漏洞信息详情

Apache HTTP Server 安全漏洞

  • CNNVD编号:CNNVD-201809-1130
  • 危害等级: 中危
  • CVE编号: CVE-2018-11763
  • 漏洞类型: 输入验证错误
  • 发布时间: 2018-09-26
  • 威胁类型: 远程
  • 更新时间: 2019-06-12
  • 厂        商:
  • 漏洞来源: Red Hat,Gal Goldsh...

漏洞简介

Apache HTTP Server是美国阿帕奇(Apache)软件基金会的一款开源网页服务器。该服务器具有快速、可靠且可通过简单的API进行扩充的特点。

Apache HTTP Server 2.4.17版本至2.4.34版本中存在安全漏洞。攻击者可通过持续发送较大的SETTINGS帧利用该漏洞在客户端占据连接,服务器线程和CPU时间时造成连接超时失效,导致拒绝服务。

漏洞公告

目前厂商已发布升级补丁以修复漏洞,补丁获取链接:

https://httpd.apache.org/security/vulnerabilities_24.html

参考网址

来源:CONFIRM

链接:https://security.netapp.com/advisory/ntap-20190204-0004/

来源:MISC

链接:https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

来源:httpd.apache.org

链接:httpd.apache.org/security/vulnerabilities_24.html

来源:BID

链接:http://www.securityfocus.com/bid/105414

来源:CONFIRM

链接:https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2019:0367

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2019:0366

来源:SUSE

链接:http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00030.html

来源:BID

链接:https://www.securityfocus.com/bid/105414

来源:www.oracle.com

链接:https://www.oracle.com/technetwork/topics/security/bulletinjan2019-5251593.html

来源:www.oracle.com

链接:https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

来源:access.redhat.com

链接:https://access.redhat.com/security/cve/cve-2018-11763

来源:bugzilla.redhat.com

链接:https://bugzilla.redhat.com/show_bug.cgi?id=1633399

来源:github.com

链接:https://github.com/icing/mod_h2/commit/5e75e5685dd043fe93a5a08a15edd087a43f6968

来源:www.apache.org

链接:http://www.apache.org/

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2018:3558

来源:UBUNTU

链接:https://usn.ubuntu.com/3783-1/

来源:SECTRACK

链接:http://www.securitytracker.com/id/1041713

来源:access.redhat.com

链接:https://access.redhat.com/errata/RHSA-2019:0367

来源:access.redhat.com

链接:https://access.redhat.com/errata/RHSA-2019:0366

来源:www.securityfocus.com

链接:https://www.securityfocus.com/bid/105414

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/151742/Red-Hat-Security-Advisory-2019-0367-01.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/75962

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/151814/Red-Hat-Security-Advisory-2019-0366-01.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/75770

受影响实体

    暂无


漏洞信息快速查询

相关漏洞

更多