SUSE SLES15: apache2 / apache2-devel / apache2-manual / apache2-prefork / etc (SUSE-SU-2026:2735-1)

high Nessus Plugin ID 325031

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2735-1 advisory.

This update for apache2 fixes the following issues

- CVE-2026-29167: mod_ldap per-dir use-after-free (bsc#1267976).
- CVE-2026-29170: mod_proxy_ftp XSS (bsc#1267977).
- CVE-2026-34355: mod_proxy_html buffer overflow (bsc#1267978).
- CVE-2026-34356: malicious backend servers can lead to a heap-based buffer overflow (bsc#1267955).
- CVE-2026-42535: malicious path manipulation can lead to child process crashes (bsc#1267956).
- CVE-2026-42536: processing untrusted content can lead to a heap-based buffer overflow (bsc#1267962).
- CVE-2026-43951: out-of-bound read in `merge_response_headers` can cause crash (bsc#1267963).
- CVE-2026-44119: improper privilege management can lead to an unauthorized read (bsc#1267965).
- CVE-2026-44185: Stack Buffer Over-Read in mod_ssl OCSP `send_request` (bsc#1267969).
- CVE-2026-44186: responses from an attacker-controlled FTP backend can lead to resource exhaustion and a denial of service (bsc#1267970).
- CVE-2026-44631: crafted regular expression can lead to a buffer underwrite (bsc#1267971).
- CVE-2026-48913: file handle exhaustion during request processing in mod_http2 can lead to a use-after- free (bsc#1267972).
- CVE-2026-49975: Fix cookie header accounting against LimitRequestFields (bsc#1267503).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1267503

https://bugzilla.suse.com/1267955

https://bugzilla.suse.com/1267956

https://bugzilla.suse.com/1267962

https://bugzilla.suse.com/1267963

https://bugzilla.suse.com/1267965

https://bugzilla.suse.com/1267969

https://bugzilla.suse.com/1267970

https://bugzilla.suse.com/1267971

https://bugzilla.suse.com/1267972

https://bugzilla.suse.com/1267976

https://bugzilla.suse.com/1267977

https://bugzilla.suse.com/1267978

https://lists.suse.com/pipermail/sle-updates/2026-July/047913.html

https://www.suse.com/security/cve/CVE-2026-29167

https://www.suse.com/security/cve/CVE-2026-29170

https://www.suse.com/security/cve/CVE-2026-34355

https://www.suse.com/security/cve/CVE-2026-34356

https://www.suse.com/security/cve/CVE-2026-42535

https://www.suse.com/security/cve/CVE-2026-42536

https://www.suse.com/security/cve/CVE-2026-43951

https://www.suse.com/security/cve/CVE-2026-44119

https://www.suse.com/security/cve/CVE-2026-44185

https://www.suse.com/security/cve/CVE-2026-44186

https://www.suse.com/security/cve/CVE-2026-44631

https://www.suse.com/security/cve/CVE-2026-48913

https://www.suse.com/security/cve/CVE-2026-49975

Plugin Details

Severity: High

ID: 325031

File Name: suse_SU-2026-2735-1.nasl

Version: 1.1

Type: Local

Agent: unix

Published: 7/3/2026

Updated: 7/3/2026

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Tenable Cloud Security, Tenable Self-Hosted Container Security, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.7

Percentile: 99.06

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2026-49975

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2026-44631

CVSS v4

Risk Factor: High

Base Score: 8.7

Threat Score: 7.7

Threat Vector: CVSS:4.0/E:P

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Vulnerability Information

CPE: cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:apache2, p-cpe:/a:novell:suse_linux:apache2-prefork, p-cpe:/a:novell:suse_linux:apache2-utils, p-cpe:/a:novell:suse_linux:apache2-worker, p-cpe:/a:novell:suse_linux:apache2-devel, p-cpe:/a:novell:suse_linux:apache2-manual

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/3/2026

Vulnerability Publication Date: 6/3/2026

Reference Information

CVE: CVE-2026-29167, CVE-2026-29170, CVE-2026-34355, CVE-2026-34356, CVE-2026-42535, CVE-2026-42536, CVE-2026-43951, CVE-2026-44119, CVE-2026-44185, CVE-2026-44186, CVE-2026-44631, CVE-2026-48913, CVE-2026-49975

IAVA: 2026-A-0558

SuSE: SUSE-SU-2026:2735-1