The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4614 advisory.

  - httpd:  mod_proxy_wstunnel tunneling of non Upgraded connection (CVE-2019-17567)

  - pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1     (CVE-2019-20838)

  - httpd: mod_proxy NULL pointer dereference (CVE-2020-13950)

  - pcre: Integer overflow when parsing callout numeric arguments (CVE-2020-14155)

  - httpd: Single zero byte stack overflow in mod_auth_digest (CVE-2020-35452)

  - Red Hat JBCS: URL normalization issue with dot-dot-semicolon(s) leads to information disclosure     (CVE-2021-3688)

  - openssl: Read buffer overruns processing ASN.1 strings (CVE-2021-3712)

  - openssl: integer overflow in CipherUpdate (CVE-2021-23840)

  - openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841)

  - httpd: mod_session: NULL pointer dereference when parsing Cookie header (CVE-2021-26690)

  - httpd: mod_session: Heap overflow via a crafted SessionHeader value (CVE-2021-26691)

  - httpd: Unexpected URL matching with 'MergeSlashes OFF' (CVE-2021-30641)

  - httpd: NULL pointer dereference via malformed requests (CVE-2021-34798)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP10 (RHSA-2021:4614)

critical Nessus Plugin ID 155223

Version 1.10