EulerOS 2.0 SP1 : httpd (EulerOS-SA-2016-1030)

According to the version of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTPPROXY environment variable for CGI scripts,...

httpd: DoS vulnerability in mod_auth_digest

It was discovered that the modauthdigest module of httpd did not properly check for memory allocation failures. A remote attacker could use this flaw to cause httpd child processes to repeatedly crash if the server used HTTP digest authentication...

httpd: Incomplete handling of LimitRequestFields directive in mod_http2

A vulnerability was found in httpd's handling of the LimitRequestFields directive in modhttp2, affecting servers with HTTP/2 enabled. An attacker could send crafted requests with headers larger than the server's available memory, causing httpd to crash...

httpd: IP address spoofing when proxying using mod_remoteip and mod_rewrite

A flaw was found in the modremoteip module shipped with the httpd package. This flaw allows an attacker to spoof the IP address, resulting in the bypass of a modrewrite rule. The highest threat from this vulnerability is to integrity...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2017-0013

An update of cracklib,libevent,libgcrypt,httpd,glibc packages for PhotonOS has been released...

XM tech security monitoring equipment, pre-uc-httpd server causes the presence of any directory traversal and local file inclusion vulnerabilities

0x01 vulnerability overview 1, the vendor information Manufacturer name: XM tech Official domain name: www.xiongmaitech.com Hangzhou XM Information Technology Co., Ltd. specialize in security monitoring, intelligent video independent research and development dedicated to security video monitoring...

CentOS Update for httpd CESA-2017:0906 centos7

Check the version of httpd SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882692";...

RHEL 7 : httpd (RHSA-2017:0906)

An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

XiongMai uc-http 1.0.0 Local File Inclusion / Directory Traversal

uc-httpd is an HTTP daemon used by a wide array of IoT devices and is vulnerable to local file inclusion and directory traversal bugs. +---------------------------------------------------------+ | Vulnerable Software: uc-httpd | | Vendor: XiongMai Technologies | | Vulnerability Type: LFI, Directo...

Oracle Linux 7 : httpd (ELSA-2017-0906)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-0906 advisory. - updated patch for CVE-2016-8743 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

RedHat Update for httpd RHSA-2017:0906-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

httpd: DoS vulnerability in mod_auth_digest

It was discovered that the modauthdigest module of httpd did not properly check for memory allocation failures. A remote attacker could use this flaw to cause httpd child processes to repeatedly crash if the server used HTTP digest authentication...

httpd security and bug fix update

2.4.6-45.0.1.4 - replace index.html with Oracle's index page oracleindex.html 2.4.6-45.4 - Resolves: 1396197 - Backport: modproxywstunnel - AH02447: err/hup on backconn 2.4.6-45.3 - prefork: fix delay completing graceful restart 1327624 - modldap: fix authz regression, failing to rebind 1415257...

Directory traversal

XiongMai uc-httpd has directory traversal allowing the reading of arbitrary files via a "GET ../" HTTP request...

CVE-2017-7577

XiongMai uc-httpd has directory traversal allowing the reading of arbitrary files via a "GET ../" HTTP request...

CVE-2017-7577

XiongMai uc-httpd has directory traversal allowing the reading of arbitrary files via a "GET ../" HTTP request...

CVE-2017-7577

CVE-2017-7577 affects XiongMai uc-httpd. A directory traversal vulnerability allows reading arbitrary files via a GET ../ HTTP request. Connected sources document the flaw and impact (read access; no public exploit details provided); remediation/patch information is not specified in the supplied ...

Design/Logic Flaw

httpd in OpenBSD allows remote attackers to cause a denial of service memory consumption via a series of requests for a large file using an HTTP Range header...

CVE-2017-5850

httpd in OpenBSD allows remote attackers to cause a denial of service memory consumption via a series of requests for a large file using an HTTP Range header...

CVE-2017-5850

httpd in OpenBSD allows remote attackers to cause a denial of service memory consumption via a series of requests for a large file using an HTTP Range header...