Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2019/01/09 12:0 a.m.42 views

Apache 2.4.x < 2.4.12 Multiple Vulnerabilities

According to its banner, the version of Apache 2.4.x running on the remote host is prior to 2.4.12. It is, therefore, affected by the following vulnerabilities : - A flaw exists in module modheaders that can allow HTTP trailers to replace HTTP headers late during request processing, which a remot...

5CVSS7.2AI score0.60205EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2015/06/02 12:0 a.m.56 views

SUSE SLES12 Security Update : apache2 (SUSE-SU-2015:0974-1)

Apache2 updated to fix four security issues and one non-security bug. The following vulnerabilities have been fixed : - modheaders rules could be bypassed via chunked requests. Adds 'MergeTrailers' directive to restore legacy behavior. bsc871310, CVE-2013-5704 - An empty value in Content-Type cou...

5CVSS6.4AI score0.60205EPSS
Exploits2References15
OpenVAS
OpenVAS
added 2015/05/27 12:0 a.m.38 views

Apache HTTP Server 'mod_lua' Denial of Service Vulnerability (May 2015)

Apache HTTP Server is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.3CVSS6.7AI score0.22016EPSS
Exploits0References3
OSV
OSV
added 2015/04/10 12:24 p.m.8 views

SUSE-SU-2015:0974-1 Security update for apache2

Apache2 updated to fix four security issues and one non-security bug. The following vulnerabilities have been fixed: - modheaders rules could be bypassed via chunked requests. Adds 'MergeTrailers' directive to restore legacy behavior. bsc871310, CVE-2013-5704 - An empty value in Content-Type coul...

5CVSS5.6AI score0.60205EPSS
Exploits2References11
Tenable Nessus
Tenable Nessus
added 2015/03/17 12:0 a.m.39 views

Fedora 21 : httpd-2.4.10-15.fc21 (2014-17195)

core: fix bypassing of modheaders rules via chunked requests CVE-2013-5704 - modcache: fix NULL pointer dereference on empty Content-Type CVE-2014-3581 - modproxyfcgi: fix a potential crash with long headers CVE-2014-3583 - modlua: fix handling of the Require line when a LuaAuthzProvider is used...

5CVSS6.3AI score0.60205EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2014/12/30 12:0 a.m.47 views

openSUSE Security Update : apache2 (openSUSE-SU-2014:1726-1)

Apache2 was updated to fix bugs and security issues. Security issues fixed: CVE-2013-5704: Added a change to fix a flaw in the way modheaders handled chunked requests. Adds 'MergeTrailers' directive to restore legacy behavior bnc871310, CVE-2014-8109: Fixes handling of the Require line when a...

5CVSS6.1AI score0.60205EPSS
Exploits2References9
Apache Httpd
Apache Httpd
added 2014/11/09 12:0 a.m.85 views

Apache Httpd < 2.4.12 : mod_lua multiple "Require" directive handling is broken

Fix handling of the Require line in modlua when a LuaAuthzProvider is used in multiple Require directives with different arguments. This could lead to different authentication rules than expected...

4.3CVSS6.9AI score0.22016EPSS
Exploits0Affected Software1
Rows per page
Query Builder