Rapid7 Vulnerability & Exploit Database

Oracle Solaris 11: CVE-2018-8011: Vulnerability in Apache HTTP server

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Oracle Solaris 11: CVE-2018-8011: Vulnerability in Apache HTTP server

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
07/18/2018
Created
03/19/2019
Added
10/19/2018
Modified
02/17/2022

Description

By specially crafting HTTP requests, the mod_md challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 (Affected 2.4.33).

Solution(s)

  • oracle-solaris-11-4-upgrade-database-mysql-57-5-7-23-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-database-mysql-57-client-5-7-23-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-database-mysql-57-embedded-5-7-23-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-database-mysql-57-library-5-7-23-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-database-mysql-57-tests-5-7-23-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-database-sqlite-3-3-24-0-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-database-sqlite-3-documentation-3-24-0-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-diagnostic-wireshark-2-6-3-11-4-1-0-1-2-0
  • oracle-solaris-11-4-upgrade-diagnostic-wireshark-tshark-2-6-3-11-4-1-0-1-2-0
  • oracle-solaris-11-4-upgrade-diagnostic-wireshark-wireshark-common-2-6-3-11-4-1-0-1-2-0
  • oracle-solaris-11-4-upgrade-image-library-libjpeg-6-0-2-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-desktop-dotconf-1-3-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-desktop-speech-dispatcher-0-8-6-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-desktop-webkitgtk4-2-18-6-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-liblouis-3-5-0-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-authen-pam-5-8-4-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-authen-pam-522-0-16-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-authen-pam-526-0-16-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-cgi-4-37-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-cgi-522-4-37-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-cgi-526-4-37-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-database-1-636-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-database-522-1-636-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-database-526-1-636-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-dbd-mysql-4042-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-dbd-mysql-522-4042-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-dbd-mysql-526-4042-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-dbd-sqlite-1-58-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-dbd-sqlite-522-1-58-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-dbd-sqlite-526-1-58-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-gettext-1-0-7-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-gettext-522-1-0-7-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-gettext-526-1-0-7-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-net-ssleay-1-80-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-net-ssleay-522-1-80-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-net-ssleay-526-1-80-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-perl-tk-522-804-33-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-perl-tk-526-804-33-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-perl-tk-804-33-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-perl-x11-protocol-0-56-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-perl-x11-protocol-522-0-56-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-perl-x11-protocol-526-0-56-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-pmtools-2-0-0-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-pmtools-522-2-0-0-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-pmtools-526-2-0-0-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-xml-libxml-2-128-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-xml-libxml-522-2-128-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-xml-libxml-526-2-128-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-xml-namespacesupport-1-11-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-xml-namespacesupport-522-1-11-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-xml-namespacesupport-526-1-11-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-xml-parser-5-12-1-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-xml-parser-522-2-44-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-xml-parser-526-2-44-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-xml-sax-0-99-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-xml-sax-522-0-99-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-xml-sax-526-0-99-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-xml-sax-base-1-8-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-xml-sax-base-522-1-8-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-xml-sax-base-526-1-8-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-xml-simple-2-24-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-xml-simple-522-2-24-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-perl-5-xml-simple-526-2-24-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-python-pyatspi2-2-18-0-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-python-pyatspi2-27-2-18-0-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-python-pyatspi2-34-2-18-0-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-python-pyatspi2-35-2-18-0-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-library-speech-espeak-1-44-0-5-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-mail-mailman-2-1-29-1-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-mail-thunderbird-52-9-1-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-mail-thunderbird-plugin-thunderbird-lightning-52-9-1-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-runtime-tcl-8-tcl-sqlite-3-3-24-0-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-system-display-manager-desktop-startup-0-38-0-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-system-display-manager-gdm-3-24-2-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-terminal-cssh-4-9-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-terminal-cssh-522-4-9-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-terminal-cssh-526-4-9-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-web-curl-7-61-0-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-web-java-servlet-tomcat-8-8-5-32-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-web-java-servlet-tomcat-8-tomcat-admin-8-5-32-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-web-java-servlet-tomcat-8-tomcat-examples-8-5-32-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-web-server-apache-24-2-4-34-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-web-server-apache-24-module-apache-dbd-2-4-34-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-web-server-apache-24-module-apache-gss-2-4-34-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-web-server-apache-24-module-apache-ldap-2-4-34-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-web-server-apache-24-module-apache-lua-2-4-34-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-web-server-apache-24-module-apache-ssl-2-4-34-11-4-1-0-1-1-0
  • oracle-solaris-11-4-upgrade-web-server-apache-24-module-apache-ssl-fips-140-2-4-34-11-4-1-0-1-1-0

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
  • Lightweight Endpoint Agent
  • Live Dashboards
  • Real Risk Prioritization
  • IT-Integrated Remediation Projects
  • Cloud, Virtual, and Container Assessment
  • Integrated Threat Feeds
  • Easy-to-Use RESTful API
  • Automation-Assisted Patching
  • Automated Containment
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;