what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2023-38709

Status Candidate

Overview

Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58.

Related Files

Red Hat Security Advisory 2024-9306-03
Posted Nov 13, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9306-03 - An update for httpd is now available for Red Hat Enterprise Linux 9. Issues addressed include a HTTP response splitting vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-38709
SHA-256 | da861725e4de66c134975faab6f764159682f498b51f01bcb20e783c545eb285
Gentoo Linux Security Advisory 202409-31
Posted Sep 30, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202409-31 - Multiple vulnerabilities have been found in Apache HTTPD, the worst of which could result in denial of service. Versions greater than or equal to 2.4.62 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2023-38709, CVE-2024-24795, CVE-2024-27316, CVE-2024-36387, CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-39884, CVE-2024-40725, CVE-2024-40898
SHA-256 | e140c2ea34336c36470495b8e5becd4da0e3fc777733afa65462c3ef0f63a24c
Red Hat Security Advisory 2024-6928-03
Posted Sep 24, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-6928-03 - Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 6 is now available. Issues addressed include HTTP response splitting and server-side request forgery vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2023-38709
SHA-256 | e6d296361367127ef2c83d6876e361aa61a44764ac8bad189777d62595cf373f
Red Hat Security Advisory 2024-6927-03
Posted Sep 24, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-6927-03 - Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 6 is now available. Issues addressed include a HTTP response splitting vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-38709
SHA-256 | a46212c14a8f7f02210b86e19840bd78e0cf8353486be6775227bb55ec86218e
Apple Security Advisory 07-29-2024-4
Posted Jul 30, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 07-29-2024-4 - macOS Sonoma 14.6 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, out of bounds access, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities.

tags | advisory, overflow, spoof, vulnerability, code execution
systems | apple
advisories | CVE-2023-27952, CVE-2023-38709, CVE-2023-52356, CVE-2023-6277, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-24795, CVE-2024-27316, CVE-2024-27862, CVE-2024-27863, CVE-2024-27871, CVE-2024-27872
SHA-256 | ae832f20b8a382b80cfa8c55837cfb4ccc59d3ee288b95b2aba5d16400cc0192
Red Hat Security Advisory 2024-4197-03
Posted Jul 1, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4197-03 - An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a HTTP response splitting vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-38709
SHA-256 | 1a7359f59ccc6b45c34232a7bc3ee29df4ae36cde45b99d999c97ca7cfb70d75
Ubuntu Security Notice USN-6729-3
Posted Apr 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6729-3 - USN-6729-1 fixed vulnerabilities in Apache HTTP Server. This update provides the corresponding updates for Ubuntu 24.04 LTS. Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. Keran Mu and Jianjun Chen discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. Bartek Nowotarski discovered that the Apache HTTP Server HTTP/2 module incorrectly handled endless continuation frames. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service.

tags | advisory, remote, web, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-38709, CVE-2024-24795, CVE-2024-27316
SHA-256 | 64bc41b5243d484a6b2e16655cb72ea9b8aa3a19737b46627dbb01cfa4e8fb4e
Ubuntu Security Notice USN-6729-2
Posted Apr 18, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6729-2 - USN-6729-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks.

tags | advisory, remote, web, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-38709, CVE-2024-24795, CVE-2024-27316
SHA-256 | 48e8f6ab38e454ffe37a65ae74aa96cb5b3942a28276a0cc0f3a974d4716ae83
Debian Security Advisory 5662-1
Posted Apr 17, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5662-1 - Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in HTTP response splitting or denial of service.

tags | advisory, web, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2023-31122, CVE-2023-38709, CVE-2023-43622, CVE-2023-45802, CVE-2024-24795, CVE-2024-27316
SHA-256 | 91dd197c5a6d8baaed2ebca649cbbb006dfaa18a448d23acca955357225d36eb
Ubuntu Security Notice USN-6729-1
Posted Apr 12, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6729-1 - Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. Keran Mu and Jianjun Chen discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2023-38709, CVE-2024-24795, CVE-2024-27316
SHA-256 | b6b856a665b8ccd0c761b17ac9d0990bb16f01e11f4e9c76e440d6681ef8b0fd
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close