10 matches found
Rocky Linux 8 : httpd:2.4 (RLSA-2021:4257)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4257 advisory. - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by modsession can cause a NULL pointer dereference and crash,...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2021-2779)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4937-1 : apache2 - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-4937 advisory. - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is no report of this overflow...
SUSE SLES15: apache2 / apache2-devel / apache2-doc / apache2-prefork / etc (SUSE-SU-2021:2004-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2004-1 advisory. - CVE-2021-30641: Fixed MergeSlashes regression bsc1187174 - CVE-2021-31618: Fixed NULL pointer dereference on specially crafted...
Ubuntu 16.04 ESM : Apache HTTP Server vulnerabilities (USN-4994-2)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4994-2 advisory. USN-4994-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has...
Denial Of Service(DoS)
Apache HTTP Server is vulnerable to denial of service due to an unexpected matching behavior with 'MergeSlashes OFF'...
CVE-2021-30641
Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'...
CVE-2021-30641
Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'...
CVE-2021-30641
Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'...
CVE-2021-30641
Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'...