Lucene search
Redhat.comRH:CVE-2016-0736HistoryApr 05, 2020 - 4:55 a.m.
CVE-2016-0736
2020-04-0504:55:54
redhat.com
access.redhat.com
35
0.012 Low
EPSS
Percentile
85.5%
It was discovered that the mod_session_crypto module of httpd did not use any mechanisms to verify integrity of the encrypted session data stored in the user’s browser. A remote attacker could use this flaw to decrypt and modify session data using a padding oracle attack.
Related
zdt
zdt
Apache mod_session_crypto - Padding Oracle Vulnerability
2016-12-23 00:00:00
exploitpack
exploitpack
Apache mod_session_crypto - Padding Oracle
2016-12-23 00:00:00
prion
prion
Code injection
2017-07-27 21:29:00
myhack58
myhack58
osv
osv
CVE-2016-0736
2017-07-27 21:29:00
apache2 - security update
2017-02-26 00:00:00
packetstorm
packetstorm
Apache mod_session_crypt 2.5 Padding Oracle
2016-12-23 00:00:00
cvelist
cvelist
CVE-2016-0736
2016-12-20 00:00:00
cve
cve
CVE-2016-0736
2017-07-27 21:29:00
ubuntucve
ubuntucve
CVE-2016-0736
2016-12-22 00:00:00
veracode
veracode
Padding Oracle Attack
2019-01-15 09:17:00
nvd
nvd
CVE-2016-0736
2017-07-27 21:29:00
httpd
httpd
Apache Httpd < 2.4.25 : Padding Oracle in Apache mod_session_crypto
2016-01-20 00:00:00
debiancve
debiancve
CVE-2016-0736
2017-07-27 21:29:00
openvas
openvas
Apache HTTP Server mod_session_crypto Vulnerability (Dec 2016) - Linux
2021-11-01 00:00:00
Ubuntu: Security Advisory (USN-3279-1)
2017-05-10 00:00:00
Debian Security Advisory DSA 3796-1 (apache2 - security update)
2017-02-26 00:00:00
exploitdb
exploitdb
Apache mod_session_crypto - Padding Oracle
2016-12-23 00:00:00
f5
f5
K53437580 : Apache vulnerabilities CVE-2016-0736 and CVE-2016-2161
2017-02-01 00:00:00
nessus
nessus
SUSE SLES12 Security Update : apache2 (SUSE-SU-2017:0801-1)
2017-03-23 00:00:00
Amazon Linux AMI : httpd24 (ALAS-2017-785)
2017-01-20 00:00:00
Debian DSA-3796-1 : apache2 - security update
2017-02-27 00:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: httpd-2.4.25-1.fc24
2016-12-25 03:26:41
[SECURITY] Fedora 25 Update: httpd-2.4.25-1.fc25
2016-12-25 02:14:19
ibm
ibm
Security Bulletin: Open Source Apache HTTP Server Vulnerabilities which is used by IBM PureApplication Systems (CVE-2016-0736 CVE-2016-2161 CVE-2016-8743)
2018-06-15 07:08:14
Security Bulletin: Vulnerabilities CVE-2016-0736, CVE-2016-2161 and CVE-2016-8743 in IBM i HTTP Server
2019-12-18 14:26:38
Security Bulletin: Vulnerabilities in HTTPD affect PowerKVM
2018-06-18 01:36:16
oraclelinux
oraclelinux
httpd security and bug fix update
2017-04-12 00:00:00
amazon
amazon
Medium: httpd24
2017-01-19 16:30:00
debian
debian
[SECURITY] [DSA 3796-1] apache2 security update
2017-02-26 18:26:40
[SECURITY] [DSA 3796-1] apache2 security update
2017-02-26 18:26:40
ubuntu
ubuntu
Apache HTTP Server vulnerabilities
2017-05-09 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package apache2 version 1:2.4.25-alt1
2017-05-18 00:00:00
Security fix for the ALT Linux 9 package apache2 version 1:2.4.25-alt1
2017-05-18 00:00:00
Security fix for the ALT Linux 10 package apache2 version 1:2.4.25-alt1
2017-05-18 00:00:00
centos
centos
httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update
2017-04-13 10:59:52
redhat
redhat
(RHSA-2017:0906) Moderate: httpd security and bug fix update
2017-04-12 10:02:46
slackware
slackware
[slackware-security] httpd
2016-12-24 01:35:08
freebsd
freebsd
Apache httpd -- several vulnerabilities
2016-12-20 00:00:00
gentoo
gentoo
Apache: Multiple vulnerabilities
2017-01-15 00:00:00
mageia
mageia
Updated apache packages fix security vulnerability
2018-01-01 13:38:51
apple
apple
About the security content of macOS High Sierra 10.13
2017-09-25 00:00:00
About the security content of macOS High Sierra 10.13 - Apple Support
2020-02-06 07:51:09