You are viewing a plain text version of this content. The canonical link for it is here.

Posted to bugs@httpd.apache.org by bu...@apache.org on 2018/09/05 10:39:39 UTC

[Bug 62680] New: Vulnerabilities in Apache 2.4.33 - Web Server Generic Cookie Injection

https://bz.apache.org/bugzilla/show_bug.cgi?id=62680

            Bug ID: 62680
           Summary: Vulnerabilities in Apache 2.4.33 - Web Server Generic
                    Cookie Injection
           Product: Apache httpd-2
           Version: 2.4.34
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: critical
          Priority: P2
         Component: Build
          Assignee: bugs@httpd.apache.org
          Reporter: devendra.joshi@naaptol.com
  Target Milestone: ---

Created attachment 36132
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36132&action=edit
Vulnerabilities in Apache 2.4.33 - Web Server Generic Cookie Injection

Hi Team,

We have done IVA Scan with Nessus Vulnerability scanner and found vulnerability
in Apache 2.4.33.

Vulnerability Name : Web Server Generic Cookie Injection.
Operating System : CentOS 6.10
Apache Version : 2.4.34

Please resolve and update ASAP.

------------
Devendra Joshi

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 62680] Vulnerabilities in Apache 2.4.33 - Web Server Generic Cookie Injection

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=62680

Eric Covener <co...@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |INVALID

--- Comment #1 from Eric Covener <co...@gmail.com> ---
The truncated screenshot doesn't demonstrate any bug in the server, please do a
more thorough review of what your scanner is reporting.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org