CentOS 9 : httpd-2.4.53-11.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the httpd-2.4.53-11.el9 build changelog. - out-of-bounds read/write of zero byte CVE-2006-20001 - Possible request smuggling CVE-2022-36760 - HTTP response splitting CVE-2022-37436...

Internet Bug Bounty: DoS via lua_read_body() [zhbug_httpd_94]

Greetings. I have found a bug that can crash httpd 2.4.53, causing a denial of service. The bug is that luareadbody modules/lua/luarequest.c uses the value of the Content-Length header to allocate memory. While apreadrequest limits Content-Length's value to a non-negative |aprofft| via a call to...

Slackware: Security Advisory (SSA:2022-073-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...