54 matches found
EUVD-2022-32782
Malicious code in bioql PyPI...
Apache mod_isapi Dangling Pointer
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache modisapi Dangling Pointer', 'Description' = %q This module triggers a use-after-free vulnerability in the Apache Software Foundation...
Apache 2.4.x < 2.4.54 Out-Of-Bounds Read (CVE-2022-28330)
The version of Apache httpd installed on the remote host is prior to 2.4.54. It is, therefore, affected by an out-of-bounds read vulnerability as referenced in the 2.4.54 advisory. - Read beyond bounds in modisapi: Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when...
BIT-APACHE-2022-28330 read beyond bounds in mod_isapi
Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the modisapi module...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-2905)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.10.0 : httpd (EulerOS-SA-2022-2905)
According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the modisapi...
Amazon Linux 2022 : httpd, httpd-core, httpd-devel (ALAS2022-2022-202)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-202 advisory. An HTTP request smuggling vulnerability was found in the modproxyajp module of httpd. This flaw allows an attacker to smuggle requests to the AJP server, where it forwards requests...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-2685)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-2653)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : httpd (EulerOS-SA-2022-2685)
According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the modisapi module...
EulerOS 2.0 SP10 : httpd (EulerOS-SA-2022-2653)
According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the modisapi module...
EulerOS Virtualization 2.9.1 : httpd (EulerOS-SA-2022-2347)
According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an...
EulerOS Virtualization 2.9.0 : httpd (EulerOS-SA-2022-2383)
According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an...
EulerOS 2.0 SP9 : httpd (EulerOS-SA-2022-2320)
According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to...
EulerOS 2.0 SP9 : httpd (EulerOS-SA-2022-2291)
According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to...
Amazon Linux 2022 : httpd, httpd-core, httpd-devel (ALAS2022-2022-110)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-110 advisory. An HTTP request smuggling vulnerability was found in the modproxyajp module of httpd. This flaw allows an attacker to smuggle requests to the AJP server, where it forwards requests...
The vulnerability of the mod_isapi module in the Apache HTTP Server allows a hacker to cause a service failure.
The vulnerability of the modisapi module in the Apache HTTP Server is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure by sending a specially crafted HTTP request...
ROS-20220628-01
A vulnerability in the Apache HTTP web server is related to insufficient validation of user-entered data during the HTTP requests to the lua script that calls r:parsebody0. Exploitation of the vulnerability could allow an attacker acting remotely to send a very large HTTP request to a vulnerable...
Out-of-Bounds Read
Apache HTTP Server is vulnerable to out of bounds read. The vulnerability exists due to a memory corruption when configured to process requests with the modisapi module...
Apache 2.4.x < 2.4.54 Multiple Vulnerabilities
According to its banner, the version of Apache running on the remote host is 2.4.x prior to 2.4.54. It is, therefore, affected by multiple vulnerabilities: - Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker...