K32071141: Apache mod_http2 vulnerability CVE-2016-8740

Security Advisory Description The modhttp2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service memory consumption via crafted CONTINUATION...

Slackware: Security Advisory (SSA:2016-358-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:0203-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 6 : Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 for RHEL 6 (Important) (RHSA-2017:1414)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:1414 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP...

RHEL 7 : JBoss Core Services (RHSA-2017:1413)

An update is now available for Red Hat JBoss Core Services on RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Apple Mac OS X Multiple Code Execution Vulnerabilities (HT208221)

Apple Mac OS X is prone to multiple code execution vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 for RHEL 6

An update is now available for Red Hat JBoss Core Services on RHEL 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Security fix for the ALT Linux 9 package apache2 version 1:2.4.25-alt1

May 18, 2017 Anton Farygin 1:2.4.25-alt1 - updated to 2.4.25 witch security fixes: + CVE-2016-8740 modhttp2: Mitigate DoS memory exhaustion via endless CONTINUATION frames. + CVE-2016-5387 core: Mitigate fcgi "httpoxy" issues + CVE-2016-2161 modauthdigest: Prevent segfaults during client entry...

Security fix for the ALT Linux 10 package apache2 version 1:2.4.25-alt1

May 18, 2017 Anton Farygin 1:2.4.25-alt1 - updated to 2.4.25 witch security fixes: + CVE-2016-8740 modhttp2: Mitigate DoS memory exhaustion via endless CONTINUATION frames. + CVE-2016-5387 core: Mitigate fcgi "httpoxy" issues + CVE-2016-2161 modauthdigest: Prevent segfaults during client entry...

Security fix for the ALT Linux 8 package apache2 version 1:2.4.25-alt1

May 18, 2017 Anton Farygin 1:2.4.25-alt1 - updated to 2.4.25 witch security fixes: + CVE-2016-8740 modhttp2: Mitigate DoS memory exhaustion via endless CONTINUATION frames. + CVE-2016-5387 core: Mitigate fcgi "httpoxy" issues + CVE-2016-2161 modauthdigest: Prevent segfaults during client entry...

Moderate: Red Hat Security Advisory: httpd24-httpd security, bug fix, and enhancement update

Updated httpd24 packages are now available as a part of Red Hat Software Collections 2.4 for Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

About the security content of macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite

About the security content of macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite This document describes the security content of macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite. About Apple security...

openSUSE Security Update : apache2 (openSUSE-2017-154)

This update for apache2 fixes the following issues : - CVE-2016-8740 Server memory can be exhausted and service denied when HTTP/2 is used bsc1013648 This update was imported from the SUSE:SLE-12-SP2:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...

Apache HTTP Server 2.4.x < 2.4.25 Multiple Vulnerabilities

Binary data 9908.prm...

SUSE SLES12 Security Update : apache2 (SUSE-SU-2017:0203-1)

This update for apache2 fixes the following issues : - CVE-2016-8740 Server memory can be exhausted and service denied when HTTP/2 is used bsc1013648 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...

SUSE-SU-2017:0203-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2016-8740 Server memory can be exhausted and service denied when HTTP/2 is used bsc1013648...

[slackware-security] httpd

New httpd packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/httpd-2.4.25-i586-1slack14.2.txz: Upgraded. This update fixes the following security issues: CVE-2016-8740: modhttp2:...

Apache 2.4.23 mod_http2 - Denial of Service

!/usr/bin/python """ source : http://seclists.org/bugtraq/2016/Dec/3 The modhttp2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service memory...

Fedora Update for httpd FEDORA-2016-b39fedec11

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apache HTTP Server 'mod_http2' Denial of Service Vulnerability - Linux

Apache HTTP Server is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...