| VID |
210266 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The version of Apache httpd installed on the remote host is equal to or lower than 2.4.57. It is, therefore, affected by vulnerability as referenced in the 2.4.58 advisory.
- Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. (CVE-2023-31122)
* References:
https://httpd.apache.org/security/vulnerabilities_24.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TI3V2YCEUM65QDYPGGNUZ7UONIM5OEXC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VZJTT5TEFNSBWVMKCLS6EZ7PI6EJYBCO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFDNHDH4VLFGDPY6MEZV2RO5N5FLFONW/
https://security.netapp.com/advisory/ntap-20231027-0011/
* Platforms Affected:
Apache HTTP all versions equal to or lower than 2.4.57
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Apache HTTP Server (2.4.58 or later), available from the Apache Software Foundation download site, http://httpd.apache.org/download.cgi |
| Related URL |
CVE-2023-31122 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
