Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-2769)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : httpd (EulerOS-SA-2024-2473)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses.CVE-2023-38709 HTT...

OESA-2024-2101 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or...

DEBIAN-CVE-2024-38477

null pointer dereference in modproxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users are recommended to upgrade to version 2.4.60, which fixes this issue...

Apache HTTP Server Security Vulnerability

Apache HTTP Server is an open source web server from the Apache Foundation USA. The server is fast, reliable, and extensible through a simple API. A security vulnerability exists in Apache HTTP Server 2.4.59 and earlier versions, which stems from a coding issue in modproxy that could bypass...

PT-2024-4623

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.4.59 and earlier Description: The issue is related to the core of the Apache HTTP Server, where malicious or exploitable response headers from backend applications can lead to information disclosure, Server-Side...

Exploit for OS Command Injection in Php

Incident Response Walkthrough: Mitigating a Zero-Day Attack...

Vulnerabilities fixed in Apache HTTP Server

Apache has fixed vulnerabilities in Apache HTTP Server. The vulnerabilities potentially allow a malicious party to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Apache has released updates to fix the vulnerabilities in Apache server 2.4.59...

BIT-APACHE-2024-24795 Apache HTTP Server: HTTP Response Splitting in multiple modules

HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this issue...

CVE-2024-24795

HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this issue...

CVE-2024-24795

HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this issue...

CVE-2024-24795

CVE-2024-24795 (httpd) describes HTTP response splitting in multiple Apache HTTP Server modules when malicious response headers can be injected into backend applications, enabling HTTP desynchronization. The vulnerability is mitigated by upgrading to Apache HTTP Server 2.4.59, as indicated across...

CVE-2024-24795 Apache HTTP Server: HTTP Response Splitting in multiple modules

HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this issue...

KLA65470 Multiple vulnerabilities in Apache HTTP Server

Multiple vulnerabilities were found in Apache HTTP Server. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. HTTP Response splitting vulnerability can be exploited to execute arbitrary code. 2...