9 matches found
Ubuntu 16.04 ESM : libapreq2 vulnerability (USN-5041-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5041-1 advisory. It was discovered that libapreq2 did not properly sanitize the Content-Type field in certain crafted HTTP requests. An attacker could possibly use the vulnerabili...
Mageia: Security Advisory (MGASA-2019-0327)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-12412
CVE-2019-12412 affects libapreq2 versions 2.07–2.13, where the multipart parser can dereference a null pointer, causing a process crash and a potential denial-of-service. Exploitation is described as remote via crafted HTTP requests. Public references include Ubuntu USN advisories (USN-4558-1 for...
Amazon Linux AMI : libapreq2 (ALAS-2019-1323)
Remotely exploitable NULL pointer dereference bug CVE-2019-12412 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux AMI Security Advisory ALAS-2019-1323. include'compat.inc'; if description scriptid131243; scriptversion"1.5";...
Medium: libapreq2
Issue Overview: Remotely exploitable null pointer dereference bug CVE-2019-12412 Affected Packages: libapreq2 Issue Correction: Run yum update libapreq2 or yum update --advisory ALAS-2019-1323 to update your system. New Packages: i686: libapreq2-libs-2.13-38.2.amzn1.i686 ...
Updated libapreq2 packages fix security vulnerability
Updated libapreq2 packages fix security vulnerability: Max Kellermann reported a NULL pointer dereference flaw in libapreq2, allowing a remote attacker to cause a denial of service against an application using the library application crash if an invalid nested "multipart" body is processed...
Fedora 29 : libapreq2 (2019-d2381feee9)
Patch CVE-2019-12412. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security,...
Debian DSA-4541-1 : libapreq2 - security update
Max Kellermann reported a NULL pointer dereference flaw in libapreq2, a generic Apache request library, allowing a remote attacker to cause a denial of service against an application using the library application crash if an invalid nested 'multipart' body is processed. C Tenable Network Security...
[SECURITY] [DSA 4541-1] libapreq2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4541-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 04, 2019 https://www.debian.org/security/faq -...