61 matches found
Rocky Linux 8 : httpd:2.4 (RLSA-2020:4751)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4751 advisory. - In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request...
K59333944: Apache mod_proxy_ftp vulnerability CVE-2020-1934
Security Advisory Description In Apache HTTP Server 2.4.0 to 2.4.41, modproxyftp may use uninitialized memory when proxying to a malicious FTP server. CVE-2020-1934 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has...
Mageia: Security Advisory (MGASA-2020-0166)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.05 / MAIN 5.05 : httpd Multiple Vulnerabilities (NS-SA-2021-0159)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has httpd packages installed that are affected by multiple vulnerabilities: - In Apache httpd 2.4.0 to 2.4.29, the expression specified in could match '$' to a newline character in a malicious filename, rather than matching onl...
Debian DLA-2706-1 : apache2 - LTS security update
The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2706 advisory. Several vulnerabilities have been found in the Apache HTTP server, which could result in denial of service. In addition the implementation of the MergeSlashes opti...
SUSE SLES11 Security Update : apache2 (SUSE-SU-2020:14342-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14342-1 advisory. - In Apache HTTP Server 2.4.0 to 2.4.41, modproxyftp may use uninitialized memory when proxying to a malicious FTP server. CVE-2020-1934 - Whe...
SUSE: Security Advisory (SUSE-SU-2020:14342-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1126-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1272-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1111-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
IBM HTTP Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 < 8.5.5.18 / 9.0.0.0 < 9.0.5.4 Multiple Vulnerabilities (6191631)
The version of IBM HTTP Server running on the remote host is affected by multiple vulnerabilities related to Apache HTTP Server, as follows: - In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded newlines...
Oracle Linux 8 : httpd:2.4 (ELSA-2020-4751)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4751 advisory. - Resolves: 1823263 CVE-2020-1934 - CVE-2020-1934 httpd: modproxyftp use of uninitialized value - Resolves: 1823259 - CVE-2020-1927 httpd:2.4/httpd:...
httpd:2.4 security, bug fix, and enhancement update
httpd 2.4.37-13.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracles index page oracleindex.html 2.4.37-30 - Resolves: 1209162 - support logging to journald from CustomLog 2.4.37-29 - Resolves: 1823263 CVE-2020-1934 - CVE-2020-1934 httpd: modproxyftp use o...
EulerOS Virtualization 3.0.2.2 : httpd (EulerOS-SA-2020-2224)
According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with modrewrite that were intended to be self-referential might be...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2020-2224)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update
CentOS Errata and Security Advisory CESA-2020:3958 An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
httpd security, bug fix, and enhancement update
2.4.6-95.0.1 - replace index.html with Oracles index page oracleindex.html 2.4.6-95 - Resolves: 1823262 - CVE-2020-1934 httpd: modproxyftp use of uninitialized value 2.4.6-94 - Resolves: 1565491 - CVE-2017-15715 httpd: bypass with a trailing newline in the file name - Resolves: 1747283 -...
Moderate: Red Hat Security Advisory: httpd security, bug fix, and enhancement update
An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2020-2103)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerabilities in IBM HTTP Server affects IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise
Summary There are vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server. IBM WebSphere Application Server is shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise. These issues were addressed by IBM WebSphere Application Server. Vulnerability Details CVEI...