oss-sec mailing list archives
CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow
From: Daniel Ruggeri <druggeri () apache org>
Date: Fri, 07 Aug 2020 06:31:38 -0500
CVE-2020-11984: mod_uwsgi buffer overlow Severity: moderate Vendor: The Apache Software Foundation Versions Affected: httpd 2.4.32 to 2.4.44 Description: Apache HTTP Server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE Mitigation: disable mod_uwsgi Credit: Discovered by Felix Wilhelm of Google Project Zero References: https://httpd.apache.org/security/vulnerabilities_24.html
Current thread:
- CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow Daniel Ruggeri (Aug 07)
- Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow Solar Designer (Aug 07)
- Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow Daniel Ruggeri (Aug 08)
- Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow Solar Designer (Aug 08)
- Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow Joe Orton (Aug 17)
- Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow Daniel Ruggeri (Aug 08)
- Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow Solar Designer (Aug 07)
- Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow Seth Arnold (Aug 07)
- Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow Daniel Ruggeri (Aug 08)
- Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow Seth Arnold (Aug 10)
- Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow Daniel Ruggeri (Aug 08)