Kaspersky Threats — La page que vous recherchez est introuvable.<br>Mais vous pouvez consulter les descriptions de nos dernières vulnérabilités et menaces.

Description

Multiple vulnerabilities were found in Apache HTTP Server. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, obtain sensitive information.

Below is a complete list of vulnerabilities:

Out of bounds read vulnerability in mod_cache_socache can be exploited to cause denial of service.
Security bypass vulnerability in mod_auth_digest can be exploited to bypass security restrictions.
Use after free vulnerability on HTTP/2 stream shutdown can be exploited to cause denial of service.
Out of bound access vulnerability in HTTP request can be exploited via special crafted request to cause denial of service.
Out of bounds write vulnerability in mod_authnz_ldap can be exploited to cause denial of service.
Security bypass vulnerability in filename can be exploited to bypass security restrictions.
Information disclosure vulnerability in « Session » header can be exploited remotely to obtain sensitive information.

Fiches de renseignement originales

Fixed in Apache HTTP Server 2.4.33

Exploitation

Public exploits exist for this vulnerability.

Produits associés

Apache-HTTP-Server

Liste CVE

CVE-2018-1303
critical
CVE-2018-1312
critical
CVE-2018-1302
high
CVE-2018-1301
high
CVE-2017-15710
critical
CVE-2017-15715
critical
CVE-2018-1283
high

En savoir plus

Découvrez les statistiques de la propagation des vulnérabilités dans votre région statistics.securelist.com

Vous avez trouvé une inexactitude dans la description de cette vulnérabilité ? Faites-le nous savoir !