Detections
Analytics
SUSE SLED15 / SLES15 Security Update : apache2 (SUSE-SU-2026:2104-1)
critical Nessus Plugin ID 317663
Synopsis
The remote SUSE host is missing one or more security updates.Description
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2104-1 advisory.This update for apache2 fixes the following issues
- CVE-2026-23918: http2: double free and possible RCE on early reset (bsc#1263957).
- CVE-2026-24072: mod_rewrite elevation of privileges via ap_expr (bsc#1263935).
- CVE-2026-28780: heap buffer overflow in `mod_proxy_ajp` via `ajp_msg_check_header()` (bsc#1264163).
- CVE-2026-29168: allocation of resources without limits in `mod_md` via OCSP response (bsc#1264150).
- CVE-2026-29169: NULL pointer dereference in `mod_dav_lock` allows server crash via malicious requests (bsc#1263956).
- CVE-2026-33006: `mod_auth_digest` timing attack allows bypass of Digest authentication (bsc#1263955).
- CVE-2026-33007: NULL pointer dereference in `mod_authn_socache` allows unauthenticated remote user to crash a child processes (bsc#1263954).
- CVE-2026-33523: HTTP response splitting forwarding malicious status line (bsc#1263953).
- CVE-2026-33857: off-by-one OOB reads in AJP getter functions (bsc#1263952).
- CVE-2026-34032: heap buffer overread in `mod_proxy_ajp` due to missing null-termination check (bsc#1263951).
- CVE-2026-34059: heap buffer overread and memory disclosure via `ajp_parse_data()` (bsc#1263950).
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://bugzilla.suse.com/1263935
https://bugzilla.suse.com/1263950
https://bugzilla.suse.com/1263951
https://bugzilla.suse.com/1263952
https://bugzilla.suse.com/1263953
https://bugzilla.suse.com/1263954
https://bugzilla.suse.com/1263955
https://bugzilla.suse.com/1263956
https://bugzilla.suse.com/1263957
https://bugzilla.suse.com/1264150
https://bugzilla.suse.com/1264163
https://lists.suse.com/pipermail/sle-updates/2026-May/046852.html
https://www.suse.com/security/cve/CVE-2026-23918
https://www.suse.com/security/cve/CVE-2026-24072
https://www.suse.com/security/cve/CVE-2026-28780
https://www.suse.com/security/cve/CVE-2026-29168
https://www.suse.com/security/cve/CVE-2026-29169
https://www.suse.com/security/cve/CVE-2026-33006
https://www.suse.com/security/cve/CVE-2026-33007
https://www.suse.com/security/cve/CVE-2026-33523
https://www.suse.com/security/cve/CVE-2026-33857
Plugin Details
Severity: Critical
ID: 317663
File Name: suse_SU-2026-2104-1.nasl
Version: 1.1
Type: Local
Agent: unix
Family: SuSE Local Security Checks
Published: 5/29/2026
Updated: 5/29/2026
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.2
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2026-28780
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:apache2-prefork, p-cpe:/a:novell:suse_linux:apache2-manual, p-cpe:/a:novell:suse_linux:apache2-devel, p-cpe:/a:novell:suse_linux:apache2, p-cpe:/a:novell:suse_linux:apache2-event, p-cpe:/a:novell:suse_linux:apache2-utils, p-cpe:/a:novell:suse_linux:apache2-worker, cpe:/o:novell:suse_linux:15
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 5/28/2026
Vulnerability Publication Date: 5/4/2026
Reference Information
CVE: CVE-2026-23918, CVE-2026-24072, CVE-2026-28780, CVE-2026-29168, CVE-2026-29169, CVE-2026-33006, CVE-2026-33007, CVE-2026-33523, CVE-2026-33857, CVE-2026-34032, CVE-2026-34059
IAVA: 2026-A-0423
SuSE: SUSE-SU-2026:2104-1