what you don't know can hurt you
Showing 1 - 6 of 6 RSS Feed

CVE-2021-30641

Status Candidate

Overview

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'

Related Files

Red Hat Security Advisory 2021-4613-01
Posted Nov 11, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4613-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 Service Pack 10 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 9 and includes bug fixes and enhancements. Issues addressed include buffer over-read, heap overflow, integer overflow, and null pointer vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-17567, CVE-2019-20838, CVE-2020-13950, CVE-2020-14155, CVE-2020-35452, CVE-2021-23840, CVE-2021-23841, CVE-2021-26690, CVE-2021-26691, CVE-2021-30641, CVE-2021-3712
MD5 | 60b8783c0dce857d10c4d42badcdec44
Red Hat Security Advisory 2021-4614-01
Posted Nov 11, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4614-01 - This release adds the new Apache HTTP Server 2.4.37 Service Pack 10 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 9 and includes bug fixes and enhancements. Issues addressed include buffer over-read, heap overflow, integer overflow, and null pointer vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-17567, CVE-2019-20838, CVE-2020-13950, CVE-2020-14155, CVE-2020-35452, CVE-2021-23840, CVE-2021-23841, CVE-2021-26690, CVE-2021-26691, CVE-2021-30641, CVE-2021-3712
MD5 | 66fbc345a9902dd7e5c3c63775ec5f1a
Red Hat Security Advisory 2021-4257-03
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4257-03 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a null pointer vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2021-26690, CVE-2021-30641
MD5 | 39fa344fbe7d7786c63666dbce090808
Gentoo Linux Security Advisory 202107-38
Posted Jul 17, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-38 - Multiple vulnerabilities have been found in Apache, the worst of which could result in a Denial of Service condition. Versions less than 2.4.48 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2019-17567, CVE-2020-13950, CVE-2020-35452, CVE-2021-26690, CVE-2021-26691, CVE-2021-30641, CVE-2021-31618
MD5 | 23480b56ad39430303023d136903921b
Ubuntu Security Notice USN-4994-2
Posted Jun 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4994-2 - USN-4994-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Antonio Morales discovered that the Apache mod_auth_digest module incorrectly handled certain Digest nonces. A remote attacker could possibly use this issue to cause Apache to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-35452, CVE-2021-26690, CVE-2021-26691, CVE-2021-30641
MD5 | 660fa56849544234d133450e4f7d0b84
Ubuntu Security Notice USN-4994-1
Posted Jun 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4994-1 - Marc Stern discovered that the Apache mod_proxy_http module incorrectly handled certain requests. A remote attacker could possibly use this issue to cause Apache to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. Antonio Morales discovered that the Apache mod_auth_digest module incorrectly handled certain Digest nonces. A remote attacker could possibly use this issue to cause Apache to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-13950, CVE-2020-35452, CVE-2021-26690, CVE-2021-26691, CVE-2021-30641
MD5 | 5541c6df78d894101aa9435f63731c3c
Page 1 of 1
Back1Next

File Archive:

December 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    18 Files
  • 2
    Dec 2nd
    11 Files
  • 3
    Dec 3rd
    23 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close