EulerOS Virtualization for ARM 64 3.0.6.0 : httpd (EulerOS-SA-2020-1370)

According to the versions of the httpd packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with modrewrite that were intended to be self-referential...

CVE-2019-10097

A vulnerability was discovered in Apache httpd, in modremoteip. A trusted proxy using the "PROXY" protocol could send specially crafted headers that can cause httpd to experience a stack buffer overflow or NULL pointer dereference, leading to a crash or other potential consequences. This issue...

ipa: Batch API logging user passwords to /var/log/httpd/error_log

A flaw was found in the way that FreeIPA's batch processing API logged operations. This included passing user passwords in clear text on FreeIPA masters. Batch processing of commands with passwords as arguments or options is not performed by default in FreeIPA but is possible by third-party...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2020-1370)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2020-1359)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 : httpd (RHSA-2020:1121)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1121 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsessioncookie...

[slackware-security] httpd

New httpd packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/httpd-2.4.43-i586-1slack14.2.txz: Upgraded. This release contains security fixes since 2.4.39 and improvements. For more...

Moderate: Red Hat Security Advisory: httpd security, bug fix, and enhancement update

An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2020-1289)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-20335

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APPInstallation.asp?= URI...

Denial of service

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APPInstallation.asp?= URI...

CVE-2018-20335

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APPInstallation.asp?= URI...

Slowness in Presenting Citrix Gateway/AAA Login page on Client Browsers

Sometimes Citrix Gateway login page takes a long time to be presented on the client’s browsers. When this issue occurs, you might observe any of the following conditions. The number of established connections to Apache counter has hit the default configured limit of 30 or a customized value, if...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2020-1250)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

D-Link DIR-825 Stack Buffer Overflow Vulnerability

The D-Link DIR-825 is an AC 1200 Wi-Fi dual-band Gigabit LAN/WAN router. A stack buffer overflow vulnerability exists in the httpd binary in the D-Link DIR-825 Rev. B 2.10. An attacker can exploit this vulnerability by sending a POST request to ntpsync.cgi with a sufficiently long parameter...

CVE-2020-10214

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntpsync.cgi with a sufficiently long parameter ntpserver...

Stack overflow

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntpsync.cgi with a sufficiently long parameter ntpserver...

CVE-2020-10214

Affected product: D-Link DIR-825 Rev.B (firmware 2.10). Vulnerability: stack-based buffer overflow in the httpd binary that can be triggered by a POST to ntp_sync.cgi with a sufficiently long ntp_server parameter. Impact: allows an authenticated user to execute arbitrary code on the device. Root ...

CVE-2020-10214

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntpsync.cgi with a sufficiently long parameter ntpserver...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2020-1155)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...