss Core Services security update
An update is now available for JBoss Core Services on Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat JBoss Core Services security update
An update is now available for JBoss Core Services on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat JBoss Core Services security update
An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...
Oracle: Security Advisory (ELSA-2015-1666)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
httpd24-httpd security update
2.4.12-6.0.1.el7.1 - replace index.html with Oracles index page oracleindex.html - update vstring in specfile 2.4.12-6.1 - core: fix chunk header parsing defect CVE-2015-3183 - core: replace of apsomeauthrequired with apsomeauthnrequired and apforceauthn hook CVE-2015-3185 - core: fix pointer...
Oracle: Security Advisory (ELSA-2015-1667)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : apache2 (openSUSE-2015-635) (Logjam)
Apache2 was updated to fix security issues. - CVE-2015-3185: The apsomeauthrequired function in server/request.c in the Apache HTTP Server 2.4.x did not consider that a Require directive may be associated with an authorization setting rather than an authentication setting, which allows remote...
SOL17236 - Apache HTTP server vulnerability CVE-2015-3185
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL460...
CentOS Update for httpd CESA-2015:1667 centos7
Check the version of httpd SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882255";...
CentOS 7 : httpd (CESA-2015:1667)
Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for ea...
Oracle Linux 7 : httpd (ELSA-2015-1667)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-1667 advisory. - core: fix chunk header parsing defect CVE-2015-3183 Tenable has extracted the preceding description block directly from the Oracle Linux security...
Scientific Linux Security Update : httpd on SL7.x x86_64 (20150824)
Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP...
RedHat Update for httpd RHSA-2015:1667-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...