Project

General

Profile

Actions
Copy link

Defect #43574

closed

Apache Vulnerability Issue

Added by Kelvin Beh 1 day ago. Updated about 15 hours ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Security
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Invalid
Affected version:
6.0.7

Description

Hi Development Team,

We recently identified a potential vulnerability associated with Apache version 2.4.65. Although our server is currently secured with an SSL certificate and the related module has been disabled, I understand that these measures may only serve as temporary mitigation.

I have attached the detailed report for your review.
Please take a look and advise on the appropriate next steps.

Thank you.

Files

FW EXTERNALEWA Apache HTTP Server Patches SSRF NTLM Hash Leak suexec Privilege Bypass and Three Additional Low-Severity Flaws (REFEWA20251209-01).msg (646 KB) FW EXTERNALEWA Apache HTTP Server Patches SSRF NTLM Hash Leak suexec Privilege Bypass and Three Additional Low-Severity Flaws (REFEWA20251209-01).msg Security Report Kelvin Beh, 2025-12-10 02:34
Actions
Copy link
 #1

Updated by Go MAEDA about 15 hours ago

  • Status changed from New to Closed
  • Resolution set to Invalid

Redmine itself does not include or manage Apache, and the Redmine development team is not responsible for Apache-related security issues. Please refer to the official Apache HTTP Server Project or your operating system vendor for guidance.

Actions
Copy link

Also available in: Atom PDF