httpd security update

2.4.6-97.0.5.2 - scoreboard: fix null pointer deference Orabug: 33561206CVE-2021-34798 - fix apescapequote logic Orabug: 33617690CVE-2021-39275...

SonicWall Secure Mobile Access Multiple Vulnerabilities (SNWLID-2021-0026)

According to its self-reported version, the remote SonicWall Secure Mobile Access is affected by multiple vulnerabilities, including: - An unauthenticated stack-based buffer overflow due to the SonicWall SMA SSLVPN Apache httpd server GET method of modcgi module environment variables use a single...

CVE-2021-20038

A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's modcgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware...

Stack overflow

A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's modcgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware...

CVE-2021-20038

A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's modcgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware...

CVE-2021-20038

CVE-2021-20038 affects SonicWall SMA100 series appliances (SMA200/210/400/410/500v) with firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier. It is a stack-based buffer overflow in the SMA100 Apache httpd server’s mod_cgi environment variables that allows remote, unauthenticated code...

CVE-2021-20038

A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server’s modcgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a ‘nobody’ user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware...

PT-2021-5651 · Apache +1 · Apache Http Server +6

Name of the Vulnerable Software and Affected Versions: SonicWall SMA 100 Appliances version 10.2.0.8-37sv SonicWall SMA 100 Appliances version 10.2.1.1-19sv SonicWall SMA 100 Appliances version 10.2.1.2-24sv SonicWall SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19s...

Sonicwall SMA100 缓冲区错误漏洞

The Sonicwall SMA100 is a secure access gateway appliance from Sonicwall, Inc. A buffer error vulnerability in the modcgi module environment variable of the SonicWall SMA100 Apache httpd server allows an unauthenticated, remote attacker to potentially execute code as the nobody user in the device...

PT-2021-6473 · NetGear · Netgear Rax50 +20

Name of the Vulnerable Software and Affected Versions: NETGEAR R6700v3 version 1.0.4.120 10.0.91 NETGEAR R6400 versions affected versions not specified NETGEAR R6400v2 versions affected versions not specified NETGEAR R6900P versions affected versions not specified NETGEAR R7000 versions affected...

httpd:2.4 security update

httpd 2.4.37-43.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html. 2.4.37-43 - Related: 2007235 - CVE-2021-40438 httpd:2.4/httpd: modproxy: SSRF via a crafted request uri-path 2.4.37-42 - Resolves: 2007235 - CVE-2021-40438...

CentOS: Security Advisory for httpd (CESA-2021:3856)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Oracle Linux 8 : httpd:2.4 (ELSA-2021-4537)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-4537 advisory. - Related: 2007235 - CVE-2021-40438 httpd:2.4/httpd: modproxy: SSRF via a crafted request uri-path - Resolves: 2007235 - CVE-2021-40438 httpd:2.4/httpd: modprox...

CentOS 7 : httpd (RHSA-2021:3856)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3856 advisory. - A crafted request uri-path can cause modproxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server...

Oracle Linux 8 : httpd:2.4 (ELSA-2021-4257)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-4257 advisory. - Add checks on the configured UDS path Orabug: 33412270CVE-2021-40438 - Resolves: 1972500 - CVE-2021-30641 httpd:2.4/httpd: MergeSlashes regression -...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2021-2779)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2021-2746)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

httpd:2.4 security update

httpd 2.4.37-39.0.2.1 - modsession: save one aprstrtok Orabug: 33338149CVE-2021-26690...

CentOS 8 : httpd:2.4 (CESA-2021:4537)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:4537 advisory. - httpd: Regression of CVE-2021-40438 and CVE-2021-26691 fixes in Red Hat Enterprise Linux 8.5 CVE-2021-20325 Note that Nessus has not tested for this issue but...

RHEL 8 : httpd:2.4 (RHSA-2021:4537)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4537 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Regression of...