Test Kennung:	1.3.6.1.4.1.25623.1.0.142229
Kategorie:	Web Servers
Titel:	Apache HTTP Server < 2.4.39 URL Normalization Vulnerability - Windows
Zusammenfassung:	When the path component of a request URL contains multiple consecutive slashes; ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while; other aspects of the servers processing will implicitly collapse them.
Beschreibung:	Summary: When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them. Affected Software/OS: Apache HTTP Server version 2.4.38 and prior. Solution: Update to version 2.4.39 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-0220 BugTraq ID: 107670 http://www.securityfocus.com/bid/107670 Bugtraq: 20190403 [SECURITY] [DSA 4422-1] apache2 security update (Google Search) https://seclists.org/bugtraq/2019/Apr/5 https://httpd.apache.org/security/vulnerabilities_24.html https://security.netapp.com/advisory/ntap-20190625-0007/ https://support.f5.com/csp/article/K44591505 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us Debian Security Information: DSA-4422 (Google Search) https://www.debian.org/security/2019/dsa-4422 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/ https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/security-alerts/cpujul2022.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html https://lists.debian.org/debian-lts-announce/2019/04/msg00008.html https://lists.apache.org/thread.html/r31f46d1f16ffcafa68058596b21f6eaf6d352290e522690a1cdccdd7@%3Cbugs.httpd.apache.org%3E https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E http://www.openwall.com/lists/oss-security/2019/04/02/6 RedHat Security Advisories: RHSA-2019:2343 https://access.redhat.com/errata/RHSA-2019:2343 RedHat Security Advisories: RHSA-2019:3436 https://access.redhat.com/errata/RHSA-2019:3436 RedHat Security Advisories: RHSA-2019:4126 https://access.redhat.com/errata/RHSA-2019:4126 RedHat Security Advisories: RHSA-2020:0250 https://access.redhat.com/errata/RHSA-2020:0250 RedHat Security Advisories: RHSA-2020:0251 https://access.redhat.com/errata/RHSA-2020:0251 SuSE Security Announcement: openSUSE-SU-2019:1190 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html SuSE Security Announcement: openSUSE-SU-2019:1209 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html SuSE Security Announcement: openSUSE-SU-2019:1258 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html https://usn.ubuntu.com/3937-1/
Copyright	Copyright (C) 2019 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.