var-202301-1527
Vulnerability from variot
A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash.
This issue affects Apache HTTP Server 2.4.54 and earlier. The server is fast, reliable and scalable via a simple API.
For the stable distribution (bullseye), these problems have been fixed in version 2.4.56-1~deb11u1.
We recommend that you upgrade your apache2 packages.
For the detailed security status of apache2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/apache2
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmQYqdQACgkQEMKTtsN8 TjYWeQ//dwKUtLc9oKmjEmiY1QsRsSYdlzMTWA8ow63vdtGD1QU3Xb/CxPSZ22Oh 8zypNP5qtk3m11JA7npd7RNPpF3Gb1V5ebIlKP7GavGBIrGOmvH31hV3IUP4HoXO /mC36BA3twAgyF12HMtdPvj+qaNguYnxXhc02Kt7kl6sq+ybtdCnRnBfJJ2KYXKq tjRedc+HJZa0gSuq9fsFbaQF1OPk1jHEO/ixHhISKhEr1mHO+eLN3soQ9gqaEG/a /0jLUm1ThiBNeK5jkmCXuIuqwwrGHG16Cl9fIKGps1Yb+ef2aJca7onA4IfyUj1d 1S7VmCgFFQe+5eAgdcR77mWS8RyEP/lyItY+ifzGG6xR0EUnDgD7ApcqhZBIJCgU 583Dle+sjvwgb9iSSeNwynqx58Pf4648AJSx6nNlsop4ekE4To5GvKyr/eI3HNqa t9BfVtwqRu4GnnurvJFzh5n2wpRl1JbQMFMx/kxb1He5ioayRtru9guViNA3ylgn d7lbk8FEsvvzS9MM0RVivlWdzD6+FVFHaWoCcwzv+0dFD6iiG5MJMGUr0pElw+ju As6bnKCCoEHU4HK0rKHlVeB6E3Ch7yF+b6PvzZqCqcOE6RB5/I2Nu9S3L78cZWRU nKXf/WHf3Lw+DCB8QKWUBuo0WjkFjmEe/oUCWHGt/UbtXGbSM+E=Bi/w -----END PGP SIGNATURE----- . This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Bugs fixed (https://bugzilla.redhat.com/):
2152639 - CVE-2022-43551 curl: HSTS bypass via IDN 2152652 - CVE-2022-43552 curl: Use-after-free triggered by an HTTP proxy deny response 2161774 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write of zero byte 2164440 - CVE-2023-0286 openssl: X.400 address type confusion in X.509 GeneralName 2164487 - CVE-2022-4304 openssl: timing attack in RSA Decryption implementation 2164492 - CVE-2023-0215 openssl: use-after-free following BIO_new_NDEF 2164494 - CVE-2022-4450 openssl: double free after calling PEM_read_bio_ex 2167797 - CVE-2023-23914 curl: HSTS ignored on multiple requests 2167813 - CVE-2023-23915 curl: HSTS amnesia with --parallel 2167815 - CVE-2023-23916 curl: HTTP multi-header compression denial of service 2169652 - CVE-2022-25147 apr-util: out-of-bounds writes in the apr_base64 2176209 - CVE-2023-25690 httpd: HTTP request splitting with mod_rewrite and mod_proxy
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. ========================================================================== Ubuntu Security Notice USN-5839-1 February 01, 2023
apache2 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in Apache HTTP Server. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. (CVE-2022-36760)
Dimas Fariski Setyawan Putra discovered that the Apache HTTP Server mod_proxy module incorrectly truncated certain response headers. This may result in later headers not being interpreted by the client. (CVE-2022-37436)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.10: apache2 2.4.54-2ubuntu1.1
Ubuntu 22.04 LTS: apache2 2.4.52-1ubuntu4.3
Ubuntu 20.04 LTS: apache2 2.4.41-4ubuntu3.13
Ubuntu 18.04 LTS: apache2 2.4.29-1ubuntu4.26
In general, a standard system update will make all the necessary changes. (BZ#2165975)
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: httpd:2.4 security and bug fix update Advisory ID: RHSA-2023:0852-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:0852 Issue date: 2023-02-21 CVE Names: CVE-2006-20001 CVE-2022-36760 CVE-2022-37436 ==================================================================== 1. Summary:
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
Security Fix(es):
-
httpd: mod_dav: out-of-bounds read/write of zero byte (CVE-2006-20001)
-
httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-36760)
-
httpd: mod_proxy: HTTP response splitting (CVE-2022-37436)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
-
httpd-init fails to create localhost.crt, localhost.key due to "sscg" default now creates a /dhparams.pem and is not idempotent if the file /dhparams.pem already exists. (BZ#2165967)
-
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the updated packages, the httpd daemon will be restarted automatically.
- Bugs fixed (https://bugzilla.redhat.com/):
2161773 - CVE-2022-37436 httpd: mod_proxy: HTTP response splitting 2161774 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write of zero byte 2161777 - CVE-2022-36760 httpd: mod_proxy_ajp: Possible request smuggling 2165967 - httpd-init fails to create localhost.crt, localhost.key due to "sscg" default now creates a /dhparams.pem and is not idempotent if the file /dhparams.pem already exists. [rhel-8.7.0.z]
- Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source: httpd-2.4.37-51.module+el8.7.0+18026+7b169787.1.src.rpm mod_http2-1.15.7-5.module+el8.6.0+13996+01710940.src.rpm mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.src.rpm
aarch64: httpd-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm httpd-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm httpd-debugsource-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm httpd-devel-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm httpd-tools-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm httpd-tools-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm mod_http2-1.15.7-5.module+el8.6.0+13996+01710940.aarch64.rpm mod_http2-debuginfo-1.15.7-5.module+el8.6.0+13996+01710940.aarch64.rpm mod_http2-debugsource-1.15.7-5.module+el8.6.0+13996+01710940.aarch64.rpm mod_ldap-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm mod_ldap-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64.rpm mod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64.rpm mod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64.rpm mod_proxy_html-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm mod_proxy_html-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm mod_session-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm mod_session-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm mod_ssl-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm mod_ssl-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm
noarch: httpd-filesystem-2.4.37-51.module+el8.7.0+18026+7b169787.1.noarch.rpm httpd-manual-2.4.37-51.module+el8.7.0+18026+7b169787.1.noarch.rpm
ppc64le: httpd-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm httpd-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm httpd-debugsource-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm httpd-devel-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm httpd-tools-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm httpd-tools-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm mod_http2-1.15.7-5.module+el8.6.0+13996+01710940.ppc64le.rpm mod_http2-debuginfo-1.15.7-5.module+el8.6.0+13996+01710940.ppc64le.rpm mod_http2-debugsource-1.15.7-5.module+el8.6.0+13996+01710940.ppc64le.rpm mod_ldap-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm mod_ldap-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le.rpm mod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le.rpm mod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le.rpm mod_proxy_html-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm mod_proxy_html-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm mod_session-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm mod_session-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm mod_ssl-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm mod_ssl-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm
s390x: httpd-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm httpd-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm httpd-debugsource-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm httpd-devel-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm httpd-tools-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm httpd-tools-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm mod_http2-1.15.7-5.module+el8.6.0+13996+01710940.s390x.rpm mod_http2-debuginfo-1.15.7-5.module+el8.6.0+13996+01710940.s390x.rpm mod_http2-debugsource-1.15.7-5.module+el8.6.0+13996+01710940.s390x.rpm mod_ldap-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm mod_ldap-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.s390x.rpm mod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.s390x.rpm mod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.s390x.rpm mod_proxy_html-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm mod_proxy_html-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm mod_session-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm mod_session-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm mod_ssl-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm mod_ssl-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm
x86_64: httpd-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm httpd-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm httpd-debugsource-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm httpd-devel-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm httpd-tools-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm httpd-tools-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm mod_http2-1.15.7-5.module+el8.6.0+13996+01710940.x86_64.rpm mod_http2-debuginfo-1.15.7-5.module+el8.6.0+13996+01710940.x86_64.rpm mod_http2-debugsource-1.15.7-5.module+el8.6.0+13996+01710940.x86_64.rpm mod_ldap-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm mod_ldap-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64.rpm mod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64.rpm mod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64.rpm mod_proxy_html-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm mod_proxy_html-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm mod_session-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm mod_session-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm mod_ssl-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm mod_ssl-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2006-20001 https://access.redhat.com/security/cve/CVE-2022-36760 https://access.redhat.com/security/cve/CVE-2022-37436 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBY/S5HdzjgjWX9erEAQh4bRAAkF3EgQgukNt/nGFBeSNly7ekQ6MZzwx6 /g701Jznu0z/XZM4+lhWIB6Au8sDwHyzp9tL3Mmwb1vSDkJfYMEBNpx22Ku4yr78 AqvAtMbtr3ZRtzlCow12ARhcsoV3mxCNvEs8Gw9ZK7VlJy0bq771jpau14tgZHvU cy3IOQgBUbACHoaJ+C4fpSFtd4ewKuYV9VDQrW08ZhYejF32U/0jFeWKPPAv2VFU gr9EazXKwQp4QF2d/dMOpmuERQNqRWRYKT7SdWykvCIpOjB1NeJ/iTKBK4hZnm3A malqCf3hnWl/6v+ZFRlb62G1UPzVH3xGfNrkBgN96ktGhJ/i7GYKn04zWioP/0mv pp5TsME6BT4J7ykw1SCZRDecFBHXyFKA8E08nXG+/aS9CDiHyUfP2mWyo7wx228Y xUvZYJQA165zaxSC7PG0W52CGeVYhUnBaa1xZKbG00YE+U+eN7KsHnbv+J7VjSnT F2Qm/z4OW1dFZU462VK2XVydYFPBoMormkeHFfOo3N92DdKduOU9rXcL9n++Y8dn 3tpuinfUc82EXeFm79HkVPaKz2R7/sm+dsylaC5QUkJqcbTahAYF2JgrkyfSWA9/ iY86qqDT17rd84adrQfXojb5hc4AKqVMJZuRJv5OGsj7SH/qiCGbYAtUDLf4C31G sw6Iqa1wZ18=EViL -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202309-01
https://security.gentoo.org/
Severity: Low Title: Apache HTTPD: Multiple Vulnerabilities Date: September 08, 2023 Bugs: #891211, #900416 ID: 202309-01
Synopsis
Multiple vulnerabilities have been discovered in Apache HTTPD, the worst of which could result in denial of service. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All Apache HTTPD users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-servers/apache-2.4.56"
References
[ 1 ] CVE-2006-20001 https://nvd.nist.gov/vuln/detail/CVE-2006-20001 [ 2 ] CVE-2022-36760 https://nvd.nist.gov/vuln/detail/CVE-2022-36760 [ 3 ] CVE-2022-37436 https://nvd.nist.gov/vuln/detail/CVE-2022-37436 [ 4 ] CVE-2023-25690 https://nvd.nist.gov/vuln/detail/CVE-2023-25690 [ 5 ] CVE-2023-27522 https://nvd.nist.gov/vuln/detail/CVE-2023-27522
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202309-01
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202301-1527", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "http server", "scope": "lt", "trust": 1.6, "vendor": "apache", "version": "2.4.55" }, { "model": "webotx application server", "scope": null, "trust": 0.8, "vendor": "\u65e5\u672c\u96fb\u6c17", "version": null }, { "model": "\u5f97\u9078\u8857\u30fbgcb", "scope": null, "trust": 0.8, "vendor": "\u65e5\u672c\u96fb\u6c17", "version": null }, { "model": "neoface monitor", "scope": null, "trust": 0.8, "vendor": "\u65e5\u672c\u96fb\u6c17", "version": null }, { "model": "connexive pf", "scope": null, "trust": 0.8, "vendor": "\u65e5\u672c\u96fb\u6c17", "version": null }, { "model": "http server", "scope": null, "trust": 0.8, "vendor": "apache", "version": null }, { "model": "\u65e5\u7acb\u9ad8\u4fe1\u983c\u30b5\u30fc\u30d0 rv3000", "scope": null, "trust": 0.8, "vendor": "\u65e5\u7acb", "version": null }, { "model": "spoolserver/reportfiling", "scope": null, "trust": 0.8, "vendor": "\u65e5\u672c\u96fb\u6c17", "version": null } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-80558" }, { "db": "JVNDB", "id": "JVNDB-2006-004077" }, { "db": "NVD", "id": "CVE-2006-20001" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.4.55", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2006-20001" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Red Hat", "sources": [ { "db": "PACKETSTORM", "id": "172734" }, { "db": "PACKETSTORM", "id": "172731" }, { "db": "PACKETSTORM", "id": "171178" }, { "db": "PACKETSTORM", "id": "171079" } ], "trust": 0.4 }, "cve": "CVE-2006-20001", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2023-80558", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2006-20001", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2006-20001", "trust": 1.8, "value": "HIGH" }, { "author": "CNVD", "id": "CNVD-2023-80558", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202301-1294", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-80558" }, { "db": "JVNDB", "id": "JVNDB-2006-004077" }, { "db": "CNNVD", "id": "CNNVD-202301-1294" }, { "db": "NVD", "id": "CVE-2006-20001" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash. \n\nThis issue affects Apache HTTP Server 2.4.54 and earlier. The server is fast, reliable and scalable via a simple API. \n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 2.4.56-1~deb11u1. \n\nWe recommend that you upgrade your apache2 packages. \n\nFor the detailed security status of apache2 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/apache2\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmQYqdQACgkQEMKTtsN8\nTjYWeQ//dwKUtLc9oKmjEmiY1QsRsSYdlzMTWA8ow63vdtGD1QU3Xb/CxPSZ22Oh\n8zypNP5qtk3m11JA7npd7RNPpF3Gb1V5ebIlKP7GavGBIrGOmvH31hV3IUP4HoXO\n/mC36BA3twAgyF12HMtdPvj+qaNguYnxXhc02Kt7kl6sq+ybtdCnRnBfJJ2KYXKq\ntjRedc+HJZa0gSuq9fsFbaQF1OPk1jHEO/ixHhISKhEr1mHO+eLN3soQ9gqaEG/a\n/0jLUm1ThiBNeK5jkmCXuIuqwwrGHG16Cl9fIKGps1Yb+ef2aJca7onA4IfyUj1d\n1S7VmCgFFQe+5eAgdcR77mWS8RyEP/lyItY+ifzGG6xR0EUnDgD7ApcqhZBIJCgU\n583Dle+sjvwgb9iSSeNwynqx58Pf4648AJSx6nNlsop4ekE4To5GvKyr/eI3HNqa\nt9BfVtwqRu4GnnurvJFzh5n2wpRl1JbQMFMx/kxb1He5ioayRtru9guViNA3ylgn\nd7lbk8FEsvvzS9MM0RVivlWdzD6+FVFHaWoCcwzv+0dFD6iiG5MJMGUr0pElw+ju\nAs6bnKCCoEHU4HK0rKHlVeB6E3Ch7yF+b6PvzZqCqcOE6RB5/I2Nu9S3L78cZWRU\nnKXf/WHf3Lw+DCB8QKWUBuo0WjkFjmEe/oUCWHGt/UbtXGbSM+E=Bi/w\n-----END PGP SIGNATURE-----\n. This software, such as Apache HTTP Server, is\ncommon to multiple JBoss middleware products, and is packaged under Red Hat\nJBoss Core Services to allow for faster distribution of updates, and for a\nmore consistent update experience. \n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51\nService Pack 2 serves as a replacement for Red Hat JBoss Core Services\nApache HTTP Server 2.4.51 Service Pack 1, and includes bug fixes and\nenhancements, which are documented in the Release Notes document linked to\nin the References. Bugs fixed (https://bugzilla.redhat.com/):\n\n2152639 - CVE-2022-43551 curl: HSTS bypass via IDN\n2152652 - CVE-2022-43552 curl: Use-after-free triggered by an HTTP proxy deny response\n2161774 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write of zero byte\n2164440 - CVE-2023-0286 openssl: X.400 address type confusion in X.509 GeneralName\n2164487 - CVE-2022-4304 openssl: timing attack in RSA Decryption implementation\n2164492 - CVE-2023-0215 openssl: use-after-free following BIO_new_NDEF\n2164494 - CVE-2022-4450 openssl: double free after calling PEM_read_bio_ex\n2167797 - CVE-2023-23914 curl: HSTS ignored on multiple requests\n2167813 - CVE-2023-23915 curl: HSTS amnesia with --parallel\n2167815 - CVE-2023-23916 curl: HTTP multi-header compression denial of service\n2169652 - CVE-2022-25147 apr-util: out-of-bounds writes in the apr_base64\n2176209 - CVE-2023-25690 httpd: HTTP request splitting with mod_rewrite and mod_proxy\n\n6. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. ==========================================================================\nUbuntu Security Notice USN-5839-1\nFebruary 01, 2023\n\napache2 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 22.10\n- Ubuntu 22.04 LTS\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in Apache HTTP Server. A remote attacker could\npossibly use this issue to perform an HTTP Request Smuggling attack. \n(CVE-2022-36760)\n\nDimas Fariski Setyawan Putra discovered that the Apache HTTP Server\nmod_proxy module incorrectly truncated certain response headers. This may\nresult in later headers not being interpreted by the client. \n(CVE-2022-37436)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 22.10:\n apache2 2.4.54-2ubuntu1.1\n\nUbuntu 22.04 LTS:\n apache2 2.4.52-1ubuntu4.3\n\nUbuntu 20.04 LTS:\n apache2 2.4.41-4ubuntu3.13\n\nUbuntu 18.04 LTS:\n apache2 2.4.29-1ubuntu4.26\n\nIn general, a standard system update will make all the necessary changes. (BZ#2165975)\n\n4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Moderate: httpd:2.4 security and bug fix update\nAdvisory ID: RHSA-2023:0852-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2023:0852\nIssue date: 2023-02-21\nCVE Names: CVE-2006-20001 CVE-2022-36760 CVE-2022-37436\n====================================================================\n1. Summary:\n\nAn update for the httpd:2.4 module is now available for Red Hat Enterprise\nLinux 8. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. \n\nSecurity Fix(es):\n\n* httpd: mod_dav: out-of-bounds read/write of zero byte (CVE-2006-20001)\n\n* httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-36760)\n\n* httpd: mod_proxy: HTTP response splitting (CVE-2022-37436)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nBug Fix(es):\n\n* httpd-init fails to create localhost.crt, localhost.key due to \"sscg\"\ndefault now creates a /dhparams.pem and is not idempotent if the file\n/dhparams.pem already exists. (BZ#2165967)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n2161773 - CVE-2022-37436 httpd: mod_proxy: HTTP response splitting\n2161774 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write of zero byte\n2161777 - CVE-2022-36760 httpd: mod_proxy_ajp: Possible request smuggling\n2165967 - httpd-init fails to create localhost.crt, localhost.key due to \"sscg\" default now creates a /dhparams.pem and is not idempotent if the file /dhparams.pem already exists. [rhel-8.7.0.z]\n\n6. Package List:\n\nRed Hat Enterprise Linux AppStream (v. 8):\n\nSource:\nhttpd-2.4.37-51.module+el8.7.0+18026+7b169787.1.src.rpm\nmod_http2-1.15.7-5.module+el8.6.0+13996+01710940.src.rpm\nmod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.src.rpm\n\naarch64:\nhttpd-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm\nhttpd-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm\nhttpd-debugsource-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm\nhttpd-devel-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm\nhttpd-tools-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm\nhttpd-tools-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm\nmod_http2-1.15.7-5.module+el8.6.0+13996+01710940.aarch64.rpm\nmod_http2-debuginfo-1.15.7-5.module+el8.6.0+13996+01710940.aarch64.rpm\nmod_http2-debugsource-1.15.7-5.module+el8.6.0+13996+01710940.aarch64.rpm\nmod_ldap-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm\nmod_ldap-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm\nmod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64.rpm\nmod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64.rpm\nmod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64.rpm\nmod_proxy_html-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm\nmod_proxy_html-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm\nmod_session-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm\nmod_session-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm\nmod_ssl-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm\nmod_ssl-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.aarch64.rpm\n\nnoarch:\nhttpd-filesystem-2.4.37-51.module+el8.7.0+18026+7b169787.1.noarch.rpm\nhttpd-manual-2.4.37-51.module+el8.7.0+18026+7b169787.1.noarch.rpm\n\nppc64le:\nhttpd-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm\nhttpd-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm\nhttpd-debugsource-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm\nhttpd-devel-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm\nhttpd-tools-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm\nhttpd-tools-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm\nmod_http2-1.15.7-5.module+el8.6.0+13996+01710940.ppc64le.rpm\nmod_http2-debuginfo-1.15.7-5.module+el8.6.0+13996+01710940.ppc64le.rpm\nmod_http2-debugsource-1.15.7-5.module+el8.6.0+13996+01710940.ppc64le.rpm\nmod_ldap-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm\nmod_ldap-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm\nmod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le.rpm\nmod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le.rpm\nmod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le.rpm\nmod_proxy_html-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm\nmod_proxy_html-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm\nmod_session-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm\nmod_session-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm\nmod_ssl-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm\nmod_ssl-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.ppc64le.rpm\n\ns390x:\nhttpd-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm\nhttpd-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm\nhttpd-debugsource-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm\nhttpd-devel-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm\nhttpd-tools-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm\nhttpd-tools-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm\nmod_http2-1.15.7-5.module+el8.6.0+13996+01710940.s390x.rpm\nmod_http2-debuginfo-1.15.7-5.module+el8.6.0+13996+01710940.s390x.rpm\nmod_http2-debugsource-1.15.7-5.module+el8.6.0+13996+01710940.s390x.rpm\nmod_ldap-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm\nmod_ldap-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm\nmod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.s390x.rpm\nmod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.s390x.rpm\nmod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.s390x.rpm\nmod_proxy_html-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm\nmod_proxy_html-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm\nmod_session-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm\nmod_session-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm\nmod_ssl-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm\nmod_ssl-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.s390x.rpm\n\nx86_64:\nhttpd-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm\nhttpd-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm\nhttpd-debugsource-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm\nhttpd-devel-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm\nhttpd-tools-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm\nhttpd-tools-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm\nmod_http2-1.15.7-5.module+el8.6.0+13996+01710940.x86_64.rpm\nmod_http2-debuginfo-1.15.7-5.module+el8.6.0+13996+01710940.x86_64.rpm\nmod_http2-debugsource-1.15.7-5.module+el8.6.0+13996+01710940.x86_64.rpm\nmod_ldap-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm\nmod_ldap-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm\nmod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64.rpm\nmod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64.rpm\nmod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64.rpm\nmod_proxy_html-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm\nmod_proxy_html-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm\nmod_session-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm\nmod_session-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm\nmod_ssl-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm\nmod_ssl-debuginfo-2.4.37-51.module+el8.7.0+18026+7b169787.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2006-20001\nhttps://access.redhat.com/security/cve/CVE-2022-36760\nhttps://access.redhat.com/security/cve/CVE-2022-37436\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2023 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBY/S5HdzjgjWX9erEAQh4bRAAkF3EgQgukNt/nGFBeSNly7ekQ6MZzwx6\n/g701Jznu0z/XZM4+lhWIB6Au8sDwHyzp9tL3Mmwb1vSDkJfYMEBNpx22Ku4yr78\nAqvAtMbtr3ZRtzlCow12ARhcsoV3mxCNvEs8Gw9ZK7VlJy0bq771jpau14tgZHvU\ncy3IOQgBUbACHoaJ+C4fpSFtd4ewKuYV9VDQrW08ZhYejF32U/0jFeWKPPAv2VFU\ngr9EazXKwQp4QF2d/dMOpmuERQNqRWRYKT7SdWykvCIpOjB1NeJ/iTKBK4hZnm3A\nmalqCf3hnWl/6v+ZFRlb62G1UPzVH3xGfNrkBgN96ktGhJ/i7GYKn04zWioP/0mv\npp5TsME6BT4J7ykw1SCZRDecFBHXyFKA8E08nXG+/aS9CDiHyUfP2mWyo7wx228Y\nxUvZYJQA165zaxSC7PG0W52CGeVYhUnBaa1xZKbG00YE+U+eN7KsHnbv+J7VjSnT\nF2Qm/z4OW1dFZU462VK2XVydYFPBoMormkeHFfOo3N92DdKduOU9rXcL9n++Y8dn\n3tpuinfUc82EXeFm79HkVPaKz2R7/sm+dsylaC5QUkJqcbTahAYF2JgrkyfSWA9/\niY86qqDT17rd84adrQfXojb5hc4AKqVMJZuRJv5OGsj7SH/qiCGbYAtUDLf4C31G\nsw6Iqa1wZ18=EViL\n-----END PGP SIGNATURE-----\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202309-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Low\n Title: Apache HTTPD: Multiple Vulnerabilities\n Date: September 08, 2023\n Bugs: #891211, #900416\n ID: 202309-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been discovered in Apache HTTPD, the worst\nof which could result in denial of service. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Apache HTTPD users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-servers/apache-2.4.56\"\n\nReferences\n==========\n\n[ 1 ] CVE-2006-20001\n https://nvd.nist.gov/vuln/detail/CVE-2006-20001\n[ 2 ] CVE-2022-36760\n https://nvd.nist.gov/vuln/detail/CVE-2022-36760\n[ 3 ] CVE-2022-37436\n https://nvd.nist.gov/vuln/detail/CVE-2022-37436\n[ 4 ] CVE-2023-25690\n https://nvd.nist.gov/vuln/detail/CVE-2023-25690\n[ 5 ] CVE-2023-27522\n https://nvd.nist.gov/vuln/detail/CVE-2023-27522\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202309-01\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2023 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n", "sources": [ { "db": "NVD", "id": "CVE-2006-20001" }, { "db": "JVNDB", "id": "JVNDB-2006-004077" }, { "db": "CNVD", "id": "CNVD-2023-80558" }, { "db": "VULMON", "id": "CVE-2006-20001" }, { "db": "PACKETSTORM", "id": "171415" }, { "db": "PACKETSTORM", "id": "172734" }, { "db": "PACKETSTORM", "id": "172731" }, { "db": "PACKETSTORM", "id": "170816" }, { "db": "PACKETSTORM", "id": "170830" }, { "db": "PACKETSTORM", "id": "171178" }, { "db": "PACKETSTORM", "id": "171079" }, { "db": "PACKETSTORM", "id": "174566" } ], "trust": 2.97 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2006-20001", "trust": 4.7 }, { "db": "PACKETSTORM", "id": "170830", "trust": 1.3 }, { "db": "PACKETSTORM", "id": "170816", "trust": 1.3 }, { "db": "AUSCERT", "id": "ESB-2023.1118", "trust": 1.2 }, { "db": "AUSCERT", "id": "ESB-2023.3189", "trust": 1.2 }, { "db": "AUSCERT", "id": "ESB-2023.1517", "trust": 1.2 }, { "db": "AUSCERT", "id": "ESB-2023.0791", "trust": 1.2 }, { "db": "AUSCERT", "id": "ESB-2023.1380", "trust": 1.2 }, { "db": "AUSCERT", "id": "ESB-2023.0586", "trust": 1.2 }, { "db": "AUSCERT", "id": "ESB-2023.1252", "trust": 1.2 }, { "db": "AUSCERT", "id": "ESB-2023.0612", "trust": 1.2 }, { "db": "JVN", "id": "JVNVU99928083", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU91198149", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-24-046-11", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2006-004077", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2023-80558", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202301-1294", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2006-20001", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "171415", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "172734", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "172731", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "171178", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "171079", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "174566", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-80558" }, { "db": "VULMON", "id": "CVE-2006-20001" }, { "db": "JVNDB", "id": "JVNDB-2006-004077" }, { "db": "PACKETSTORM", "id": "171415" }, { "db": "PACKETSTORM", "id": "172734" }, { "db": "PACKETSTORM", "id": "172731" }, { "db": "PACKETSTORM", "id": "170816" }, { "db": "PACKETSTORM", "id": "170830" }, { "db": "PACKETSTORM", "id": "171178" }, { "db": "PACKETSTORM", "id": "171079" }, { "db": "PACKETSTORM", "id": "174566" }, { "db": "CNNVD", "id": "CNNVD-202301-1294" }, { "db": "NVD", "id": "CVE-2006-20001" } ] }, "id": "VAR-202301-1527", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2023-80558" } ], "trust": 0.06 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "Network device" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-80558" } ] }, "last_update_date": "2024-07-23T19:32:40.354000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "hitachi-sec-2023-217", "trust": 0.8, "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "title": "Patch for Apache HTTP Server buffer overflow vulnerability (CNVD-2023-80558)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/471781" }, { "title": "Apache HTTP Server Buffer error vulnerability fix", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=222513" }, { "title": "Red Hat: ", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2006-20001" }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2006-20001 " } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-80558" }, { "db": "VULMON", "id": "CVE-2006-20001" }, { "db": "JVNDB", "id": "JVNDB-2006-004077" }, { "db": "CNNVD", "id": "CNNVD-202301-1294" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-787", "trust": 1.0 }, { "problemtype": "Out-of-bounds writing (CWE-787) [ others ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2006-004077" }, { "db": "NVD", "id": "CVE-2006-20001" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.7, "url": "https://security.gentoo.org/glsa/202309-01" }, { "trust": 1.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2006-20001" }, { "trust": 1.2, "url": "https://www.auscert.org.au/bulletins/esb-2023.1380" }, { "trust": 1.2, "url": "https://www.auscert.org.au/bulletins/esb-2023.1517" }, { "trust": 1.2, "url": "https://cxsecurity.com/cveshow/cve-2006-20001/" }, { "trust": 1.2, "url": "https://www.auscert.org.au/bulletins/esb-2023.0612" }, { "trust": 1.2, "url": "https://www.auscert.org.au/bulletins/esb-2023.1118" }, { "trust": 1.2, "url": "https://packetstormsecurity.com/files/170816/ubuntu-security-notice-usn-5834-1.html" }, { "trust": 1.2, "url": "https://packetstormsecurity.com/files/170830/ubuntu-security-notice-usn-5839-1.html" }, { "trust": 1.2, "url": "https://www.auscert.org.au/bulletins/esb-2023.0586" }, { "trust": 1.2, "url": "https://www.auscert.org.au/bulletins/esb-2023.1252" }, { "trust": 1.2, "url": "https://www.auscert.org.au/bulletins/esb-2023.3189" }, { "trust": 1.2, "url": "https://www.auscert.org.au/bulletins/esb-2023.0791" }, { "trust": 1.1, "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu99928083/" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu91198149/index.html" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-11" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-36760" }, { "trust": 0.6, "url": "httpd.apache.org/security/vulnerabilities_24.html" }, { "trust": 0.6, "url": "https://" }, { "trust": 0.5, "url": "https://access.redhat.com/security/cve/cve-2006-20001" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-37436" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-25690" }, { "trust": 0.4, "url": "https://access.redhat.com/articles/11258" }, { "trust": 0.4, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.4, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.4, "url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.3, "url": "https://access.redhat.com/security/team/key/" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-27522" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-25147" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2023-23915" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2023-25690" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-0215" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-0286" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-43552" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-4304" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-43552" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2023-0286" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2023-23914" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-4450" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-4450" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-23914" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2023-0215" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2023-23916" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-4304" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-25147" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-23916" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-23915" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-43551" }, { "trust": 0.2, "url": "https://access.redhat.com/security/updates/classification/#important" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-43551" }, { "trust": 0.2, "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-36760" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2022-37436" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/787.html" }, { "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2006-20001" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.debian.org/security/" }, { "trust": 0.1, "url": "https://www.debian.org/security/faq" }, { "trust": 0.1, "url": "https://security-tracker.debian.org/tracker/apache2" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2023:3354" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-43680" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2022-43680" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2023:3355" }, { "trust": 0.1, "url": "https://ubuntu.com/security/notices/usn-5834-1" }, { "trust": 0.1, "url": "https://ubuntu.com/security/notices/usn-5834-1\u003e" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/apache2/2.4.54-2ubuntu1.1" }, { "trust": 0.1, "url": "https://ubuntu.com/security/notices/usn-5839-1" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/apache2/2.4.52-1ubuntu4.3" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/apache2/2.4.41-4ubuntu3.13" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/apache2/2.4.29-1ubuntu4.26" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2023:0970" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2023:0852" }, { "trust": 0.1, "url": "https://security.gentoo.org/" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." }, { "trust": 0.1, "url": "https://creativecommons.org/licenses/by-sa/2.5" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-80558" }, { "db": "VULMON", "id": "CVE-2006-20001" }, { "db": "JVNDB", "id": "JVNDB-2006-004077" }, { "db": "PACKETSTORM", "id": "171415" }, { "db": "PACKETSTORM", "id": "172734" }, { "db": "PACKETSTORM", "id": "172731" }, { "db": "PACKETSTORM", "id": "170816" }, { "db": "PACKETSTORM", "id": "170830" }, { "db": "PACKETSTORM", "id": "171178" }, { "db": "PACKETSTORM", "id": "171079" }, { "db": "PACKETSTORM", "id": "174566" }, { "db": "CNNVD", "id": "CNNVD-202301-1294" }, { "db": "NVD", "id": "CVE-2006-20001" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2023-80558" }, { "db": "VULMON", "id": "CVE-2006-20001" }, { "db": "JVNDB", "id": "JVNDB-2006-004077" }, { "db": "PACKETSTORM", "id": "171415" }, { "db": "PACKETSTORM", "id": "172734" }, { "db": "PACKETSTORM", "id": "172731" }, { "db": "PACKETSTORM", "id": "170816" }, { "db": "PACKETSTORM", "id": "170830" }, { "db": "PACKETSTORM", "id": "171178" }, { "db": "PACKETSTORM", "id": "171079" }, { "db": "PACKETSTORM", "id": "174566" }, { "db": "CNNVD", "id": "CNNVD-202301-1294" }, { "db": "NVD", "id": "CVE-2006-20001" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-10-25T00:00:00", "db": "CNVD", "id": "CNVD-2023-80558" }, { "date": "2023-01-17T00:00:00", "db": "VULMON", "id": "CVE-2006-20001" }, { "date": "2023-01-30T00:00:00", "db": "JVNDB", "id": "JVNDB-2006-004077" }, { "date": "2023-03-21T17:41:11", "db": "PACKETSTORM", "id": "171415" }, { "date": "2023-06-06T16:30:34", "db": "PACKETSTORM", "id": "172734" }, { "date": "2023-06-06T16:29:30", "db": "PACKETSTORM", "id": "172731" }, { "date": "2023-01-31T17:16:26", "db": "PACKETSTORM", "id": "170816" }, { "date": "2023-02-01T17:50:42", "db": "PACKETSTORM", "id": "170830" }, { "date": "2023-02-28T17:13:39", "db": "PACKETSTORM", "id": "171178" }, { "date": "2023-02-21T16:50:34", "db": "PACKETSTORM", "id": "171079" }, { "date": "2023-09-08T20:44:43", "db": "PACKETSTORM", "id": "174566" }, { "date": "2023-01-17T00:00:00", "db": "CNNVD", "id": "CNNVD-202301-1294" }, { "date": "2023-01-17T20:15:11.177000", "db": "NVD", "id": "CVE-2006-20001" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-10-25T00:00:00", "db": "CNVD", "id": "CNVD-2023-80558" }, { "date": "2023-01-17T00:00:00", "db": "VULMON", "id": "CVE-2006-20001" }, { "date": "2024-02-22T03:40:00", "db": "JVNDB", "id": "JVNDB-2006-004077" }, { "date": "2023-06-06T00:00:00", "db": "CNNVD", "id": "CNNVD-202301-1294" }, { "date": "2023-09-08T22:15:08.013000", "db": "NVD", "id": "CVE-2006-20001" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "170816" }, { "db": "PACKETSTORM", "id": "170830" }, { "db": "CNNVD", "id": "CNNVD-202301-1294" } ], "trust": 0.8 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Apache\u00a0HTTP\u00a0Server\u00a02\u00a0 memory read vulnerability in", "sources": [ { "db": "JVNDB", "id": "JVNDB-2006-004077" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202301-1294" } ], "trust": 0.6 } }
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.