1. CVE-Search
  2. CVE-2016-5387
ID CVE-2016-5387
Summary The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "This mitigation has been assigned the identifier CVE-2016-5387"; in other words, this is not a CVE ID for a vulnerability.
References
Vulnerable Configurations
  • cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.5:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.11:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.11:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.13:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.13:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.14:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.14:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.15:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.15:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.19:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.19:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.21:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.21:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.22:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.22:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.15-60:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.15-60:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.24:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.24:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.25:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.25:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.26:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.26:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.27:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.27:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.28:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.28:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.29:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.29:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.30:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.30:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.31:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.31:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:-:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:-:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.0.1.104:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.0.1.104:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.0.2.106:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.0.2.106:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.0-103\(a\):*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.0-103\(a\):*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.0.121:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.0.121:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.2.127:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.2.127:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.4.143:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.4.143:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.5.146:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.5.146:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.5.146:b:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.5.146:b:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.6.156:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.6.156:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.7.168:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.7.168:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.8.179:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.8.179:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.10.186:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.10.186:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.10.186:b:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.10.186:b:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.10.186:c:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.10.186:c:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.11.197:a:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.11.197:a:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.12.201:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.12.201:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.14:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.14:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.14.20:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.14.20:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.15:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.15:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.15-210:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.15-210:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.1.15.210:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.1.15.210:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:2.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:2.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:3.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:3.0.0-68:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:3.0.0-68:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:3.0.0.64:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:3.0.0.64:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:3.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:3.0.1-73:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:3.0.1-73:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:3.0.1.73:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:3.0.1.73:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:3.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:3.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:3.0.2-77:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:3.0.2-77:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:3.0.2.77:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:3.0.2.77:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:3.0.2.77:b:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:3.0.2.77:b:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:3.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:3.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:3.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:3.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:6.0.0-95:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:6.0.0-95:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:6.0.0.96:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:6.0.0.96:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:6.1:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:6.1.0-103:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:6.1.0-103:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:6.1.0.102:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:6.1.0.102:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:6.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:6.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:6.2.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:6.2.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:6.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:6.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:6.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:6.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:7.1:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:7.2:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:7.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:7.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:7.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:7.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:7.5.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:7.5.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:7.5.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:7.5.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:system_management_homepage:7.5.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:hp:system_management_homepage:7.5.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
  • cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
    cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*
  • cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*
    cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*
  • cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
    cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
  • cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*
    cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_user_data_repository:10.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:communications_user_data_repository:10.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_user_data_repository:10.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:communications_user_data_repository:10.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_user_data_repository:12.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:communications_user_data_repository:12.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_user_data_repository:12.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:communications_user_data_repository:12.4:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
  • cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 07-09-2022 - 17:40)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • bugzilla
    id 1353755
    title CVE-2016-5387 Apache HTTPD: sets environmental variable based on user supplied Proxy request header
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331005
      • OR
        • AND
          • comment httpd is earlier than 0:2.2.3-92.el5_11
            oval oval:com.redhat.rhsa:tst:20161421001
          • comment httpd is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070556002
        • AND
          • comment httpd-devel is earlier than 0:2.2.3-92.el5_11
            oval oval:com.redhat.rhsa:tst:20161421003
          • comment httpd-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070556004
        • AND
          • comment httpd-manual is earlier than 0:2.2.3-92.el5_11
            oval oval:com.redhat.rhsa:tst:20161421005
          • comment httpd-manual is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070556006
        • AND
          • comment mod_ssl is earlier than 1:2.2.3-92.el5_11
            oval oval:com.redhat.rhsa:tst:20161421007
          • comment mod_ssl is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070556008
    • AND
      • comment Red Hat Enterprise Linux 6 is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • comment httpd is earlier than 0:2.2.15-54.el6_8
            oval oval:com.redhat.rhsa:tst:20161421010
          • comment httpd is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20152194002
        • AND
          • comment httpd-devel is earlier than 0:2.2.15-54.el6_8
            oval oval:com.redhat.rhsa:tst:20161421012
          • comment httpd-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20152194004
        • AND
          • comment httpd-manual is earlier than 0:2.2.15-54.el6_8
            oval oval:com.redhat.rhsa:tst:20161421014
          • comment httpd-manual is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20152194006
        • AND
          • comment httpd-tools is earlier than 0:2.2.15-54.el6_8
            oval oval:com.redhat.rhsa:tst:20161421016
          • comment httpd-tools is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20152194008
        • AND
          • comment mod_ssl is earlier than 1:2.2.15-54.el6_8
            oval oval:com.redhat.rhsa:tst:20161421018
          • comment mod_ssl is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20152194016
    rhsa
    id RHSA-2016:1421
    released 2016-07-18
    severity Important
    title RHSA-2016:1421: httpd security update (Important)
  • bugzilla
    id 1353755
    title CVE-2016-5387 Apache HTTPD: sets environmental variable based on user supplied Proxy request header
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment httpd is earlier than 0:2.4.6-40.el7_2.4
            oval oval:com.redhat.rhsa:tst:20161422001
          • comment httpd is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20152194002
        • AND
          • comment httpd-devel is earlier than 0:2.4.6-40.el7_2.4
            oval oval:com.redhat.rhsa:tst:20161422003
          • comment httpd-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20152194004
        • AND
          • comment httpd-manual is earlier than 0:2.4.6-40.el7_2.4
            oval oval:com.redhat.rhsa:tst:20161422005
          • comment httpd-manual is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20152194006
        • AND
          • comment httpd-tools is earlier than 0:2.4.6-40.el7_2.4
            oval oval:com.redhat.rhsa:tst:20161422007
          • comment httpd-tools is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20152194008
        • AND
          • comment mod_ldap is earlier than 0:2.4.6-40.el7_2.4
            oval oval:com.redhat.rhsa:tst:20161422009
          • comment mod_ldap is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20152194010
        • AND
          • comment mod_proxy_html is earlier than 1:2.4.6-40.el7_2.4
            oval oval:com.redhat.rhsa:tst:20161422011
          • comment mod_proxy_html is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20152194012
        • AND
          • comment mod_session is earlier than 0:2.4.6-40.el7_2.4
            oval oval:com.redhat.rhsa:tst:20161422013
          • comment mod_session is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20152194014
        • AND
          • comment mod_ssl is earlier than 1:2.4.6-40.el7_2.4
            oval oval:com.redhat.rhsa:tst:20161422015
          • comment mod_ssl is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20152194016
    rhsa
    id RHSA-2016:1422
    released 2016-07-18
    severity Important
    title RHSA-2016:1422: httpd security and bug fix update (Important)
  • rhsa
    id RHSA-2016:1420
  • rhsa
    id RHSA-2016:1624
  • rhsa
    id RHSA-2016:1625
  • rhsa
    id RHSA-2016:1635
  • rhsa
    id RHSA-2016:1636
  • rhsa
    id RHSA-2016:1648
  • rhsa
    id RHSA-2016:1649
  • rhsa
    id RHSA-2016:1650
  • rhsa
    id RHSA-2016:1851
rpms
  • httpd24-httpd-0:2.4.18-11.el6
  • httpd24-httpd-0:2.4.18-11.el7
  • httpd24-httpd-debuginfo-0:2.4.18-11.el6
  • httpd24-httpd-debuginfo-0:2.4.18-11.el7
  • httpd24-httpd-devel-0:2.4.18-11.el6
  • httpd24-httpd-devel-0:2.4.18-11.el7
  • httpd24-httpd-manual-0:2.4.18-11.el6
  • httpd24-httpd-manual-0:2.4.18-11.el7
  • httpd24-httpd-tools-0:2.4.18-11.el6
  • httpd24-httpd-tools-0:2.4.18-11.el7
  • httpd24-mod_ldap-0:2.4.18-11.el6
  • httpd24-mod_ldap-0:2.4.18-11.el7
  • httpd24-mod_proxy_html-1:2.4.18-11.el6
  • httpd24-mod_proxy_html-1:2.4.18-11.el7
  • httpd24-mod_session-0:2.4.18-11.el6
  • httpd24-mod_session-0:2.4.18-11.el7
  • httpd24-mod_ssl-1:2.4.18-11.el6
  • httpd24-mod_ssl-1:2.4.18-11.el7
  • httpd-0:2.2.15-54.el6_8
  • httpd-0:2.2.3-92.el5_11
  • httpd-debuginfo-0:2.2.15-54.el6_8
  • httpd-debuginfo-0:2.2.3-92.el5_11
  • httpd-devel-0:2.2.15-54.el6_8
  • httpd-devel-0:2.2.3-92.el5_11
  • httpd-manual-0:2.2.15-54.el6_8
  • httpd-manual-0:2.2.3-92.el5_11
  • httpd-tools-0:2.2.15-54.el6_8
  • mod_ssl-1:2.2.15-54.el6_8
  • mod_ssl-1:2.2.3-92.el5_11
  • httpd-0:2.4.6-40.el7_2.4
  • httpd-debuginfo-0:2.4.6-40.el7_2.4
  • httpd-devel-0:2.4.6-40.el7_2.4
  • httpd-manual-0:2.4.6-40.el7_2.4
  • httpd-tools-0:2.4.6-40.el7_2.4
  • mod_ldap-0:2.4.6-40.el7_2.4
  • mod_proxy_html-1:2.4.6-40.el7_2.4
  • mod_session-0:2.4.6-40.el7_2.4
  • mod_ssl-1:2.4.6-40.el7_2.4
  • httpd24-0:2.4.6-62.ep7.el7
  • httpd24-debuginfo-0:2.4.6-62.ep7.el7
  • httpd24-devel-0:2.4.6-62.ep7.el7
  • httpd24-manual-0:2.4.6-62.ep7.el7
  • httpd24-tools-0:2.4.6-62.ep7.el7
  • mod_ldap24-0:2.4.6-62.ep7.el7
  • mod_proxy24_html-1:2.4.6-62.ep7.el7
  • mod_session24-0:2.4.6-62.ep7.el7
  • mod_ssl24-1:2.4.6-62.ep7.el7
  • tomcat7-0:7.0.59-51_patch_01.ep7.el7
  • tomcat7-admin-webapps-0:7.0.59-51_patch_01.ep7.el7
  • tomcat7-docs-webapp-0:7.0.59-51_patch_01.ep7.el7
  • tomcat7-el-2.2-api-0:7.0.59-51_patch_01.ep7.el7
  • tomcat7-javadoc-0:7.0.59-51_patch_01.ep7.el7
  • tomcat7-jsp-2.2-api-0:7.0.59-51_patch_01.ep7.el7
  • tomcat7-lib-0:7.0.59-51_patch_01.ep7.el7
  • tomcat7-log4j-0:7.0.59-51_patch_01.ep7.el7
  • tomcat7-servlet-3.0-api-0:7.0.59-51_patch_01.ep7.el7
  • tomcat7-webapps-0:7.0.59-51_patch_01.ep7.el7
  • tomcat8-0:8.0.18-62_patch_01.ep7.el7
  • tomcat8-admin-webapps-0:8.0.18-62_patch_01.ep7.el7
  • tomcat8-docs-webapp-0:8.0.18-62_patch_01.ep7.el7
  • tomcat8-el-2.2-api-0:8.0.18-62_patch_01.ep7.el7
  • tomcat8-javadoc-0:8.0.18-62_patch_01.ep7.el7
  • tomcat8-jsp-2.3-api-0:8.0.18-62_patch_01.ep7.el7
  • tomcat8-lib-0:8.0.18-62_patch_01.ep7.el7
  • tomcat8-log4j-0:8.0.18-62_patch_01.ep7.el7
  • tomcat8-servlet-3.1-api-0:8.0.18-62_patch_01.ep7.el7
  • tomcat8-webapps-0:8.0.18-62_patch_01.ep7.el7
  • httpd24-0:2.4.6-62.ep7.el6
  • httpd24-debuginfo-0:2.4.6-62.ep7.el6
  • httpd24-devel-0:2.4.6-62.ep7.el6
  • httpd24-manual-0:2.4.6-62.ep7.el6
  • httpd24-tools-0:2.4.6-62.ep7.el6
  • mod_ldap24-0:2.4.6-62.ep7.el6
  • mod_proxy24_html-1:2.4.6-62.ep7.el6
  • mod_session24-0:2.4.6-62.ep7.el6
  • mod_ssl24-1:2.4.6-62.ep7.el6
  • tomcat7-0:7.0.59-51_patch_01.ep7.el6
  • tomcat7-admin-webapps-0:7.0.59-51_patch_01.ep7.el6
  • tomcat7-docs-webapp-0:7.0.59-51_patch_01.ep7.el6
  • tomcat7-el-2.2-api-0:7.0.59-51_patch_01.ep7.el6
  • tomcat7-javadoc-0:7.0.59-51_patch_01.ep7.el6
  • tomcat7-jsp-2.2-api-0:7.0.59-51_patch_01.ep7.el6
  • tomcat7-lib-0:7.0.59-51_patch_01.ep7.el6
  • tomcat7-log4j-0:7.0.59-51_patch_01.ep7.el6
  • tomcat7-servlet-3.0-api-0:7.0.59-51_patch_01.ep7.el6
  • tomcat7-webapps-0:7.0.59-51_patch_01.ep7.el6
  • tomcat8-0:8.0.18-62_patch_01.ep7.el6
  • tomcat8-admin-webapps-0:8.0.18-62_patch_01.ep7.el6
  • tomcat8-docs-webapp-0:8.0.18-62_patch_01.ep7.el6
  • tomcat8-el-2.2-api-0:8.0.18-62_patch_01.ep7.el6
  • tomcat8-javadoc-0:8.0.18-62_patch_01.ep7.el6
  • tomcat8-jsp-2.3-api-0:8.0.18-62_patch_01.ep7.el6
  • tomcat8-lib-0:8.0.18-62_patch_01.ep7.el6
  • tomcat8-log4j-0:8.0.18-62_patch_01.ep7.el6
  • tomcat8-servlet-3.1-api-0:8.0.18-62_patch_01.ep7.el6
  • tomcat8-webapps-0:8.0.18-62_patch_01.ep7.el6
  • httpd22-0:2.2.26-56.ep6.el7
  • httpd22-debuginfo-0:2.2.26-56.ep6.el7
  • httpd22-devel-0:2.2.26-56.ep6.el7
  • httpd22-manual-0:2.2.26-56.ep6.el7
  • httpd22-tools-0:2.2.26-56.ep6.el7
  • jbcs-httpd24-0:1-3.jbcs.el7
  • jbcs-httpd24-openssl-1:1.0.2h-4.jbcs.el7
  • jbcs-httpd24-openssl-debuginfo-1:1.0.2h-4.jbcs.el7
  • jbcs-httpd24-openssl-devel-1:1.0.2h-4.jbcs.el7
  • jbcs-httpd24-openssl-libs-1:1.0.2h-4.jbcs.el7
  • jbcs-httpd24-openssl-perl-1:1.0.2h-4.jbcs.el7
  • jbcs-httpd24-openssl-static-1:1.0.2h-4.jbcs.el7
  • jbcs-httpd24-runtime-0:1-3.jbcs.el7
  • mod_cluster-0:1.2.13-1.Final_redhat_1.1.ep6.el7
  • mod_cluster-native-0:1.2.13-3.Final_redhat_2.ep6.el7
  • mod_cluster-native-debuginfo-0:1.2.13-3.Final_redhat_2.ep6.el7
  • mod_cluster-tomcat6-0:1.2.13-1.Final_redhat_1.1.ep6.el7
  • mod_cluster-tomcat7-0:1.2.13-1.Final_redhat_1.1.ep6.el7
  • mod_jk-ap22-0:1.2.41-2.redhat_3.ep6.el7
  • mod_jk-debuginfo-0:1.2.41-2.redhat_3.ep6.el7
  • mod_jk-manual-0:1.2.41-2.redhat_3.ep6.el7
  • mod_ssl22-1:2.2.26-56.ep6.el7
  • tomcat-native-0:1.1.34-5.redhat_1.ep6.el7
  • tomcat-native-debuginfo-0:1.1.34-5.redhat_1.ep6.el7
  • httpd-0:2.2.26-54.ep6.el6
  • httpd-debuginfo-0:2.2.26-54.ep6.el6
  • httpd-devel-0:2.2.26-54.ep6.el6
  • httpd-manual-0:2.2.26-54.ep6.el6
  • httpd-tools-0:2.2.26-54.ep6.el6
  • jbcs-httpd24-0:1-3.jbcs.el6
  • jbcs-httpd24-openssl-1:1.0.2h-4.jbcs.el6
  • jbcs-httpd24-openssl-debuginfo-1:1.0.2h-4.jbcs.el6
  • jbcs-httpd24-openssl-devel-1:1.0.2h-4.jbcs.el6
  • jbcs-httpd24-openssl-libs-1:1.0.2h-4.jbcs.el6
  • jbcs-httpd24-openssl-perl-1:1.0.2h-4.jbcs.el6
  • jbcs-httpd24-openssl-static-1:1.0.2h-4.jbcs.el6
  • jbcs-httpd24-runtime-0:1-3.jbcs.el6
  • mod_cluster-0:1.2.13-1.Final_redhat_1.1.ep6.el6
  • mod_cluster-native-0:1.2.13-3.Final_redhat_2.ep6.el6
  • mod_cluster-native-debuginfo-0:1.2.13-3.Final_redhat_2.ep6.el6
  • mod_cluster-tomcat6-0:1.2.13-1.Final_redhat_1.1.ep6.el6
  • mod_cluster-tomcat7-0:1.2.13-1.Final_redhat_1.1.ep6.el6
  • mod_jk-ap22-0:1.2.41-2.redhat_3.ep6.el6
  • mod_jk-debuginfo-0:1.2.41-2.redhat_3.ep6.el6
  • mod_jk-manual-0:1.2.41-2.redhat_3.ep6.el6
  • mod_ssl-1:2.2.26-54.ep6.el6
  • tomcat-native-0:1.1.34-5.redhat_1.ep6.el6
  • tomcat-native-debuginfo-0:1.1.34-5.redhat_1.ep6.el6
  • jbcs-httpd24-httpd-0:2.4.6-77.SP1.jbcs.el6
  • jbcs-httpd24-httpd-0:2.4.6-77.SP1.jbcs.el7
  • jbcs-httpd24-httpd-debuginfo-0:2.4.6-77.SP1.jbcs.el6
  • jbcs-httpd24-httpd-debuginfo-0:2.4.6-77.SP1.jbcs.el7
  • jbcs-httpd24-httpd-devel-0:2.4.6-77.SP1.jbcs.el6
  • jbcs-httpd24-httpd-devel-0:2.4.6-77.SP1.jbcs.el7
  • jbcs-httpd24-httpd-manual-0:2.4.6-77.SP1.jbcs.el6
  • jbcs-httpd24-httpd-manual-0:2.4.6-77.SP1.jbcs.el7
  • jbcs-httpd24-httpd-src-zip-0:2.4.6-77.SP1.jbcs.el6
  • jbcs-httpd24-httpd-src-zip-0:2.4.6-77.SP1.jbcs.el7
  • jbcs-httpd24-httpd-tools-0:2.4.6-77.SP1.jbcs.el6
  • jbcs-httpd24-httpd-tools-0:2.4.6-77.SP1.jbcs.el7
  • jbcs-httpd24-httpd-zip-0:2.4.6-77.SP1.jbcs.el6
  • jbcs-httpd24-httpd-zip-0:2.4.6-77.SP1.jbcs.el7
  • jbcs-httpd24-mod_ldap-0:2.4.6-77.SP1.jbcs.el6
  • jbcs-httpd24-mod_ldap-0:2.4.6-77.SP1.jbcs.el7
  • jbcs-httpd24-mod_proxy_html-1:2.4.6-77.SP1.jbcs.el6
  • jbcs-httpd24-mod_proxy_html-1:2.4.6-77.SP1.jbcs.el7
  • jbcs-httpd24-mod_session-0:2.4.6-77.SP1.jbcs.el6
  • jbcs-httpd24-mod_session-0:2.4.6-77.SP1.jbcs.el7
  • jbcs-httpd24-mod_ssl-1:2.4.6-77.SP1.jbcs.el6
  • jbcs-httpd24-mod_ssl-1:2.4.6-77.SP1.jbcs.el7
refmap via4
bid 91816
cert-vn VU#797896
confirm
debian DSA-3623
fedora
  • FEDORA-2016-683d0b257b
  • FEDORA-2016-9fd9bfab9e
  • FEDORA-2016-a29c65b00f
  • FEDORA-2016-df0726ae26
gentoo GLSA-201701-36
misc https://httpoxy.org/
mlist
  • [httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
  • [httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
  • [httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
  • [httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
  • [httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
  • [httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
  • [httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
  • [httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
sectrack 1036330
suse openSUSE-SU-2016:1824
ubuntu USN-3038-1
Last major update 07-09-2022 - 17:40
Published 19-07-2016 - 02:00
Last modified 07-09-2022 - 17:40
Back to Top