what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

CVE-2021-44790

Status Candidate

Overview

A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.

Related Files

Apache 2.4.x Buffer Overflow
Posted Apr 3, 2023
Authored by Sunil Iyengar

Apache versions 2.4.x before 2.4.51 suffer from a buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2021-44790
SHA-256 | 6a6c99d5716acf1681cb083650a22a4be9cc12142ce87b080fb71192a5a3b67e
Gentoo Linux Security Advisory 202208-20
Posted Aug 15, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202208-20 - Multiple vulnerabilities have been discovered in Apache Webserver, the worst of which could result in remote code execution. Versions less than 2.4.54 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-39275, CVE-2021-40438, CVE-2021-41524, CVE-2021-41773, CVE-2021-42013, CVE-2021-44224, CVE-2021-44790, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943
SHA-256 | 09faf82799a2bf38cabe52ae6e5241cdb6c0783b19a0355526c5faf16d5eadc3
Apple Security Advisory 2022-05-16-4
Posted May 17, 2022
Authored by Apple | Site apple.com

Apple Security Advisory 2022-05-16-4 - Security Update 2022-004 Catalina addresses bypass, code execution, denial of service, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2018-25032, CVE-2021-44224, CVE-2021-44790, CVE-2021-45444, CVE-2022-0530, CVE-2022-0778, CVE-2022-22589, CVE-2022-22663, CVE-2022-22665, CVE-2022-22674, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23308, CVE-2022-26697, CVE-2022-26698, CVE-2022-26714, CVE-2022-26715, CVE-2022-26720, CVE-2022-26721, CVE-2022-26722, CVE-2022-26726, CVE-2022-26727, CVE-2022-26728, CVE-2022-26746, CVE-2022-26748
SHA-256 | 1457e96d61b184fbf3ed170c9802dbce7d15ed833ab54d7784b078ed15b160e1
Apple Security Advisory 2022-05-16-3
Posted May 17, 2022
Authored by Apple | Site apple.com

Apple Security Advisory 2022-05-16-3 - macOS Big Sur 11.6.6 addresses bypass, code execution, denial of service, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | apple
advisories | CVE-2018-25032, CVE-2021-4136, CVE-2021-4166, CVE-2021-4173, CVE-2021-4187, CVE-2021-4192, CVE-2021-4193, CVE-2021-44224, CVE-2021-44790, CVE-2021-45444, CVE-2021-46059, CVE-2022-0128, CVE-2022-0530, CVE-2022-0778, CVE-2022-22589, CVE-2022-22663, CVE-2022-22665, CVE-2022-22674, CVE-2022-22675, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23308, CVE-2022-26697, CVE-2022-26698, CVE-2022-26706, CVE-2022-26712
SHA-256 | af1dee885ed55571356a89ad5ec67b39171a32fbf8125781c35f906717d83516
Apple Security Advisory 2022-05-16-2
Posted May 17, 2022
Authored by Apple | Site apple.com

Apple Security Advisory 2022-05-16-2 - macOS Monterey 12.4 addresses buffer overflow, bypass, code execution, denial of service, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2018-25032, CVE-2021-44224, CVE-2021-44790, CVE-2021-45444, CVE-2022-0530, CVE-2022-0778, CVE-2022-22677, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23308, CVE-2022-26693, CVE-2022-26694, CVE-2022-26697, CVE-2022-26698, CVE-2022-26700, CVE-2022-26701, CVE-2022-26704, CVE-2022-26706, CVE-2022-26708, CVE-2022-26709, CVE-2022-26710, CVE-2022-26711, CVE-2022-26712, CVE-2022-26714, CVE-2022-26715
SHA-256 | c8eee02086d45b9c9a2776ce254bee0daede9360e0231556fd5fec341d3407c0
Red Hat Security Advisory 2022-1137-01
Posted Apr 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1137-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include HTTP request smuggling and buffer overflow vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2021-44790, CVE-2022-22720
SHA-256 | b39a7c6080b1cae2847b231423056f05a97c0e5a20238cec5a94dafbfb5abf94
Red Hat Security Advisory 2022-1139-01
Posted Apr 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1139-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include HTTP request smuggling and buffer overflow vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2021-44790, CVE-2022-22720
SHA-256 | c60197d5523d3d99056e740ce5a96ff747e708268b8b6f4e9cd374657480d8c3
Red Hat Security Advisory 2022-1138-01
Posted Apr 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1138-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include HTTP request smuggling and buffer overflow vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2021-44790, CVE-2022-22720
SHA-256 | d6c522b85cd5f2bb43034ffbb2c4437062433af9c67d890d6502759a6c8f17be
Red Hat Security Advisory 2022-1136-01
Posted Apr 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1136-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include HTTP request smuggling and buffer overflow vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2021-44790, CVE-2022-22720
SHA-256 | 40f070464b4fe9bfbf7bde1c14c3b09c7c643c3d580944e5d6a21257f4c87a08
Red Hat Security Advisory 2022-0682-01
Posted Feb 28, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0682-01 - OpenShift GitOps v1.3.4 on OCP 4.7-4.9 Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a traversal vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-44790, CVE-2022-24348
SHA-256 | 2a065937d0d658441015a3945dc5716db5be87649f22c19ccb83de2aa84dafaf
Debian Security Advisory 5035-1
Posted Jan 28, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5035-1 - Two vulnerabilities have been discovered in the Apache HTTP server.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2021-44224, CVE-2021-44790
SHA-256 | 74130339f145e6082d22a1c8764d36b4c4c38ffa489b04b343398f32762844fe
Red Hat Security Advisory 2022-0303-02
Posted Jan 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0303-02 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a buffer overflow vulnerability.

tags | advisory, web, overflow
systems | linux, redhat
advisories | CVE-2021-44790
SHA-256 | 102f97515e84e14f93a9cd7b93098bdf0b40749fe342b272ebee131d1de43286
Red Hat Security Advisory 2022-0288-02
Posted Jan 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0288-02 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a buffer overflow vulnerability.

tags | advisory, web, overflow
systems | linux, redhat
advisories | CVE-2021-44790
SHA-256 | 27470758eb8ce85ae3e9bc8cc589cb75c5c5877711f79e2205b5d8a0b4aec167
Red Hat Security Advisory 2022-0258-02
Posted Jan 26, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0258-02 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a buffer overflow vulnerability.

tags | advisory, web, overflow
systems | linux, redhat
advisories | CVE-2021-44790
SHA-256 | 84978a26c8f91408ff21f51246cdfe63707f797d09b7ce7c513fa0cab885efd9
Red Hat Security Advisory 2022-0143-03
Posted Jan 17, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0143-03 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include buffer overflow, heap overflow, null pointer, and out of bounds write vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2021-26691, CVE-2021-34798, CVE-2021-39275, CVE-2021-44790
SHA-256 | 993d65cc4d7eadca4cea6c60c8198364bfc401da9dbb986b3cd49ef745d51828
Ubuntu Security Notice USN-5212-2
Posted Jan 10, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5212-2 - USN-5212-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that the Apache HTTP Server incorrectly handled certain forward proxy requests. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly perform a Server Side Request Forgery attack.

tags | advisory, remote, web, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-44224, CVE-2021-44790
SHA-256 | 16d5ff8882fe2a2094f084a8014b7b5b2ff0ac6d902a94cc2a10f9947524ecd6
Ubuntu Security Notice USN-5212-1
Posted Jan 6, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5212-1 - It was discovered that the Apache HTTP Server incorrectly handled certain forward proxy requests. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly perform a Server Side Request Forgery attack. It was discovered that the Apache HTTP Server Lua module incorrectly handled memory in the multipart parser. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, web, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-44224, CVE-2021-44790
SHA-256 | 720562c2963cbcdb5ebd4105b577dec64e35d188b21a7bd642506a9284fda762
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close