Null pointer dereference

While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No exploit is known to the project...

CVE-2021-41524

CVE-2021-41524 affects Apache HTTP Server (httpd) 2.4.49, where a null pointer dereference during HTTP/2 request processing can allow external sources to cause a DoS. The flaw was introduced with 2.4.49; no public exploit is shown in the documents. Check Point’s November 2021 advisory maps this C...

Apache Httpd < 2.4.50 : null pointer dereference in h2 fuzzing

While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No exploit is known to the project...

Critical Photon OS Security Update - PHSA-2021-3.0-0309

Updates of 'httpd', 'vim' packages of Photon OS have been released...

Fedora: Security Advisory for httpd (FEDORA-2021-e3f6dd670d)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Critical Photon OS Security Update - PHSA-2021-0309

Updates of 'vim', 'httpd' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2021-0437

Updates of 'atftp', 'httpd' packages of Photon OS have been released...

CVE-2020-20746

A stack-based buffer overflow in the httpd server on Tenda AC9 V15.03.06.60EN allows remote attackers to execute arbitrary code or cause a denial of service DoS via a crafted POST request to /goform/SetStaticRouteCfg...

Stack overflow

A stack-based buffer overflow in the httpd server on Tenda AC9 V15.03.06.60EN allows remote attackers to execute arbitrary code or cause a denial of service DoS via a crafted POST request to /goform/SetStaticRouteCfg...

CVE-2020-20746

The CVE-2020-20746 affects Tenda AC9 devices, specifically the httpd server in version V15.03.06.60_EN. A stack-based buffer overflow in the endpoint /goform/SetStaticRouteCfg allows remote attackers to execute arbitrary code or cause a DoS. Public sources describe this as a buffer overflow in th...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2021-2553)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2021-2500)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2021-2529)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : httpd (EulerOS-SA-2021-2529)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is no report of...

Photon OS 1.0: Httpd PHSA-2021-1.0-0435

An update of the httpd package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-1.0-0435. The text itself is copyright C VMware, Inc...

EulerOS 2.0 SP5 : httpd (EulerOS-SA-2021-2500)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow...

Photon OS 2.0: Httpd PHSA-2021-2.0-0393

An update of the httpd package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-2.0-0393. The text itself is copyright C VMware, Inc...

Important Photon OS Security Update - PHSA-2021-0305

Updates of 'httpd' packages of Photon OS have been released...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2021-2463)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : httpd (EulerOS-SA-2021-2463)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow...