14 matches found
SUSE CVE-2017-9789
When under stress, closing many connections, the HTTP/2 handling code in Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour...
SUSE: Security Advisory (SUSE-SU-2018:0261-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apache HTTP Server Vulnerabilities Jul 2017 - Sep 2018
SUMMARY Symantec Network Protection products using affected versions of Apache httpd are susceptible to multiple security vulnerabilities. A remote attacker can obtain sensitive information, bypass intended security restrictions, modify session information in CGI applications, replay authenticate...
SUSE-SU-2018:0261-1 Recommended update for apache2
This update for apache2 fixes several issues. These security issues were fixed: - CVE-2017-9789: When under stress closing many connections the HTTP/2 handling code would sometimes access memory after it has been freed, resulting in potentially erratic behaviour bsc1048575. - CVE-2017-7659: A...
Updated apache packages fix security vulnerabilities
In Apache httpd before 2.4.27, the value placeholder in Proxy-Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by modauthdigest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized poo...
Apple Mac OS X Multiple Code Execution Vulnerabilities (HT208221)
Apple Mac OS X is prone to multiple code execution vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apache HTTP Server 'mod_http2' Denial-Of-Service Vulnerability - Linux
Apache HTTP Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
[ASA-201707-15] apache: multiple issues
Arch Linux Security Advisory ASA-201707-15 ========================================== Severity: Critical Date : 2017-07-14 CVE-ID : CVE-2017-9788 CVE-2017-9789 Package : apache Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-350 Summary ======= The package apache...
FreeBSD : Apache httpd -- multiple vulnerabilities (457ce015-67fa-11e7-867f-b499baebfeaf)
The Apache httpd project reports : important: Read after free in modhttp2 CVE-2017-9789 When under stress, closing many connections, the HTTP/2 handling code would sometimes access memory after it has been freed, resulting in potentially erratic behaviour. important: Uninitialized memory reflecti...
[slackware-security] httpd
New httpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/httpd-2.4.27-i586-1slack14.2.txz: Upgraded. This update fixes two security issues: Read after free in...
CVE-2017-9789
When under stress, closing many connections, the HTTP/2 handling code in Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour...
CVE-2017-9789
CVE-2017-9789 concerns Apache httpd 2.4.26. The HTTP/2 handling code may access memory after it has been freed when under stress (closing many connections), leading to erratic behavior. Connected advisories confirm the vulnerability is in mod_http2 and suggest upgrading to a fixed version (e.g., ...
CVE-2017-9789
When under stress, closing many connections, the HTTP/2 handling code in Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour...
Apache httpd -- multiple vulnerabilities
The Apache httpd project reports: important: Read after free in modhttp2 CVE-2017-9789 When under stress, closing many connections, the HTTP/2 handling code would sometimes access memory after it has been freed, resulting in potentially erratic behaviour. important: Uninitialized memory reflectio...