Gentoo Linux Security Advisory 202208-20 - Multiple vulnerabilities have been discovered in Apache Webserver, the worst of which could result in remote code execution. Versions less than 2.4.54 are affected.
09faf82799a2bf38cabe52ae6e5241cdb6c0783b19a0355526c5faf16d5eadc3Apple Security Advisory 2022-05-16-4 - Security Update 2022-004 Catalina addresses bypass, code execution, denial of service, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
1457e96d61b184fbf3ed170c9802dbce7d15ed833ab54d7784b078ed15b160e1Apple Security Advisory 2022-05-16-3 - macOS Big Sur 11.6.6 addresses bypass, code execution, denial of service, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
af1dee885ed55571356a89ad5ec67b39171a32fbf8125781c35f906717d83516Apple Security Advisory 2022-05-16-2 - macOS Monterey 12.4 addresses buffer overflow, bypass, code execution, denial of service, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
c8eee02086d45b9c9a2776ce254bee0daede9360e0231556fd5fec341d3407c0Red Hat Security Advisory 2022-1389-01 - This release adds the new Apache HTTP Server 2.4.37 Service Pack 11 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10 and includes bug fixes and enhancements. Issues addressed include HTTP request smuggling, buffer overflow, bypass, null pointer, and use-after-free vulnerabilities.
543450d6c14d4c09bcf5947c484b86e571d3712934810fc7815f183da6554438Red Hat Security Advisory 2022-1390-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 Service Pack 11 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10 and includes bug fixes and enhancements. Issues addressed include HTTP request smuggling, buffer overflow, bypass, null pointer, and use-after-free vulnerabilities.
ad0fd16dc55990a0a43914c90f2049b89914071377efc58825ef7d913c3134dbRed Hat Security Advisory 2022-1173-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a HTTP request smuggling vulnerability.
546dfad5d435bc9d02c837eb68e815b5e491629c6d3622ba9db018d1364e178cRed Hat Security Advisory 2022-1137-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include HTTP request smuggling and buffer overflow vulnerabilities.
b39a7c6080b1cae2847b231423056f05a97c0e5a20238cec5a94dafbfb5abf94Red Hat Security Advisory 2022-1139-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include HTTP request smuggling and buffer overflow vulnerabilities.
c60197d5523d3d99056e740ce5a96ff747e708268b8b6f4e9cd374657480d8c3Red Hat Security Advisory 2022-1138-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include HTTP request smuggling and buffer overflow vulnerabilities.
d6c522b85cd5f2bb43034ffbb2c4437062433af9c67d890d6502759a6c8f17beRed Hat Security Advisory 2022-1136-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include HTTP request smuggling and buffer overflow vulnerabilities.
40f070464b4fe9bfbf7bde1c14c3b09c7c643c3d580944e5d6a21257f4c87a08Red Hat Security Advisory 2022-1102-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include an HTTP request smuggling vulnerability.
ec9d7ac58797502651fc13c49accea5e13fa6a6c2e8536287634385c77d74f96Red Hat Security Advisory 2022-1075-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a HTTP request smuggling vulnerability.
c710c4c02abda249e002ec3bcd5f10be8142a92c13f29683fdd7e9205483857eRed Hat Security Advisory 2022-1080-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a HTTP request smuggling vulnerability.
1b74338dd1e9bacad8f084abbf3379030932f4409ce72bbc7ef3398fd5b03678Red Hat Security Advisory 2022-1072-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a HTTP request smuggling vulnerability.
2115a3f783f7413ab36c2a642fc9121bc6ebc641d00023d8e9d05e0fba2204adRed Hat Security Advisory 2022-1045-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a HTTP request smuggling vulnerability.
a300a99dcd3246b0eae8790f758a78c8341cd6c3f90b94877c6bf472554c9982Red Hat Security Advisory 2022-1049-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a HTTP request smuggling vulnerability.
668f4aa8f6b3ae527cb54bab9c1138702da860243e912c685e51162d3b4ac5bcUbuntu Security Notice 5333-2 - USN-5333-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Chamal De Silva discovered that the Apache HTTP Server mod_lua module incorrectly handled certain crafted request bodies. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service.
f4462027486dc7ffc3fdc9c45446e8d7014119b0fd3ed955c5acf7e4e330e343Ubuntu Security Notice 5333-1 - Chamal De Silva discovered that the Apache HTTP Server mod_lua module incorrectly handled certain crafted request bodies. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. James Kettle discovered that the Apache HTTP Server incorrectly closed inbound connection when certain errors are encountered. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack.
f2274ed91214f319945db9e54998b586f4f769e3c012a411aff68bc284d9cb14
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed