23 matches found
Slackware: Security Advisory (SSA:2018-199-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
KLA12362 Multiple vulnerabilities in Apache HTTP Server
Multiple vulnerabilities were found in Apache HTTP Server. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. Denial of service vulnerability in HTTP/2 connections can be exploited via special crafted requests to cause...
SUSE: Security Advisory (SUSE-SU-2018:2424-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : apache2 (openSUSE-2019-632)
This update for apache2 fixes the following issues : The following security vulnerabilities were fixed : - CVE-2018-1333: Fixed a worker exhaustion that could have lead to a denial of service via specially crafted HTTP/2 requests bsc1101689. - CVE-2018-8011: Fixed a NULL pointer dereference in...
SUSE SLES15 Security Update : apache2 (SUSE-SU-2018:2424-1)
This update for apache2 fixes the following issues: The following security vulnerabilities were fixed : - CVE-2018-1333: Fixed a worker exhaustion that could have lead to a denial of service via specially crafted HTTP/2 requests bsc1101689. - CVE-2018-8011: Fixed a NULL pointer dereference in...
openSUSE: Security Advisory for apache2 (openSUSE-SU-2018:2433-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Amazon Linux 2 : httpd (ALAS-2018-1062)
By specially crafting HTTP requests, the modmd challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 Affected 2.4.33. CVE-2018-8011 C Tenable Network Security, Inc. The descriptive text...
Medium: httpd24
Issue Overview: By specially crafting HTTP requests, the modmd challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 Affected 2.4.33.CVE-2018-8011 Affected Packages: httpd24 Issue...
Medium: httpd
Issue Overview: By specially crafting HTTP requests, the modmd challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 Affected 2.4.33. CVE-2018-8011 Affected Packages: httpd Note: This...
Apache 2.4.x < 2.4.34 Multiple Vulnerabilities
According to its banner, the version of Apache running on the remote host is 2.4.x prior to 2.4.34. It is, therefore, affected by the following vulnerabilities: - By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a...
Security Bulletin: Vulnerabilities CVE-2018-1333 and CVE-2018-8011 in the IBM i HTTP Server affect IBM i.
Summary HTTP Server is supported by IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2018-8011 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service, caused by a NULL pointer dereference in the modmd challenge handler. By sending a specially crafted...
Security fix for the ALT Linux 9 package apache2 version 1:2.4.34-alt1
July 31, 2018 Anton Farygin 1:2.4.34-alt1 - 2.4.34 - fixes: CVE-2018-1333 DoS for HTTP/2 connections by crafted requests CVE-2018-8011 modmd, DoS via Coredumps on specially crafted requests...
Security fix for the ALT Linux 8 package apache2 version 1:2.4.34-alt1
July 31, 2018 Anton Farygin 1:2.4.34-alt1 - 2.4.34 - fixes: CVE-2018-1333 DoS for HTTP/2 connections by crafted requests CVE-2018-8011 modmd, DoS via Coredumps on specially crafted requests...
Security fix for the ALT Linux 10 package apache2 version 1:2.4.34-alt1
July 31, 2018 Anton Farygin 1:2.4.34-alt1 - 2.4.34 - fixes: CVE-2018-1333 DoS for HTTP/2 connections by crafted requests CVE-2018-8011 modmd, DoS via Coredumps on specially crafted requests...
Fedora Update for httpd FEDORA-2018-c3dc008c54
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 27 : httpd (2018-c3dc008c54)
This update includes the latest upstream release, httpd 2.4.34, with multiple bug fixes and enhancements. See http://www.apache.org/dist/httpd/CHANGES2.4.34 for more information on the changes in this version. A security vulnerability is addressed in this update : - modmd: DoS via Coredumps on...
Apache HTTP Server 'mod_md' Denial of Service Vulnerability - Windows
Apache HTTP Server is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
FreeBSD : Apache httpd -- multiple vulnerabilities (8b1a50ab-8a8e-11e8-add2-b499baebfeaf)
The Apache project reports : - DoS for HTTP/2 connections by crafted requests CVE-2018-1333. By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service. low - modmd, DoS via Coredumps on specially crafte...
Slackware 14.0 / 14.1 / 14.2 / current : httpd (SSA:2018-199-01)
New httpd packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2018-199-01. The text itself is copyright C Slackware Linux...
ALPINE-CVE-2018-8011
By specially crafting HTTP requests, the modmd challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 Affected 2.4.33...