Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 security update

An update is now available for JBoss Core Services on RHEL 6 and RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

HAProxy HTTP2 Frame Size Heap Buffer Overflow (CVE-2018-10184)

A heap-based buffer overflow vulnerability exists in HAProxy. The vulnerability is due to incorrect validation of frame length on incoming HTTP/2 frames. A remote, unauthenticated attacker could exploit this vulnerability by sending a malicious request to the target server...

Security update for nginx (moderate)

openSUSE Security Update: Security update for nginx Announcement ID: openSUSE-SU-2019:0195-1 Rating: moderate References: 1115015 1115022 1115025 Cross-References: CVE-2018-16843 CVE-2018-16844 CVE-2018-16845 Affected Products: openSUSE Leap 42.3 openSUSE Leap 15.0 SUSE Package Hub for SUSE Linux...

SUSE SLES15 Security Update : nginx (SUSE-SU-2019:0334-1)

This update for nginx to version 1.14.2 fixes the following issues : Security vulnerabilities addressed : CVE-2018-16843 CVE-2018-16844: Fixed an issue whereby a client using HTTP/2 might cause excessive memory consumption and CPU usage bsc1115025 bsc1115022. CVE-2018-16845: Fixed an issue which...

Security update for haproxy (important)

openSUSE Security Update: Security update for haproxy Announcement ID: openSUSE-SU-2019:0166-1 Rating: important References: 1121283 Cross-References: CVE-2018-20615 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for haproxy...

SUSE-SU-2019:0334-1 Security update for nginx

This update for nginx to version 1.14.2 fixes the following issues: Security vulnerabilities addressed: - CVE-2018-16843 CVE-2018-16844: Fixed an issue whereby a client using HTTP/2 might cause excessive memory consumption and CPU usage bsc1115025 bsc1115022. - CVE-2018-16845: Fixed an issue whic...

HackerOne: Partial report contents leakage - via HTTP/2 concurrent stream handling

Summary: The concurrent handling of HTTP/2 streams allows for a "timeless timing attack": instead of timing, the ordering of responses is used, making the attack resilient to network jitter. As the /bugs.json endpoint takes slightly longer to process when a query returns results, it is possible t...

KLA11494 DOS vulnerability in Apache Tomcat

Incorrect requests handling int Apache HTTP/2. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Apache Tomcat 8.x Security Vulnerabilities Related products Apache-Tomcat CVE list CVE-2019-0199 warning Solution Update to the latest version Download...

Fixed in Apache Tomcat 8.5.38

Important: Denial of Service CVE-2019-0199 The HTTP/2 implementation accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without reading/writing request/response data. By keeping streams open for requests that utilised the Servlet API's...

Fixed in Apache Tomcat 9.0.16

Note: The issue below was fixed in Apache Tomcat 9.0.15 but the release vote for the 9.0.15 release candidate did not pass. Therefore, although users must download 9.0.16 to obtain a version that includes a fix for these issues, version 9.0.15 is not included in the list of affected versions...

Apache HTTP Server < 2.4.38 HTTP/2 DoS Vulnerability - Linux

By sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol. SPDX-FileCopyrightText: 2019...

Apache HTTP Server < 2.4.38 HTTP/2 DoS Vulnerability - Windows

By sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol. SPDX-FileCopyrightText: 2019...

Oracle Secure Global Desktop Multiple Vulnerabilities (January 2019 CPU)

The version of Oracle Secure Global Desktop installed on the remote host is 5.4 and is missing a security patch from the January 2019 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities: - A denial of service DoS vulnerability exists in Apache HTTP Server 2.4.17 to...

Apache 2.4.x < 2.4.34 Multiple Vulnerabilities

According to its banner, the version of Apache running on the remote host is 2.4.x prior to 2.4.34. It is, therefore, affected by the following vulnerabilities: - By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a...

Design/Logic Flaw

In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 modhttp2 connections...

CVE-2018-17189

In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 modhttp2 connections...

CVE-2018-17189

In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 modhttp2 connections...

Apache Httpd < 2.4.39 : mod_http2, read-after-free on a string compare

Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparision when determining the method of a request and thus process the request incorrectly...

Apache Httpd < 2.4.39 : mod_http2, possible crash on late upgrade

When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. A server that never enabled the h2 protocol or that only enabled it for...

Security fix for the ALT Linux 8 package apache2 version 1:2.4.38-alt1

1:2.4.38-alt1 built Jan. 28, 2019 Anton Farygin in task 219984 Jan. 25, 2019 Anton Farygin - 2.4.38 - fixes: important: modssl 2.4.37 remote DoS when used with OpenSSL 1.1.1. CVE-2019-0190 low: modsessioncookie does not respect expiry time. CVE-2018-17199 low: DoS for HTTP/2 connections via slow...