31 matches found
TencentOS Server 4: httpd (TSSA-2024:0664)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0664 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Azure Linux 3.0 Security Update: httpd / mod_http2 (CVE-2023-43622)
The version of httpd / modhttp2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-43622 advisory. - An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block...
CBL Mariner 2.0 Security Update: httpd / mod_http2 (CVE-2023-43622)
The version of httpd / modhttp2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-43622 advisory. - An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block...
CVE-2023-43622 affecting package mod_http2 for versions less than 2.0.29-3
CVE-2023-43622 affecting package modhttp2 for versions less than 2.0.29-3. An upgraded version of the package is available that resolves this issue...
Oracle Linux 9 : mod_http2 (ELSA-2024-2368)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-2368 advisory. 2.0.26-1 - Resolves: RHEL-14691 - modhttp2 rebase to 2.0.26 Tenable has extracted the preceding description block directly from the Oracle Linux securi...
Moderate: Red Hat Security Advisory: mod_http2 security update
An update for modhttp2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
ALSA-2024:2368 Moderate: mod_http2 security update
The modhttp2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: modhttp2: DoS in HTTP/2 with initial window size 0 CVE-2023-43622 modhttp2: reset requests exhaust memory incomplete fix of CVE-2023-44487 CVE-2023-45802 For mo...
Moderate: mod_http2 security update
The modhttp2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: modhttp2: DoS in HTTP/2 with initial window size 0 CVE-2023-43622 modhttp2: reset requests exhaust memory incomplete fix of CVE-2023-44487 CVE-2023-45802 For mo...
RHEL 9 : mod_http2 (RHSA-2024:2368)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2368 advisory. The modhttp2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd:...
[SECURITY] [DSA 5662-1] apache2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5662-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 16, 2024 https://www.debian.org/security/faq -...
FreeBSD : www/varnish7 -- Denial of Service (05b7180b-e571-11ee-a1c0-0050569f0b83)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 05b7180b-e571-11ee-a1c0-0050569f0b83 advisory. - An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling...
Tenable SecurityCenter Multiple Vulnerabilities (TNS-2023-44)
According to its self-reported version, the Tenable SecurityCenter running on the remote host is . It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-44 advisory. - Security Center leverages third-party software to help provide underlying functionality. One of th...
USN-6506-1 apache2 vulnerabilities
David Shoon discovered that the Apache HTTP Server modmacro module incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. CVE-2023-31122 Prof. Sven Dietrich, Isa Jafarov, Prof. Heejo Lee, and...
USN-6506-1: Apache HTTP Server vulnerabilities
David Shoon discovered that the Apache HTTP Server modmacro module incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. CVE-2023-31122 Prof. Sven Dietrich, Isa Jafarov, Prof. Heejo Lee, and...
Tenable Security Center 5.23.1 / 6.0.0 / 6.1.0 / 6.1.1 / 6.2.0 Multiple Vulnerabilities (TNS-2023-42)
According to its self-reported version, the Tenable Security Center running on the remote host is affected by multiple vulnerabilities as referenced in the TNS-2023-42 advisory. - Security Center leverages third-party software to help provide underlying functionality. Several of the third-party...
Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : Apache HTTP Server vulnerabilities (USN-6506-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6506-1 advisory. David Shoon discovered that the Apache HTTP Server modmacro module incorrectly handled certain memory operations. A remote...
CVE-2023-43622 affecting package httpd for versions less than 2.4.58-1
CVE-2023-43622 affecting package httpd for versions less than 2.4.58-1. An upgraded version of the package is available that resolves this issue...
Apache vulnerability CVE-2023-43622 CVE-2023-45802 CVE-2023-31122 in License Server 11.17.2.0 44000
Apache 2.4.57 contains vulnerabilities and is used in the License Server version 11.17.2.0 build 44000. Security scans may raise the following CVEs: CVE-2023-43622-https://vulners.com/cve/CVE-2023-43622Affects HTTP/2 CVE-2023-45802-https://vulners.com/cve/CVE-2023-45802Affetcs HTTP/2...
Important: httpd24
Issue Overview: Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. CVE-2023-31122 A flaw was found in httpd. This flaw allows an attacker opening an HTTP/2 connection with an initial window size of 0 to block handling of that...
Amazon Linux 2 : httpd (ALAS-2023-2322)
The version of httpd installed on the remote host is prior to 2.4.58-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2322 advisory. Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57...