5781 matches found
Photon OS 1.0: Httpd PHSA-2021-1.0-0437
An update of the httpd package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-1.0-0437. The text itself is copyright C VMware, Inc...
Fedora: Security Advisory for httpd (FEDORA-2021-5d2d4b6ac5)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Photon OS 2.0: Httpd PHSA-2021-2.0-0399
An update of the httpd package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-2.0-0399. The text itself is copyright C VMware, Inc...
httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:"
A Server-Side Request Forgery SSRF flaw was found in modproxy of httpd. This flaw allows a remote, unauthenticated attacker to make the httpd server forward requests to an arbitrary server. The attacker could get, modify, or delete resources on other services that may be behind a firewall and...
httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:"
A Server-Side Request Forgery SSRF flaw was found in modproxy of httpd. This flaw allows a remote, unauthenticated attacker to make the httpd server forward requests to an arbitrary server. The attacker could get, modify, or delete resources on other services that may be behind a firewall and...
Exploit for Path Traversal in Apache Http_Server
CVE-2021-41773 Playground === This is a small Docker recipe for...
Exploit for Path Traversal in Apache Http_Server
CVE-2021-41773 Playground === This is a small Docker recipe for...
Exploit for Path Traversal in Apache Http_Server
CVE-2021-41773 Playground === This is a small Docker recipe for...
Exploit for Path Traversal in Apache Http_Server
CVE-2021-41773 Playground === This is a small Docker recipe for...
Exploit for Path Traversal in Apache Http_Server
CVE-2021-41773 Playground === This is a small Docker recipe for...
Photon OS 3.0: Httpd PHSA-2021-3.0-0305
An update of the httpd package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-3.0-0305. The text itself is copyright C VMware, Inc...
Apache HTTPd 2.4.49/2.4.50 路径穿越漏洞
It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default...
[slackware-security] httpd
New httpd packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/httpd-2.4.50-i586-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. Fixed null pointer...
FreeBSD : Apache httpd -- Multiple vulnerabilities (25b78bdd-25b8-11ec-a341-d4c9ef517024)
The Apache http server project reports : - moderate: NULL pointer dereference in h2 fuzzing CVE-2021-41524 - important: Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49 CVE-2021-41773 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...
Exploit for Path Traversal in Apache Http_Server
CVE-2021-41773 Apache httpd only 2.4.49 For educational pur...
Exploit for Path Traversal in Apache Http_Server
CVE-2021-41773 Path traversal in Apache HTTP Server 2.4.49 CV...
CVE-2021-41524
While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No exploit is known to the project...
DEBIAN-CVE-2021-41524
While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No exploit is known to the project...
ALPINE-CVE-2021-41524
While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No exploit is known to the project...
CVE-2021-41524
While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No exploit is known to the project...