CVE-2018-1312

In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed...

CVE-2018-1312

CVE-2018-1312 affects Apache httpd 2.2.0–2.4.29 where nonce generation for HTTP Digest authentication was not seeded with a proper pseudo-random seed. This allowed replay across servers in a common Digest configuration. Public advisories (CentOS, Debian, Arch Linux, ALT Linux) fix confirmed in ve...

CVE-2017-15715

CVE-2017-15715 affects Apache HTTP Server 2.4.0–2.4.29. The issue: the expression could treat a trailing '$' as a newline in a malicious filename, bypassing filename-end checks and potentially allowing uploads that would otherwise be blocked. Documents consistently describe this as a bypass vuln...

CVE-2018-1312

In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed...

CVE-2017-15715

In Apache httpd 2.4.0 to 2.4.29, the expression specified in could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the...

CVE-2018-1283

In Apache httpd 2.4.0 to 2.4.29, when modsession is configured to forward its session data to CGI applications SessionEnv on, not the default, a remote user may influence their content by using a "Session" header. This comes from the "HTTPSESSION" variable name used by modsession to forward its...

CVE-2017-15710

The CVE-2017-15710 issue affects Apache httpd when mod_authnz_ldap is used with AuthLDAPCharsetConfig. A crafted Accept-Language header is looked up in a charset table; if not present, it is truncated to two characters, and values shorter than two characters trigger an out-of-bounds write of a NU...

CVE-2018-1283

In Apache httpd 2.4.0 to 2.4.29, when modsession is configured to forward its session data to CGI applications SessionEnv on, not the default, a remote user may influence their content by using a "Session" header. This comes from the "HTTPSESSION" variable name used by modsession to forward its...

CVE-2017-15710

In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, modauthnzldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present in the charset...

CVE-2017-15710

In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, modauthnzldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present in the charset...

CVE-2017-15710

In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, modauthnzldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present in the charset...

CVE-2017-15715

In Apache httpd 2.4.0 to 2.4.29, the expression specified in could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the...

CVE-2018-1312

In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed...

CVE-2017-15715

In Apache httpd 2.4.0 to 2.4.29, the expression specified in could match ‘$’ to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the...

CVE-2018-1283

In Apache httpd 2.4.0 to 2.4.29, when modsession is configured to forward its session data to CGI applications SessionEnv on, not the default, a remote user may influence their content by using a "Session" header. This comes from the "HTTPSESSION" variable name used by modsession to forward its...

UBUNTU-CVE-2017-15710

In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, modauthnzldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present in the charset...

PT-2018-1820 · Apache +5 · Apache Httpd +6

Name of the Vulnerable Software and Affected Versions: Apache httpd versions 2.2.0 through 2.4.29 Description: The issue is related to the generation of an HTTP Digest authentication challenge, where the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed...

[slackware-security] php

New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/php-5.6.34-i586-1slack14.2.txz: Upgraded. This update fixes a stack buffer overflow vulnerability. For more information, se...

CVE-2018-7561

Stack-based Buffer Overflow in httpd on Tenda AC9 devices V15.03.05.14EN allows remote attackers to cause a denial of service or possibly have unspecified other impact...

CVE-2018-7561

Stack-based Buffer Overflow in httpd on Tenda AC9 devices V15.03.05.14EN allows remote attackers to cause a denial of service or possibly have unspecified other impact...