Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Update for httpd RHSA-2015:1667-01
Summary:The remote host is missing an update for the 'httpd'; package(s) announced via the referenced advisory.
The remote host is missing an update for the 'httpd'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The httpd packages provide the Apache HTTP Server, a powerful, efficient,
and extensible web server.

Multiple flaws were found in the way httpd parsed HTTP requests and
responses using chunked transfer encoding. A remote attacker could use
these flaws to create a specially crafted request, which httpd would decode
differently from an HTTP proxy software in front of it, possibly leading to
HTTP request smuggling attacks. (CVE-2015-3183)

It was discovered that in httpd 2.4, the internal API function
ap_some_auth_required() could incorrectly indicate that a request was
authenticated even when no authentication was used. An httpd module using
this API function could consequently allow access that should have been
denied. (CVE-2015-3185)

All httpd users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. After installing the
updated packages, the httpd service will be restarted automatically.

Affected Software/OS:
httpd on Red Hat Enterprise Linux Server (v. 7)

Please Install the Updated Packages.

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-3183
BugTraq ID: 75963
BugTraq ID: 91787
Debian Security Information: DSA-3325 (Google Search)
HPdes Security Advisory: HPSBUX03512
HPdes Security Advisory: SSRT102254
RedHat Security Advisories: RHSA-2015:1666
RedHat Security Advisories: RHSA-2015:1667
RedHat Security Advisories: RHSA-2015:1668
RedHat Security Advisories: RHSA-2015:2659
RedHat Security Advisories: RHSA-2015:2660
RedHat Security Advisories: RHSA-2015:2661
RedHat Security Advisories: RHSA-2016:0061
RedHat Security Advisories: RHSA-2016:0062
RedHat Security Advisories: RHSA-2016:2054
RedHat Security Advisories: RHSA-2016:2055
RedHat Security Advisories: RHSA-2016:2056
SuSE Security Announcement: openSUSE-SU-2015:1684 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-3185
BugTraq ID: 75965
RedHat Security Advisories: RHSA-2016:2957
RedHat Security Advisories: RHSA-2017:2708
RedHat Security Advisories: RHSA-2017:2709
RedHat Security Advisories: RHSA-2017:2710
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.