CVSS: 7.5EPSS: 97%CPEs: 22EXPL: 9CVE-2017-9798 – Apache < 2.2.34 / < 2.4.27 - OPTIONS Memory Leak
https://notcve.org/view.php?id=CVE-2017-9798
18 Sep 2017 — Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including config... • https://packetstorm.news/files/id/181038 • CWE-416: Use After Free •
CVSS: 9.1EPSS: 46%CPEs: 34EXPL: 0CVE-2017-9788 – httpd: Uninitialized memory reflection in mod_auth_digest
https://notcve.org/view.php?id=CVE-2017-9788
13 Jul 2017 — In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service. En Apache httpd, en versiones... • http://www.debian.org/security/2017/dsa-3913 • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-456: Missing Initialization of a Variable •
CVSS: 7.5EPSS: 46%CPEs: 39EXPL: 0CVE-2017-7668 – httpd: ap_find_token() buffer overread
https://notcve.org/view.php?id=CVE-2017-7668
20 Jun 2017 — The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value. Los cambios en el análisis sintáctico estricto de HTTP añadidos en las versiones 2.2.32 y 2.4.24 de Apache httpd introdujeron un error en el análisis de listas... • http://www.debian.org/security/2017/dsa-3896 • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 9.8EPSS: 0%CPEs: 34EXPL: 0CVE-2017-3169 – httpd: mod_ssl NULL pointer dereference
https://notcve.org/view.php?id=CVE-2017-3169
20 Jun 2017 — In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port. En Apache httpd, en versiones 2.2.x anteriores a la 2.2.33 y versiones 2.4.x anteriores a la 2.4.26, mod_ssl podría desreferenciar un puntero NULL cuando los módulos de terceros llaman a ap_hook_process_connection() durante una petición HTTP a un puerto HTPS. A NULL pointer dereference flaw was found in the htt... • http://www.debian.org/security/2017/dsa-3896 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2017-7679 – httpd: mod_mime buffer overread
https://notcve.org/view.php?id=CVE-2017-7679
20 Jun 2017 — In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header. En Apache httpd, en versiones 2.2.x anteriores a la 2.2.33 y versiones 2.4.x anteriores a la 2.4.26, mod_mime puede leer un byte más allá del final de un búfer cuando está enviando una cabecera de respuesta del tipo Content maliciosa. A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME con... • http://www.debian.org/security/2017/dsa-3896 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 9.8EPSS: 1%CPEs: 35EXPL: 0CVE-2017-3167 – httpd: ap_get_basic_auth_pw() authentication bypass
https://notcve.org/view.php?id=CVE-2017-3167
20 Jun 2017 — In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. En Apache httpd, en versiones 2.2.x anteriores a la 2.2.33 y versiones 2.4.x anteriores a la 2.4.26, el uso de ap_get_basic_auth_pw() por parte de módulos de terceros fuera de la fase de autenticación puede dar lugar a que se omitan requisitos de autenticación.. It was discovered that the use of httpd... • http://www.debian.org/security/2017/dsa-3896 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 5%CPEs: 27EXPL: 0CVE-2016-8743 – httpd: Apache HTTP Request Parsing Whitespace Defects
https://notcve.org/view.php?id=CVE-2016-8743
25 Dec 2016 — Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution. El servidor HTTP Apache, en todas las distribuciones... • http://rhn.redhat.com/errata/RHSA-2017-1415.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 2%CPEs: 17EXPL: 0CVE-2016-2161 – httpd: DoS vulnerability in mod_auth_digest
https://notcve.org/view.php?id=CVE-2016-2161
25 Dec 2016 — In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests. En Apache HTTP Server versiones 2.4.0 hasta 2.4.23, una entrada maliciosa a mod_auth_digest puede causar que el servidor se bloquee y cada instancia continúa bloqueado incluso para las peticiones válidas posteriormente. It was discovered that the mod_auth_digest module of httpd did not properly check for memory allocation... • http://rhn.redhat.com/errata/RHSA-2017-1415.html • CWE-20: Improper Input Validation CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 7.5EPSS: 3%CPEs: 17EXPL: 2CVE-2016-0736 – Apache mod_session_crypto - Padding Oracle
https://notcve.org/view.php?id=CVE-2016-0736
23 Dec 2016 — In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle attacks, particularly with CBC. En Apache HTTP Server versiones 2.4.0 hasta 2.4.23, mod_session_crypto fue cifraba su cookie y datos utilizando los cifrados configurados posiblemente con los modos de operación ... • https://packetstorm.news/files/id/140265 • CWE-287: Improper Authentication CWE-310: Cryptographic Issues •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-8612 – mod_cluster: Protocol parsing logic error
https://notcve.org/view.php?id=CVE-2016-8612
16 Dec 2016 — Apache HTTP Server mod_cluster before version httpd 2.4.23 is vulnerable to an Improper Input Validation in the protocol parsing logic in the load balancer resulting in a Segmentation Fault in the serving httpd process. Apache HTTP Server mod_cluster, en versiones anteriores a httpd 2.4.23, es vulnerable a una validación de entradas incorrecta en la lógica de análisis de protocolo en el balanceador de carga, lo que resulta en un fallo de segmentación en el proceso httpd en servicio. An error was found in pr... • http://rhn.redhat.com/errata/RHSA-2016-2957.html • CWE-20: Improper Input Validation •