Rapid7 Vulnerability & Exploit Database

Alpine Linux: CVE-2016-8743: apache2 Multiple vulnerabilities

Back to Search

Alpine Linux: CVE-2016-8743: apache2 Multiple vulnerabilities

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:P/A:N)

Published

07/27/2017

Created

07/25/2018

Added

08/30/2017

Modified

12/27/2019

Description

Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution.

Solution(s)

alpine-linux-upgrade-apache2

References

https://attackerkb.com/topics/cve-2016-8743
6939
6940
6941
6942
95077
CVE - 2016-8743
DSA-3796
Category I
2017-A-0010
RHSA-2017:0906
RHSA-2017:1161
RHSA-2017:1413
RHSA-2017:1414
RHSA-2017:1415
RHSA-2017:1721

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Alpine Linux: CVE-2016-8743: apache2 Multiple vulnerabilities