what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2021-30641

Status Candidate

Overview

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'

Related Files

Red Hat Security Advisory 2021-4613-01
Posted Nov 11, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4613-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 Service Pack 10 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 9 and includes bug fixes and enhancements. Issues addressed include buffer over-read, heap overflow, integer overflow, and null pointer vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-17567, CVE-2019-20838, CVE-2020-13950, CVE-2020-14155, CVE-2020-35452, CVE-2021-23840, CVE-2021-23841, CVE-2021-26690, CVE-2021-26691, CVE-2021-30641, CVE-2021-3712
SHA-256 | 7b1e67d15601ddde3dd528384cac640b46e2736909b5819f946d6b03cc6bd6e6
Red Hat Security Advisory 2021-4614-01
Posted Nov 11, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4614-01 - This release adds the new Apache HTTP Server 2.4.37 Service Pack 10 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 9 and includes bug fixes and enhancements. Issues addressed include buffer over-read, heap overflow, integer overflow, and null pointer vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-17567, CVE-2019-20838, CVE-2020-13950, CVE-2020-14155, CVE-2020-35452, CVE-2021-23840, CVE-2021-23841, CVE-2021-26690, CVE-2021-26691, CVE-2021-30641, CVE-2021-3712
SHA-256 | a3555e355563c36eebdc4b92edb2589ad06f069ab31a4f11e8f540ccf0ec22b7
Red Hat Security Advisory 2021-4257-03
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4257-03 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a null pointer vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2021-26690, CVE-2021-30641
SHA-256 | 4dcacfdb5924751d025d379f614dc05b4ce914aa907bdc72f4e3b1fd43acd13f
Gentoo Linux Security Advisory 202107-38
Posted Jul 17, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202107-38 - Multiple vulnerabilities have been found in Apache, the worst of which could result in a Denial of Service condition. Versions less than 2.4.48 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2019-17567, CVE-2020-13950, CVE-2020-35452, CVE-2021-26690, CVE-2021-26691, CVE-2021-30641, CVE-2021-31618
SHA-256 | 8bba1de431fcb67772904e99cb924d9e7afb1a5a1821daa37086076c89bcb6a1
Ubuntu Security Notice USN-4994-2
Posted Jun 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4994-2 - USN-4994-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Antonio Morales discovered that the Apache mod_auth_digest module incorrectly handled certain Digest nonces. A remote attacker could possibly use this issue to cause Apache to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-35452, CVE-2021-26690, CVE-2021-26691, CVE-2021-30641
SHA-256 | 591561495ec3ee08e8e7ad9831af2ad7d1a0ec5997d04ef7fe192b2b3d440f4d
Ubuntu Security Notice USN-4994-1
Posted Jun 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4994-1 - Marc Stern discovered that the Apache mod_proxy_http module incorrectly handled certain requests. A remote attacker could possibly use this issue to cause Apache to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. Antonio Morales discovered that the Apache mod_auth_digest module incorrectly handled certain Digest nonces. A remote attacker could possibly use this issue to cause Apache to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-13950, CVE-2020-35452, CVE-2021-26690, CVE-2021-26691, CVE-2021-30641
SHA-256 | a72dd26c36ff7d43b1a3ccbd95cb1d69d70e997aaac6217677f1cd3536ba61f6
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close