ID CVE-2019-0211
Summary In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.
References
Vulnerable Configurations
  • cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.19:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.19:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.21:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.21:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.22:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.22:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.24:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.24:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.28:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.28:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.29:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.29:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.30:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.30:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.31:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.31:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.32:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.32:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.34:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.34:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.35:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.35:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.36:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.36:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.38:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.38:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*
  • cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6_aarch64:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6_aarch64:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4_ppc64le:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4_ppc64le:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.4_aarch64:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.4_aarch64:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.2_aarch64:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.2_aarch64:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.1_aarch64:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.1_aarch64:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2_ppc64le:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2_ppc64le:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.1_ppc64le:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.1_ppc64le:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4_s390x:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4_s390x:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2_s390x:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2_s390x:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.1_s390x:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.1_s390x:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openshift_container_platform_for_power:3.11_ppc64le:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:openshift_container_platform_for_power:3.11_ppc64le:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_route_manager:8.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:communications_session_route_manager:8.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_route_manager:8.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:communications_session_route_manager:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_report_manager:8.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:communications_session_report_manager:8.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_report_manager:8.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:communications_session_report_manager:8.1.0:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 25-07-2024 - 14:58)
Impact:
Exploitability:
CWE CWE-416
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
redhat via4
advisories
  • rhsa
    id RHBA-2019:0959
  • rhsa
    id RHSA-2019:0746
  • rhsa
    id RHSA-2019:0980
  • rhsa
    id RHSA-2019:1296
  • rhsa
    id RHSA-2019:1297
  • rhsa
    id RHSA-2019:1543
rpms
  • httpd24-httpd-0:2.4.34-7.el6.1
  • httpd24-httpd-0:2.4.34-7.el7.1
  • httpd24-httpd-debuginfo-0:2.4.34-7.el6.1
  • httpd24-httpd-debuginfo-0:2.4.34-7.el7.1
  • httpd24-httpd-devel-0:2.4.34-7.el6.1
  • httpd24-httpd-devel-0:2.4.34-7.el7.1
  • httpd24-httpd-manual-0:2.4.34-7.el6.1
  • httpd24-httpd-manual-0:2.4.34-7.el7.1
  • httpd24-httpd-tools-0:2.4.34-7.el6.1
  • httpd24-httpd-tools-0:2.4.34-7.el7.1
  • httpd24-mod_auth_mellon-0:0.13.1-2.el7.1
  • httpd24-mod_auth_mellon-debuginfo-0:0.13.1-2.el7.1
  • httpd24-mod_ldap-0:2.4.34-7.el6.1
  • httpd24-mod_ldap-0:2.4.34-7.el7.1
  • httpd24-mod_md-0:2.4.34-7.el7.1
  • httpd24-mod_proxy_html-1:2.4.34-7.el6.1
  • httpd24-mod_proxy_html-1:2.4.34-7.el7.1
  • httpd24-mod_session-0:2.4.34-7.el6.1
  • httpd24-mod_session-0:2.4.34-7.el7.1
  • httpd24-mod_ssl-1:2.4.34-7.el6.1
  • httpd24-mod_ssl-1:2.4.34-7.el7.1
  • httpd-0:2.4.37-11.module+el8.0.0+2969+90015743
  • httpd-debuginfo-0:2.4.37-11.module+el8.0.0+2969+90015743
  • httpd-debugsource-0:2.4.37-11.module+el8.0.0+2969+90015743
  • httpd-devel-0:2.4.37-11.module+el8.0.0+2969+90015743
  • httpd-filesystem-0:2.4.37-11.module+el8.0.0+2969+90015743
  • httpd-manual-0:2.4.37-11.module+el8.0.0+2969+90015743
  • httpd-tools-0:2.4.37-11.module+el8.0.0+2969+90015743
  • httpd-tools-debuginfo-0:2.4.37-11.module+el8.0.0+2969+90015743
  • mod_http2-0:1.11.3-2.module+el8.0.0+2969+90015743
  • mod_http2-debuginfo-0:1.11.3-2.module+el8.0.0+2969+90015743
  • mod_http2-debugsource-0:1.11.3-2.module+el8.0.0+2969+90015743
  • mod_ldap-0:2.4.37-11.module+el8.0.0+2969+90015743
  • mod_ldap-debuginfo-0:2.4.37-11.module+el8.0.0+2969+90015743
  • mod_md-0:2.4.37-11.module+el8.0.0+2969+90015743
  • mod_md-debuginfo-0:2.4.37-11.module+el8.0.0+2969+90015743
  • mod_proxy_html-1:2.4.37-11.module+el8.0.0+2969+90015743
  • mod_proxy_html-debuginfo-1:2.4.37-11.module+el8.0.0+2969+90015743
  • mod_session-0:2.4.37-11.module+el8.0.0+2969+90015743
  • mod_session-debuginfo-0:2.4.37-11.module+el8.0.0+2969+90015743
  • mod_ssl-1:2.4.37-11.module+el8.0.0+2969+90015743
  • mod_ssl-debuginfo-1:2.4.37-11.module+el8.0.0+2969+90015743
  • jbcs-httpd24-httpd-0:2.4.29-40.jbcs.el6
  • jbcs-httpd24-httpd-0:2.4.29-40.jbcs.el7
  • jbcs-httpd24-httpd-debuginfo-0:2.4.29-40.jbcs.el6
  • jbcs-httpd24-httpd-debuginfo-0:2.4.29-40.jbcs.el7
  • jbcs-httpd24-httpd-devel-0:2.4.29-40.jbcs.el6
  • jbcs-httpd24-httpd-devel-0:2.4.29-40.jbcs.el7
  • jbcs-httpd24-httpd-manual-0:2.4.29-40.jbcs.el6
  • jbcs-httpd24-httpd-manual-0:2.4.29-40.jbcs.el7
  • jbcs-httpd24-httpd-selinux-0:2.4.29-40.jbcs.el6
  • jbcs-httpd24-httpd-selinux-0:2.4.29-40.jbcs.el7
  • jbcs-httpd24-httpd-tools-0:2.4.29-40.jbcs.el6
  • jbcs-httpd24-httpd-tools-0:2.4.29-40.jbcs.el7
  • jbcs-httpd24-mod_ldap-0:2.4.29-40.jbcs.el6
  • jbcs-httpd24-mod_ldap-0:2.4.29-40.jbcs.el7
  • jbcs-httpd24-mod_proxy_html-1:2.4.29-40.jbcs.el6
  • jbcs-httpd24-mod_proxy_html-1:2.4.29-40.jbcs.el7
  • jbcs-httpd24-mod_session-0:2.4.29-40.jbcs.el6
  • jbcs-httpd24-mod_session-0:2.4.29-40.jbcs.el7
  • jbcs-httpd24-mod_ssl-1:2.4.29-40.jbcs.el6
  • jbcs-httpd24-mod_ssl-1:2.4.29-40.jbcs.el7
  • jbcs-httpd24-openssl-1:1.0.2n-15.jbcs.el6
  • jbcs-httpd24-openssl-1:1.0.2n-15.jbcs.el7
  • jbcs-httpd24-openssl-debuginfo-1:1.0.2n-15.jbcs.el6
  • jbcs-httpd24-openssl-debuginfo-1:1.0.2n-15.jbcs.el7
  • jbcs-httpd24-openssl-devel-1:1.0.2n-15.jbcs.el6
  • jbcs-httpd24-openssl-devel-1:1.0.2n-15.jbcs.el7
  • jbcs-httpd24-openssl-libs-1:1.0.2n-15.jbcs.el6
  • jbcs-httpd24-openssl-libs-1:1.0.2n-15.jbcs.el7
  • jbcs-httpd24-openssl-perl-1:1.0.2n-15.jbcs.el6
  • jbcs-httpd24-openssl-perl-1:1.0.2n-15.jbcs.el7
  • jbcs-httpd24-openssl-static-1:1.0.2n-15.jbcs.el6
  • jbcs-httpd24-openssl-static-1:1.0.2n-15.jbcs.el7
refmap via4
bid 107666
bugtraq
  • 20190403 [SECURITY] [DSA 4422-1] apache2 security update
  • 20190407 [slackware-security] httpd (SSA:2019-096-01)
confirm
debian DSA-4422
exploit-db 46676
fedora
  • FEDORA-2019-119b14075a
  • FEDORA-2019-a4ed7400f4
  • FEDORA-2019-cf7695b470
gentoo GLSA-201904-20
misc
mlist
  • [announce] 20200131 Apache Software Foundation Security Report: 2019
  • [community-dev] 20190411 CVE-2019-0211 applicable to versions 2.2.x?
  • [community-dev] 20190411 RE: CVE-2019-0211 applicable to versions 2.2.x?
  • [community-dev] 20190411 Re: CVE-2019-0211 applicable to versions 2.2.x?
  • [httpd-cvs] 20190611 svn commit: r1861068 - /httpd/site/trunk/content/security/vulnerabilities-httpd.xml
  • [httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
  • [httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
  • [httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
  • [httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
  • [httpd-users] 20190406 [users@httpd] CVE-2019-0211/0215/0217
  • [oss-security] 20190401 CVE-2019-0211: Apache HTTP Server privilege escalation from modules' scripts
  • [oss-security] 20190726 Re: Statistics for distros lists updated for 2019Q2
suse
  • openSUSE-SU-2019:1190
  • openSUSE-SU-2019:1209
  • openSUSE-SU-2019:1258
ubuntu USN-3937-1
Last major update 25-07-2024 - 14:58
Published 08-04-2019 - 22:29
Last modified 25-07-2024 - 14:58
Back to Top