25 matches found
TencentOS Server 3: httpd:2.4 (TSSA-2022:0017)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0017 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Alibaba Cloud Linux 3 : 0017: httpd:2.4 (ALINUX3-SA-2022:0017)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0017 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-0190: A bug exists in the way...
Photon OS 3.0: Httpd PHSA-2019-3.0-0013
An update of the httpd package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0013. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Debian: Security Advisory (DLA-3351-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
K59440504: Apache mod_ssl vulnerability CVE-2019-0215
Security Advisory Description In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in modssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions. CVE-2019-0215 Impact There is no impact; F5 products are not...
Security Bulletin: Aspera Web Applications (Faspex, Console) are affected by Apache Vulnerabilities (CVE-2019-0196, CVE-2019-0197, CVE-2019-0215, CVE-2019-0217, CVE-2019-0220)
Summary Aspera Web Applications Faspex, Console have addressed the following Apache Vulnerabilities. Vulnerability Details CVEID: CVE-2019-0220 DESCRIPTION: A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-2311)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-1835)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
httpd:2.4 security update
httpd 2.4.37-11.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-11 - Resolves: 1695431 - CVE-2019-0211 httpd: privilege escalation from modules scripts - Resolves: 1696090 - CVE-2019-0215 httpd:2.4/httpd: modssl:...
Photon OS 2.0: Httpd PHSA-2019-2.0-0157
An update of the httpd package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0157. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid124680...
Important: Red Hat Security Advisory: httpd:2.4 security update
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 8 : httpd:2.4 (RHSA-2019:0980)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0980 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: privilege...
Fedora 30 : httpd (2019-cf7695b470)
Resolves: 1695046 CVE-2019-0196 CVE-2019-0197 CVE-2019-0215 CVE-2019-0217 CVE-2019-0220 httpd: various flaws Resolves: 1694510 httpd-2.4.39 is available Resolves: 1694986 - CVE-2019-0211 httpd: privilege escalation from modules scripts Note that Tenable Network Security has extracted the precedin...
Amazon Linux 2 : httpd (ALAS-2019-1189)
In Apache HTTP Server with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually root by manipulating the scoreboar...
Amazon Linux AMI : httpd24 (ALAS-2019-1189)
In Apache HTTP Server with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually root by manipulating the scoreboar...
CVE-2019-0215
In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in modssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions...
CVE-2019-0215
In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in modssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions...
CVE-2019-0215
CVE-2019-0215 affects Apache HTTP Server 2.4.37–2.4.38. A bug in mod_ssl for per-location client certificate verification with TLSv1.3 allowed bypass of configured access controls. Impact is access restriction bypass; no explicit exploitation details provided here. Remediation: upgrade to 2.4.39 ...
CVE-2019-0215
In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in modssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions...
Fedora 29 : httpd (2019-119b14075a)
This update includes the latest upstream release of Apache httpd, version 2.4.39, including multiple bug and security fixes. To see the full list of changes in this release, see: https://www.apache.org/dist/httpd/CHANGES2.4.39 The following security vulnerabilities are addressed : - CVE-2019-0211...