Moderate: httpd:2.4/httpd security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd:2.4: httpd: HTTP response splitting CVE-2023-38709 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

RHEL 8 : httpd:2.4/httpd (RHSA-2024:4197)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4197 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd:2.4: httpd: HTTP response...

ALSA-2024:4197 Moderate: httpd:2.4/httpd security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd:2.4: httpd: HTTP response splitting CVE-2023-38709 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

EulerOS 2.0 SP11 : httpd (EulerOS-SA-2024-1815)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-1815)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-1836)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

httpd:2.4 security update

An update is available for httpd, modmd, modhttp2, module.modmd, module.modhttp2, module.httpd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd package...

RLSA-2024:3121 Moderate: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modmacro: out-of-bounds read vulnerability CVE-2023-31122 modhttp2: reset requests exhaust memory incomplete fix of CVE-2023-44487 CVE-2023-45802 For more details about the...

Rocky Linux 8 : httpd:2.4 (RLSA-2024:3121)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3121 advisory. httpd: modmacro: out-of-bounds read vulnerability CVE-2023-31122 modhttp2: reset requests exhaust memory incomplete fix of CVE-2023-44487 CVE-2023-45802...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : mod_jk vulnerability (USN-6826-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has a package installed that is affected by a vulnerability as referenced in the USN-6826-1 advisory. Karl von Randow discovered that modjk was vulnerable to an authentication bypass. If the configuration did not provide...

PT-2024-9689 · D Link · D-Link Dap-2555

Name of the Vulnerable Software and Affected Versions: D-Link DAP-2555 version REVA FIRMWARE 1.20 Description: A buffer overflow vulnerability in the D-Link DAP-2555 allows remote attackers to cause a Denial of Service DoS via a crafted HTTP request. The issue is related to the /sbin/httpd file a...

RHEL 7 : subversion (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - subversion: moddavsvn integer overflow when parsing skel-encoded request bodies CVE-2015-5343 - The...

RHEL 3 : httpd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 3 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - apr-util: high memory consumption in aprbrigadesplitline CVE-2010-1623 - The 1 modcache and 2 moddav...

RHEL 7 : httpd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - firefox: Possible integer overflow to fix inside XMLParse in Expat CVE-2016-9063 - modlua.c in the modlua...

RHEL 5 : httpd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - httpd: modmime buffer overread CVE-2017-7679 - httpd: Weak Digest auth nonce generation in modauthdigest...

RHEL 4 : httpd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - httpd information disclosure in FileEtag CVE-2003-1418 - httpd: HTTP request smuggling attack against...

CLSA-2024-1716915132 httpd: Fix of CVE-2024-27316

CVE-2024-27316: fix HTTP/2 DoS vulnerability caused by memory exhaustion from endless continuation frames: Incoming headers that exceed limits are buffered in nghttp2 to generate an HTTP 413 response...

httpd: CONTINUATION frames DoS

A vulnerability was found in how Apache httpd implements the HTTP/2 protocol. There are insufficient limitations placed on the amount of CONTINUATION frames that can be sent within a single stream. This issue could allow an unauthenticated remote attacker to send packets to vulnerable servers,...

Moderate: Red Hat Security Advisory: mod_http2 security update

An update for modhttp2 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

httpd: CONTINUATION frames DoS

A vulnerability was found in how Apache httpd implements the HTTP/2 protocol. There are insufficient limitations placed on the amount of CONTINUATION frames that can be sent within a single stream. This issue could allow an unauthenticated remote attacker to send packets to vulnerable servers,...