Lucene search
+L

86 matches found

RedHat Linux
RedHat Linux
added 2026/07/08 7:33 p.m.7 views

httpd: mod_authn_socache: NULL pointer dereference can cause a child process crash

A flaw was found in the modauthnsocache module of httpd. This vulnerability allows an unauthenticated remote user to crash a child process due to a NULL pointer dereference when the server is operating in a caching forward proxy configuration...

5.3CVSS6.2AI score0.00514EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/01 9:31 a.m.2 views

httpd: mod_auth_digest: timing attack allows a bypass of digest authentication

A flaw was found in the modauthdigest module of httpd. A remote unauthenticated attacker can bypass digest authentication by measuring timing discrepancies of requests. This issue leads to unauthorized access to resources protected by digest authentication...

4.8CVSS5.9AI score0.00557EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/06/22 3:13 p.m.7 views

httpd: mod_authn_socache: NULL pointer dereference can cause a child process crash

A flaw was found in the modauthnsocache module of httpd. This vulnerability allows an unauthenticated remote user to crash a child process due to a NULL pointer dereference when the server is operating in a caching forward proxy configuration...

5.3CVSS5.9AI score0.00514EPSS
Exploits0References5
OSV
OSV
added 2026/05/22 1:18 p.m.16 views

OESA-2026-2402 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users ar...

6.5CVSS5.8AI score0.00514EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Apache2

Apache HTTP Server versions 2.4.0 to 2.4.46: A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is no report of this overflow being exploitable, nor can the Apache HTTP Server team have created such a report. However, certain compilers and/or compilation options...

7.3CVSS7AI score0.53191EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/11 7:5 p.m.14 views

CVE-2026-33007

A flaw was found in the modauthnsocache module of httpd. This vulnerability allows an unauthenticated remote user to crash a child process due to a NULL pointer dereference when the server is operating in a caching forward proxy configuration. Mitigation Disabling modauthnsocache and restarting...

5.3CVSS5.8AI score0.00514EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2026/05/08 6:28 p.m.234 views

Exploit for Observable Timing Discrepancy in Apache Http_Server

CTT-enhanced-Apache-modauthdigest-timing-attack-exploit CTT-...

4.8CVSS5.8AI score0.00557EPSS
Exploits1
OSV
OSV
added 2026/05/05 8:39 a.m.9 views

BIT-APACHE-2026-33006 Apache HTTP Server: mod_auth_digest timing attack

A timing attack against modauthdigest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

4.8CVSS5.8AI score0.00557EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/05/05 1:46 a.m.14 views

SUSE CVE-2026-33006

A timing attack against modauthdigest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

7.4CVSS5.8AI score0.00557EPSS
Exploits1References9
OSV
OSV
added 2026/05/05 12:0 a.m.7 views

UBUNTU-CVE-2026-33006

A timing attack against modauthdigest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

4.8CVSS5.8AI score0.00557EPSS
Exploits1References3
OSV
OSV
added 2026/05/05 12:0 a.m.9 views

UBUNTU-CVE-2026-33007

A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

5.3CVSS5.8AI score0.00514EPSS
Exploits0References3
NVD
NVD
added 2026/05/04 3:16 p.m.14 views

CVE-2026-33007

A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

5.3CVSS0.00514EPSS
Exploits0References2
NVD
NVD
added 2026/05/04 3:16 p.m.18 views

CVE-2026-33006

A timing attack against modauthdigest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

4.8CVSS0.00557EPSS
Exploits1References2
OSV
OSV
added 2026/05/04 3:16 p.m.5 views

DEBIAN-CVE-2026-33006

A timing attack against modauthdigest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

4.8CVSS5.8AI score0.00557EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/04 2:42 p.m.11 views

EUVD-2026-26961

A timing attack against modauthdigest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

4.8CVSS5.8AI score0.00557EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/04 2:42 p.m.8 views

CVE-2026-33006 Apache HTTP Server: mod_auth_digest timing attack

A timing attack against modauthdigest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

5.8AI score0.00557EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/05/04 2:42 p.m.12 views

CVE-2026-33006

A timing attack against modauthdigest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

4.8CVSS5.8AI score0.00557EPSS
Exploits1
Debian CVE
Debian CVE
added 2026/05/04 2:41 p.m.18 views

CVE-2026-33007

A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

5.3CVSS5.8AI score0.00514EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/04 2:41 p.m.143 views

CVE-2026-33007 Apache HTTP Server: mod_authn_socache crash

A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

0.00514EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/05/04 2:41 p.m.7 views

CVE-2026-33007

A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

5.3CVSS5.8AI score0.00514EPSS
Exploits0
Rows per page
Query Builder