RHSA-2016:1420 Red Hat Security Advisory: httpd24-httpd security update

Bulletin has no description...

RHSA-2015:1666 Red Hat Security Advisory: httpd24-httpd security update

Bulletin has no description...

RHSA-2014:1972 Red Hat Security Advisory: httpd24-httpd security and bug fix update

Bulletin has no description...

RHSA-2014:0922 Red Hat Security Advisory: httpd24-httpd security update

Bulletin has no description...

Amazon Linux AMI : httpd24 (ALAS-2024-1944)

The version of httpd24 installed on the remote host is prior to 2.4.61-1.103. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2024-1944 advisory. Substitution encoding issue in modrewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts...

Amazon Linux AMI : httpd24 (ALAS-2024-1931)

The version of httpd24 installed on the remote host is prior to 2.4.59-1.102. It is, therefore, affected by a vulnerability as referenced in the ALAS-2024-1931 advisory. HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413...

Important: httpd24

Issue Overview: HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion. CVE-2024-27316 Affected Packages: httpd24 Issue Correction: Run yum...

RHEL 6 / 7 : httpd24 (RHSA-2018:3558)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3558 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of...

RHEL 6 / 7 : httpd24 (RHSA-2017:3018)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:3018 advisory. - httpd: Use-after-free by limiting unregistered HTTP method Optionsbleed CVE-2017-9798 Note that Nessus has not tested for this issue but has...

Important: httpd24

Issue Overview: Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. CVE-2023-31122 A flaw was found in httpd. This flaw allows an attacker opening an HTTP/2 connection with an initial window size of 0 to block handling of that...

Amazon Linux AMI : httpd24 (ALAS-2023-1877)

The version of httpd24 installed on the remote host is prior to 2.4.58-1.101. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1877 advisory. Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through...

RHEL 7 : httpd24-nghttp2 (RHSA-2023:5841)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5841 advisory. httpd24-nghttp2 is a library implementing the Hypertext Transfer Protocol version 2 HTTP/2 protocol in C. Security Fixes: HTTP/2: Multiple HTTP/2...

Oracle Linux 6 : httpd24-httpd (ELSA-2014-1972)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1972 advisory. - Remove modproxyfcgi fix for heap-based buffer overflow, httpd-2.4.6 is not affected CVE-2014-3583 - core: fix bypassing of modheaders rules via chunk...

Oracle Linux 7 : httpd24-httpd (ELSA-2015-1666)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-1666 advisory. - core: fix chunk header parsing defect CVE-2015-3183 - core: replace of apsomeauthrequired with apsomeauthnrequired and apforceauthn hook CVE-2015-318...

RHEL 7 : httpd24-httpd (RHSA-2023:3292)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3292 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: HTTP request splitting wi...

Amazon Linux AMI : httpd24 (ALAS-2023-1711)

The version of httpd24 installed on the remote host is prior to 2.4.56-1.100. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1711 advisory. A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory...

Important: httpd24

Issue Overview: A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier. CVE-2006-20001 Inconsistent...

RHEL 6 / 7 : httpd24-httpd and httpd24-mod_md (RHSA-2020:2263)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2263 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modrewrite...

RHEL 6 / 7 : httpd24-httpd (RHSA-2020:3733)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:3733 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Push diary crash on...

RHEL 7 : httpd24-httpd (RHSA-2022:6753)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6753 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsed: Read/wri...