CVE-2023-38709

Related Files

Ubuntu Security Notice USN-6729-3

Posted Apr 29, 2024

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6729-3 - USN-6729-1 fixed vulnerabilities in Apache HTTP Server. This update provides the corresponding updates for Ubuntu 24.04 LTS. Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. Keran Mu and Jianjun Chen discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. Bartek Nowotarski discovered that the Apache HTTP Server HTTP/2 module incorrectly handled endless continuation frames. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service.

tags | advisory, remote, web, denial of service, vulnerability

systems | linux, ubuntu

advisories | CVE-2023-38709, CVE-2024-24795, CVE-2024-27316

SHA-256 | 64bc41b5243d484a6b2e16655cb72ea9b8aa3a19737b46627dbb01cfa4e8fb4e

Download | Favorite | View

Ubuntu Security Notice USN-6729-2

Posted Apr 18, 2024

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6729-2 - USN-6729-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks.

tags | advisory, remote, web, vulnerability

systems | linux, ubuntu

advisories | CVE-2023-38709, CVE-2024-24795, CVE-2024-27316

SHA-256 | 48e8f6ab38e454ffe37a65ae74aa96cb5b3942a28276a0cc0f3a974d4716ae83

Download | Favorite | View

Debian Security Advisory 5662-1

Posted Apr 17, 2024

Authored by Debian | Site debian.org

Debian Linux Security Advisory 5662-1 - Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in HTTP response splitting or denial of service.

tags | advisory, web, denial of service, vulnerability

systems | linux, debian

advisories | CVE-2023-31122, CVE-2023-38709, CVE-2023-43622, CVE-2023-45802, CVE-2024-24795, CVE-2024-27316

SHA-256 | 91dd197c5a6d8baaed2ebca649cbbb006dfaa18a448d23acca955357225d36eb

Download | Favorite | View

Ubuntu Security Notice USN-6729-1

Posted Apr 12, 2024

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6729-1 - Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. Keran Mu and Jianjun Chen discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks.

tags | advisory, remote, web

systems | linux, ubuntu

advisories | CVE-2023-38709, CVE-2024-24795, CVE-2024-27316

SHA-256 | b6b856a665b8ccd0c761b17ac9d0990bb16f01e11f4e9c76e440d6681ef8b0fd

Download | Favorite | View