43 matches found
MiracleLinux 7 : httpd24-1.1-19.el7, httpd24-httpd-2.4.34-15.el7, httpd24-nghttp2-1.7.1-8.el7 (AXSA:2019-4418:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4418:01 advisory. httpd: modsessioncookie does not respect expiry time CVE-2018-17199 httpd: modauthdigest: access control bypass due to race condition CVE-2019-0217...
Linux Distros Unpatched Vulnerability : CVE-2019-10092
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the modproxy error page. An attacker could cause the link on the...
RHEL 6 / 7 : httpd24-httpd (RHSA-2019:4126)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:4126 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of...
Rocky Linux 8 : httpd:2.4 (RLSA-2020:4751)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4751 advisory. - In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request...
NewStart CGSL MAIN 6.06 : httpd Multiple Vulnerabilities (NS-SA-2023-1001)
The remote NewStart CGSL host, running version MAIN 6.06, has httpd packages installed that are affected by multiple vulnerabilities: - In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily...
K30442259: Apache HTTPD vulnerability CVE-2019-10092
Security Advisory Description In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the modproxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable whe...
Slackware: Security Advisory (SSA:2020-091-02)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2019-0407)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:2004-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:2237-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:0779-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : apache2 (SUSE-SU-2021:0779-1)
This update for apache2 fixes the following issues : Fixed potential content spoofing with default error pagesbsc118270 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and forma...
Oracle Linux 8 : httpd:2.4 (ELSA-2020-4751)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4751 advisory. - Resolves: 1823263 CVE-2020-1934 - CVE-2020-1934 httpd: modproxyftp use of uninitialized value - Resolves: 1823259 - CVE-2020-1927 httpd:2.4/httpd:...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2020-2103)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerabilities in IBM HTTP Server affect IBM Netezza Performance Portal
Summary IBM HTTP Server is used by IBM Netezza Performance Portal. IBM Netezza Performance Portal has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2018-20843 DESCRIPTION: libexpat is vulnerable to a denial of service, caused by an error in the XML parser. By persuading a victim...
EulerOS 2.0 SP2 : httpd (EulerOS-SA-2020-1650)
According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes...
EulerOS Virtualization for ARM 64 3.0.2.0 : httpd (EulerOS-SA-2020-1552)
According to the versions of the httpd packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with modrewrite that were intended to be self-referential...
EulerOS Virtualization 3.0.2.2 : httpd (EulerOS-SA-2020-1455)
According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple...
Moderate: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP2 security update
Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.37 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of...
EulerOS Virtualization for ARM 64 3.0.6.0 : httpd (EulerOS-SA-2020-1370)
According to the versions of the httpd packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with modrewrite that were intended to be self-referential...