Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2021-2878)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : httpd (EulerOS-SA-2021-2931)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier. CVE-2021-34798 -...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2021-2832)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : httpd (EulerOS-SA-2021-2923)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier. CVE-2021-34798 -...

EulerOS 2.0 SP9 : httpd (EulerOS-SA-2021-2915)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier. CVE-2021-34798 -...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2021-2803)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Critical Photon OS Security Update - PHSA-2021-3.0-0346

Updates of 'consul', 'httpd', 'pkg-config', 'vim', 'bluez' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2021-0458

Updates of 'httpd', 'binutils', 'runc' packages of Photon OS have been released...

Fedora: Security Advisory for httpd (FEDORA-2021-29a536c2ae)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Apache 2.4.x >= 2.4.7 / < 2.4.52 Forward Proxy DoS / SSRF

The version of Apache httpd installed on the remote host is equal to or greater than 2.4.7 and prior to 2.4.52. It is, therefore, affected by a flaw related to acting as a forward proxy. A crafted URI sent to httpd configured as a forward proxy ProxyRequests on can cause a crash NULL pointer...

Critical Apache HTTPD Server Bugs Could Lead to RCE, DoS

Don’t duck at the latest mention of Apache: Two critical bugs in its HTTP web server – HTTPD – need to be patched pronto, lest they lead to attackers triggering denial of service DoS or bypassing your security policies. Apache, the open-source software foundation behind the Log4J logging library...

CVE-2021-44790

A buffer overflow flaw in httpd's lua module could allow an out-of-bounds write. An attacker who is able to submit a crafted request to an httpd instance that is using the lua module may be able to cause an impact to confidentiality, integrity, and/or availability. Mitigation Disabling modlua and...

[slackware-security] httpd

New httpd packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/httpd-2.4.52-i586-1slack14.2.txz: Upgraded. SECURITY: CVE-2021-44790: Possible buffer overflow when parsing multipart...

CVE-2021-44224

A crafted URI sent to httpd configured as a forward proxy ProxyRequests on can cause a crash NULL pointer dereference or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint Server Side Request Forgery...

CVE-2021-44224

A crafted URI sent to httpd configured as a forward proxy ProxyRequests on can cause a crash NULL pointer dereference or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint Server Side Request Forgery...

CVE-2021-44224

A crafted URI sent to httpd configured as a forward proxy ProxyRequests on can cause a crash NULL pointer dereference or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint Server Side Request Forgery...

CVE-2021-44224

A crafted URI sent to httpd configured as a forward proxy ProxyRequests on can cause a crash NULL pointer dereference or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint Server Side Request Forgery...

Apache Httpd < 2.4.52 : Possible buffer overflow when parsing multipart content in mod_lua of Apache HTTP Server 2.4.51 and earlier

A carefully crafted request body can cause a buffer overflow in the modlua multipart parser r:parsebody called from Lua scripts. The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier...

Slackware Linux 14.0 / 14.1 / 14.2 / current httpd Multiple Vulnerabilities (SSA:2021-354-01)

The version of httpd installed on the remote host is prior to 2.4.52. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2021-354-01 advisory. - A crafted URI sent to httpd configured as a forward proxy ProxyRequests on can cause a crash NULL pointer dereference or, f...

FreeBSD : Apache httpd -- Multiple vulnerabilities (ca982e2d-61a9-11ec-8be6-d4c9ef517024)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ca982e2d-61a9-11ec-8be6-d4c9ef517024 advisory. - A crafted URI sent to httpd configured as a forward proxy ProxyRequests on can cause a crash...