11646 matches found
Security Bulletin: IBM Aspera Orchestrator affected by an Apache HTTP Server vulnerability (CVE-2022-28614)
Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2022-28614 DESCRIPTION: Apache HTTP Server could allow a remote attacker to obtain sensitive information, caused by an error in the aprwrite function. By reflecting very large...
Security Bulletin: IBM Aspera Orchestrator affected by vulnerability ( CVE-2022-31813)
Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2022-31813 DESCRIPTION: Apache HTTP Server could allow a remote attacker to bypass security restrictions, caused by the failure to send the X-Forwarded- headers to the origin...
Security Bulletin: IBM Aspera Orchestrator affected by HTTP request splitting attack due to Apache HTTP Server vulnerability (CVE-2021-33193)
Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2021-33193 DESCRIPTION: Apache HTTP Server is vulnerable to HTTP request splitting attacks, caused by improper input validation in HTTP/2 message processing. A remote attacker...
Security Bulletin: IBM Aspera Orchestrator vulnerable to HTTP request smuggling due to an Apache HTTP Server vulnerability (CVE-2022-26377)
Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2022-26377 DESCRIPTION: Apache HTTP Server is vulnerable to HTTP request smuggling, caused by an inconsistent Interpretation of HTTP Requests vulnerability in modproxyajp. An...
Security Bulletin: IBM Aspera Orchestrator was vulnerable to denial of service due to an Apache HTTP Server vulnerability (CVE-2021-34798)
Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2021-34798 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service, caused by a NULL pointer dereference in httpd core. By sending a specially crafted request, a...
Security Bulletin: IBM Aspera Orchestrator affected by buffer overflow vulnerability (CVE-2021-39275)
Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2021-39275 DESCRIPTION: Apache HTTP Server is vulnerable to a buffer overflow, caused by improper bounds checking by the apescapequotes function. By sending specially crafted...
Security Bulletin: IBM Aspera Orchestrator affected by vulnerability (CVE-2022-23943)
Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2022-23943 DESCRIPTION: Apache HTTP Server could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write in modsed. By sending special...
Security Bulletin: IBM Aspera Orchestrator affected by vulnerability (CVE-2022-28330)
Summary The vulnerability CVE-2022-28330 has been remediated in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2022-28330 DESCRIPTION: Apache HTTP Server could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to read beyond boun...
Security Bulletin: IBM Aspera Orchestrator affected by Apache HTTP Server vulnerability (CVE-2022-30556)
Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2022-30556 DESCRIPTION: Apache HTTP Server could allow a remote attacker to obtain sensitive information, caused by an error in modlua with websockets. An attacker could exploi...
Security Bulletin: IBM Aspera Orchestrator affected by denial of service vulnerability (CVE-2021-36160)
Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2021-36160 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service, caused by an out-of-bounds read in modproxyuwsgi. By sending a specially crafted request...
Security Bulletin: IBM Aspera Orchestrator was vulnerable to a denial of service attack due to an Apache HTTP Server vulnerability (CVE-2022-30522)
Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2022-30522 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service when configured to do transformations with modsed in contexts where the input to modsed may be...
Security Bulletin: IBM Aspera Orchestrator affected by denial of service vulnerability (CVE-2022-22719)
Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2022-22719 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service. By using a specially crafted request body to read a random memory area, a remote attacker could...
Security Bulletin: IBM Aspera Orchestrator vulnerable to server-side request forgery due to Apache HTTP Server vulnerability (CVE-2021-40438)
Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2021-40438 DESCRIPTION: Apache HTTP Server is vulnerable to server-side request forgery, caused by an error in modproxy. By sending a specially crafted request uri-path, a remo...
USN-5839-2: Apache HTTP Server vulnerability
USN-5839-1 fixed a vulnerability in Apache. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Dimas Fariski Setyawan Putra discovered that the Apache HTTP Server modproxy module incorrectly truncated certain response headers. This may result in later...
Ubuntu 16.04 ESM : Apache HTTP Server vulnerability (USN-5839-2)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5839-2 advisory. USN-5839-1 fixed a vulnerability in Apache. This update provides the corresponding update for Ubuntu 16.04 ESM. Tenable has extracted the preceding description...
USN-5839-1: Apache HTTP Server vulnerabilities
It was discovered that the Apache HTTP Server moddav module incorrectly handled certain If: request headers. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. CVE-2006-20001 ZeddYuLu discovered that the Apache HTTP Server modproxyajp...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Apache HTTP Server vulnerabilities (USN-5839-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5839-1 advisory. It was discovered that the Apache HTTP Server moddav module incorrectly handled certain If: request headers. A remote attacker...
Ubuntu: Security Advisory (USN-5834-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5834-1: Apache HTTP Server vulnerabilities
It was discovered that the Apache HTTP Server moddav module did not properly handle specially crafted request headers. A remote attacker could possibly use this issue to cause the process to crash, leading to a denial of service. CVE-2006-20001 It was discovered that the Apache HTTP Server...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-1260)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...