Lucene search
F5F5:K17317HistorySep 24, 2015 - 12:00 a.m.
K17317 : Apache HTTP server vulnerability CVE-2015-0253
2015-09-2400:00:00
my.f5.com
9
Security Advisory Description
The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) by sending a request that lacks a method to an installation that enables the INCLUDES filter and has an ErrorDocument 400 directive specifying a local URI. (CVE-2015-0253)
Impact
There is no impact; F5 products are not affected by this vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| big-ip afm | eq | 11.3.0 | |
| big-ip afm | eq | 11.4.0 | |
| big-ip afm | eq | 11.4.1 | |
| big-ip afm | eq | 11.5.0 | |
| big-ip afm | eq | 11.5.1 | |
| big-ip afm | eq | 11.5.2 | |
| big-ip afm | eq | 11.5.3 | |
| big-ip afm | eq | 11.6.0 | |
| big-ip afm | eq | 12.0.0 | |
| f5os-a | eq | 1.0.0 |
Related
f5
f5
SOL17317 - Apache HTTP server vulnerability CVE-2015-0253
2015-09-24 00:00:00
cve
cve
CVE-2015-0253
2015-07-20 23:59:00
ubuntucve
ubuntucve
CVE-2015-0253
2015-07-20 00:00:00
nvd
nvd
CVE-2015-0253
2015-07-20 23:59:00
prion
prion
Null pointer dereference
2015-07-20 23:59:00
httpd
httpd
Apache Httpd < 2.4.16 : Crash in ErrorDocument 400 handling
2015-02-03 00:00:00
openvas
openvas
Apache HTTP Server Denial Of Service Vulnerability (Aug 2015) - Windows
2015-08-14 00:00:00
Apache HTTP Server Denial Of Service Vulnerability (Aug 2015) - Linux
2015-08-14 00:00:00
Fedora Update for httpd FEDORA-2015-11689
2015-07-22 00:00:00
debiancve
debiancve
CVE-2015-0253
2015-07-20 23:59:00
cvelist
cvelist
CVE-2015-0253
2015-07-20 23:00:00
nessus
nessus
Debian DLA-841-2 : apache2 regression update
2017-03-01 00:00:00
Slackware 14.0 / 14.1 / current : httpd (SSA:2015-198-01)
2015-07-20 00:00:00
Oracle Linux 7 : httpd24-httpd (ELSA-2015-1666)
2023-09-07 00:00:00
debian
debian
[SECURITY] [DLA 841-2] apache2 regression update
2017-07-29 17:41:52
securityvulns
securityvulns
Apache security vulnerabilities
2015-07-20 00:00:00
[slackware-security] httpd (SSA:2015-198-01)
2015-07-20 00:00:00
Apple Mac OS X / OS X Server multiple security vulnerabilities
2015-08-17 00:00:00
kaspersky
kaspersky
KLA10640 Multiple vulnerabilities in Apache HTTP Server
2015-07-21 00:00:00
redhat
redhat
(RHSA-2015:1666) Moderate: httpd24-httpd security update
2015-08-24 00:00:00
slackware
slackware
[slackware-security] httpd
2015-07-17 20:25:06
archlinux
archlinux
apache: multiple issues
2015-07-17 00:00:00
freebsd
freebsd
apache24 -- multiple vulnerabilities
2015-02-04 00:00:00
amazon
amazon
Medium: httpd24
2015-08-17 12:27:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:18:03
fedora
fedora
[SECURITY] Fedora 22 Update: httpd-2.4.16-1.fc22
2015-07-21 08:12:37
[SECURITY] Fedora 21 Update: httpd-2.4.16-1.fc21
2015-07-30 00:52:03
oraclelinux
oraclelinux
httpd24-httpd security update
2016-02-04 00:00:00