Lucene search
David FiserZDI-18-1369HistoryDec 10, 2018 - 12:00 a.m.
Apache2 mod_http2 header Denial of Service Vulnerability
2018-12-1000:00:00
David Fiser
www.zerodayinitiative.com
12
0.007 Low
EPSS
Percentile
79.7%
This vulnerability allows remote attackers to create a denial of service condition on vulnerable installations of Apache HTTPD server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HTTP2 headers. A crafted HTTP2 request can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.
Related
nessus
nessus
Amazon Linux AMI : httpd24 (ALAS-2018-1104)
2018-12-17 00:00:00
Fedora 28 : mod_http2 (2018-6ffb18592f)
2019-01-03 00:00:00
Fedora 29 : mod_http2 (2018-9cdbb641f9)
2019-01-03 00:00:00
osv
osv
CVE-2018-11763
2018-09-25 21:29:00
redhatcve
redhatcve
CVE-2018-11763
2019-12-21 09:33:40
kaspersky
kaspersky
KLA12363 DoS vulnerability in Apache HTTP Server
2021-09-29 00:00:00
openvas
openvas
Fedora Update for mod_http2 FEDORA-2018-6ffb18592f
2018-10-16 00:00:00
Fedora Update for mod_http2 FEDORA-2018-9cdbb641f9
2019-05-07 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:3582-2)
2021-04-19 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: mod_http2-1.11.1-1.fc28
2018-10-15 10:47:22
[SECURITY] Fedora 29 Update: mod_http2-1.11.1-1.fc29
2018-10-30 17:44:04
[SECURITY] Fedora 29 Update: mod_http2-1.14.1-1.fc29
2019-03-21 14:42:38
suse
suse
Security update for apache2 (important)
2018-11-10 00:25:46
Security update for apache2 (important)
2018-10-17 06:14:48
Security update for virtualbox (important)
2019-01-25 00:00:00
cvelist
cvelist
CVE-2018-11763
2018-09-25 00:00:00
f5
f5
K28902827 : Apache mod_http2 vulnerability CVE-2018-11763
2018-10-04 00:00:00
amazon
amazon
Medium: httpd
2019-01-23 23:31:00
Medium: httpd24
2018-12-13 17:29:00
Medium: mod_http2
2018-11-07 22:11:00
ibm
ibm
debiancve
debiancve
CVE-2018-11763
2018-09-25 21:29:00
nvd
nvd
CVE-2018-11763
2018-09-25 21:29:00
httpd
httpd
Apache Httpd < 2.4.35 : DoS for HTTP/2 connections by continuous SETTINGS
2018-07-18 00:00:00
freebsd
freebsd
Apache -- Denial of service vulnerability in HTTP/2
2018-09-25 00:00:00
prion
prion
Design/Logic Flaw
2018-09-25 21:29:00
alpinelinux
alpinelinux
CVE-2018-11763
2018-09-25 21:29:00
veracode
veracode
Denial Of Service (DoS)
2019-05-16 03:21:42
Path Traversal
2019-05-16 03:38:52
Denial Of Service
2019-05-16 03:38:53
cve
cve
CVE-2018-11763
2018-09-25 21:29:00
ubuntucve
ubuntucve
CVE-2018-11763
2018-09-25 00:00:00
ubuntu
ubuntu
Apache HTTP Server vulnerabilities
2018-10-03 00:00:00
mageia
mageia
Updated apache packages fix security vulnerabilities
2018-11-20 14:11:24
redhat
redhat
(RHSA-2019:0367) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 security update
2019-02-18 16:47:10
(RHSA-2019:0366) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP1 security update
2019-02-18 16:45:31
(RHSA-2018:3558) Moderate: httpd24 security, bug fix, and enhancement update
2018-11-13 08:00:33
photon
photon
symantec
symantec
Apache HTTP Server Vulnerabilities Jul 2017 - Sep 2018
2018-11-07 08:01:01
oracle
oracle
Oracle Critical Patch Update Advisory - January 2019
2019-01-15 00:00:00
Oracle Critical Patch Update Advisory - April 2019
2019-04-16 00:00:00