Vulnerability & Exploit Database

Displaying entries 1 - 10 of 14 in total

Results for: CVE-2018-17199 Back to search

Oracle Solaris 11: CVE-2018-17199: Vulnerability in Apache HTTP server Vulnerability

  • Severity: 5
  • Published: January 30, 2019

In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.

IBM HTTP Server: CVE-2018-17199: Security vulnerability in the IBM HTTP Server Vulnerability

  • Severity: 5
  • Published: January 30, 2019

In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.

Huawei EulerOS: CVE-2018-17199: httpd security update Vulnerability

  • Severity: 5
  • Published: January 30, 2019

In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.

Huawei EulerOS: CVE-2018-17199: httpd security update Vulnerability

  • Severity: 5
  • Published: January 30, 2019

In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.

Gentoo Linux: CVE-2018-17199: Apache: Multiple vulnerabilities Vulnerability

  • Severity: 5
  • Published: January 30, 2019

In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.

Debian: CVE-2018-17199: apache2 -- security update Vulnerability

  • Severity: 5
  • Published: January 30, 2019

In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.

Apache HTTPD: mod_session_cookie does not respect expiry time (CVE-2018-17199) Vulnerability

  • Severity: 5
  • Published: January 24, 2019

The affected asset is vulnerable to this vulnerability ONLY if it is running one of the following modules: mod_session_cookie. Review your web server configuration for validation. In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time t...

Alpine Linux: CVE-2018-17199: apache2 Multiple vulnerabilities Vulnerability

  • Severity: 5
  • Published: January 24, 2019

In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.

Ubuntu: USN-3937-1 (CVE-2018-17199): Apache HTTP Server vulnerabilities Vulnerability

  • Severity: 5
  • Published: January 22, 2019

In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.

SUSE: CVE-2018-17199: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: January 22, 2019

In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.