21 matches found
BELL-CVE-2021-41524 CVE-2021-41524 does not affect BellSoft software
Bulletin has no description...
K56331254: Apache HTTP server vulnerability CVE-2021-41524
Security Advisory Description While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No...
Moderate: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update
An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links...
Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update
An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...
Slackware: Security Advisory (SSA:2021-278-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for httpd (FEDORA-2021-f94985afca)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Amazon Linux AMI : httpd24 (ALAS-2021-1543)
The version of httpd24 installed on the remote host is prior to 2.4.51-1.94. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1543 advisory. A NULL pointer dereference was found in Apache httpd modh2. The highest threat from this flaw is to system integrity...
Amazon Linux 2 : httpd (ALAS-2021-1716)
The version of httpd installed on the remote host is prior to 2.4.51-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1716 advisory. A NULL pointer dereference was found in Apache httpd modh2. The highest threat from this flaw is to system integrity...
CVE-2021-41524 affecting package httpd 2.4.49-1
CVE-2021-41524 affecting package httpd 2.4.49-1. An upgraded version of the package is available that resolves this issue...
Security fix for the ALT Linux 9 package apache2 version 1:2.4.50-alt1
Oct. 7, 2021 Anton Farygin 1:2.4.50-alt1 - 2.4.50 Fixes: CVE-2021-41773, CVE-2021-41524...
Updated apache packages fix security vulnerabilities
The updated packages fix a security vulnerabilities: While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in...
[Updated, again] Apache fixes zero-day vulnerability in HTTP Server
The Apache HTTP Server 2.4.49 is vulnerable to a flaw that allows attackers to use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by "require all denied" these requests can succeed. This issue is known to be...
CVE-2021-41524
creationtimestamp| type| source ---|---|--- 2021-10-06 11:23:27+00:00| seen| https://t.me/truesecator/2184...
Multiple vulnerabilities have been discovered in the Apache HTTP Server
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. There is a zero-day vulnerability CVE-2021-41773 and a DoS vulnerability CVE-2021-41524 in Apache HTTP servers. After a publicly disclosed exploit, the zero-day vulnerability has been actively exploited in the wild. The Hiv...
FreeBSD : Apache httpd -- Multiple vulnerabilities (25b78bdd-25b8-11ec-a341-d4c9ef517024)
The Apache http server project reports : - moderate: NULL pointer dereference in h2 fuzzing CVE-2021-41524 - important: Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49 CVE-2021-41773 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...
CVE-2021-41524
While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No exploit is known to the project...
CVE-2021-41524 null pointer dereference in h2 fuzzing
While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No exploit is known to the project...
Apache 2.4.49 < 2.4.50 Multiple Vulnerabilities
The version of Apache httpd installed on the remote host is 2.4.49. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.50 advisory. - While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external...
Apache httpd -- Multiple vulnerabilities
The Apache http server project reports: moderate: null pointer dereference in h2 fuzzing CVE-2021-41524 important: Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49 CVE-2021-41773...
Apache HTTP Server 2.4.49 Multiple Vulnerabilities - Windows
Apache HTTP Server is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...