19 matches found
CBL Mariner 2.0 Security Update: httpd (CVE-2024-40898)
The version of httpd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-40898 advisory. - SSRF in Apache HTTP Server on Windows with modrewrite in server/vhost context, allows to potentially leak NTM...
BIT-APACHE-2024-40898 Apache HTTP Server: SSRF with mod_rewrite in server/vhost context on Windows
SSRF in Apache HTTP Server on Windows with modrewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue...
CVE-2024-40898
A flaw was found in HTTPd on Windows systems. This issue potentially allows NTLM hashes to be leaked via modrewrite in server/vhost context to a malicious server via Server-side request forgery SSRF and malicious requests or content. Mitigation Mitigation for this issue is either not available or...
Mageia: Security Advisory (MGASA-2024-0272)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CBL Mariner 2.0 Security Update: httpd (CVE-2024-38472)
The version of httpd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-38472 advisory. - SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF a...
CVE-2024-38472
A flaw was found in httpd on Windows systems. This issue potentially allows NTLM hashes to be leaked to a malicious server via Server-side request forgery SSRF and malicious requests or content...
CVE-2024-40898
SSRF in Apache HTTP Server on Windows with modrewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue...
CVE-2024-40898
SSRF in Apache HTTP Server on Windows with modrewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue...
CVE-2024-40898
SSRF in Apache HTTP Server on Windows with modrewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue...
CVE-2024-40898
The CVE-2024-40898 entry describes an SSRF vulnerability in Apache HTTP Server on Windows when using mod_rewrite in the server/vhost context. The issue can allow leaking NTLM hashes to a malicious server via crafted requests. Affected software is Apache HTTP Server; the remediation is to upgrade ...
CVE-2024-40898 Apache HTTP Server: SSRF with mod_rewrite in server/vhost context on Windows
SSRF in Apache HTTP Server on Windows with modrewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue...
Apache 2.4.60 < 2.4.62 Multiple Vulnerabilities
The version of Apache httpd installed on the remote host is prior to 2.4.62. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.62 advisory. - A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based...
BIT-APACHE-2024-38472
SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.60 which fixes this issue. Note: Existing configurations that access UNC paths will have to configure new...
Internet Bug Bounty: important: Apache HTTP Server on WIndows UNC SSRF (CVE-2024-38472)
The Apache HTTP Server on Windows contained a SSRF vulnerability CVE-2024-38472 that allowed potential leakage of NTLM hashes to a malicious server. The vulnerability was reported through the official Apache HTTP Server security email on April 1, 2024 and was fixed in version 2.4.60 released on...
CVE-2024-38472
SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.60 which fixes this issue. Note: Existing configurations that access UNC paths will have to configure new...
CVE-2024-38472
SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.60 which fixes this issue. Note: Existing configurations that access UNC paths will have to configure new...
CVE-2024-38472
SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.60 which fixes this issue. Note: Existing configurations that access UNC paths will have to configure new...
CVE-2024-38472
CVE-2024-38472 : Apache HTTP Server on Windows is vulnerable to server-side request forgery (SSRF) that could leak NTLM hashes to a malicious server via crafted requests, due to improper validation of Windows UNC/UNC paths. The issue is addressed by upgrading to Apache HTTP Server 2.4.60 (as note...
CVE-2024-38472 Apache HTTP Server on WIndows UNC SSRF
SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.60 which fixes this issue. Note: Existing configurations that access UNC paths will have to configure new...