Vulnerability Change Records for CVE-2016-5387

Change History

Modified Analysis 9/28/2016 11:41:50 AM

Action Type Old Value New Value
Changed CPE Configuration
Configuration 1
     OR
          *cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
          *cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
Configuration 2
     OR
          *cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:* (and previous)
Configuration 1
     OR
          *cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
          *cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
Configuration 2
     OR
          *cpe:2.3:o:oracle:linux:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*
          *cpe:2.3:o:oracle:linux:7.0:*:*:*:*:*:*:*
Configuration 3
     AND
          OR
               *cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*
          OR
               cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
               cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
Configuration 4
     OR
          *cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:* (and previous)
Changed Reference Type
http://rhn.redhat.com/errata/RHSA-2016-1648.html No Types Assigned
http://rhn.redhat.com/errata/RHSA-2016-1648.html Third Party Advisory
Changed Reference Type
http://rhn.redhat.com/errata/RHSA-2016-1649.html No Types Assigned
http://rhn.redhat.com/errata/RHSA-2016-1649.html Third Party Advisory
Changed Reference Type
http://rhn.redhat.com/errata/RHSA-2016-1650.html No Types Assigned
http://rhn.redhat.com/errata/RHSA-2016-1650.html Third Party Advisory
Changed Reference Type
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html No Types Assigned
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html Third Party Advisory

CVE Modified by Red Hat, Inc. 8/15/2019 5:15:29 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E [No Types Assigned]
Added Reference

								
							
							
						
https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E [No Types Assigned]

Modified Analysis 7/19/2016 2:11:17 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
Configuration 1
     OR
          *cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:* (and previous)
Added CVSS V2

								
							
							
						
(AV:N/AC:H/Au:N/C:P/I:P/A:P)
Added CVSS V3

								
							
							
						
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
CWE-284
Changed Reference Type
http://www.kb.cert.org/vuls/id/797896 US Govt Resource
http://www.kb.cert.org/vuls/id/797896 Advisory, US Govt Resource

CVE Modified by Red Hat, Inc. 8/08/2017 9:29:06 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html [No Types Assigned]

CVE Modified by Red Hat, Inc. 4/01/2020 11:15:31 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E [No Types Assigned]
Added Reference

								
							
							
						
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E [No Types Assigned]
Added Reference

								
							
							
						
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E [No Types Assigned]
Added Reference

								
							
							
						
https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E [No Types Assigned]

Modified Analysis 8/16/2016 10:6:24 AM

Action Type Old Value New Value
Changed CPE Configuration
Configuration 1
     OR
          *cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:* (and previous)
Configuration 1
     OR
          *cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
          *cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
Configuration 2
     OR
          *cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:* (and previous)
Changed Reference Type
http://www.securitytracker.com/id/1036330 No Types Assigned
http://www.securitytracker.com/id/1036330 Third Party Advisory, VDB Entry
Changed Reference Type
https://httpoxy.org/ No Types Assigned
https://httpoxy.org/ Third Party Advisory
Changed Reference Type
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/ No Types Assigned
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/ Third Party Advisory
Changed Reference Type
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/ No Types Assigned
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/ Third Party Advisory
Changed Reference Type
https://www.apache.org/security/asf-httpoxy-response.txt No Types Assigned
https://www.apache.org/security/asf-httpoxy-response.txt Vendor Advisory

Initial CVE Analysis 7/19/2016 9:34:01 AM

Action Type Old Value New Value

CPE Deprecation Remap 12/27/2019 11:8:55 AM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:oracle:linux:6.0:*:*:*:*:*:*:*
OR
     *cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*

Initial CVE Analysis 11/02/2016 10:25:13 AM

Action Type Old Value New Value
Changed CPE Configuration
Configuration 1
     OR
          *cpe:2.3:o:oracle:linux:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*
          *cpe:2.3:o:oracle:linux:7.0:*:*:*:*:*:*:*
Configuration 2
     AND
          OR
               *cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*
          OR
               cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
               cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
Configuration 3
     OR
          *cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
          *cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
Configuration 4
     OR
          *cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:* (and previous)
Configuration 1
     OR
          *cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
          *cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
Configuration 2
     AND
          OR
               *cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*
          OR
               cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
               cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
Configuration 3
     OR
          *cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:* (and previous)
Configuration 4
     OR
          *cpe:2.3:o:oracle:linux:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*
          *cpe:2.3:o:oracle:linux:7.0:*:*:*:*:*:*:*
Configuration 5
     OR
          *cpe:2.3:a:hp:system_management_homepage:7.5.5.0:*:*:*:*:*:*:* (and previous)
Configuration 6
     OR
          *cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
Changed Reference Type
http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html No Types Assigned
http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html Third Party Advisory
Changed Reference Type
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149 No Types Assigned
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149 Third Party Advisory

CVE Modified by Red Hat, Inc. 6/30/2017 9:29:56 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://security.gentoo.org/glsa/201701-36 [No Types Assigned]

CPE Deprecation Remap 12/27/2019 11:9:04 AM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:oracle:linux:7.0:*:*:*:*:*:*:*
OR
     *cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*

CVE Modified by Red Hat, Inc. 3/20/2017 9:59:00 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.debian.org/security/2016/dsa-3623 [No Types Assigned]

CVE Modified by Source 10/26/2016 10:0:35 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html

CVE Modified by Red Hat, Inc. 8/24/2017 9:29:00 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us [No Types Assigned]

CVE Modified by Red Hat, Inc. 11/28/2016 3:24:58 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html [No Types Assigned]
Added Reference

								
							
							
						
http://rhn.redhat.com/errata/RHSA-2016-1624.html [No Types Assigned]
Added Reference

								
							
							
						
http://rhn.redhat.com/errata/RHSA-2016-1625.html [No Types Assigned]
Added Reference

								
							
							
						
http://www.securityfocus.com/bid/91816 [No Types Assigned]
Added Reference

								
							
							
						
http://www.ubuntu.com/usn/USN-3038-1 [No Types Assigned]
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2016:1420 [No Types Assigned]
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2016:1421 [No Types Assigned]
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2016:1422 [No Types Assigned]
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2016:1635 [No Types Assigned]
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2016:1636 [No Types Assigned]
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2016:1851 [No Types Assigned]
Added Reference

								
							
							
						
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/ [No Types Assigned]
Added Reference

								
							
							
						
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/ [No Types Assigned]

CVE Modified by Red Hat, Inc. 11/02/2017 9:29:03 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.tenable.com/security/tns-2017-04 [No Types Assigned]

CVE Modified by Red Hat, Inc. 2/16/2017 9:59:13 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 [No Types Assigned]

CVE Modified by Source 8/11/2016 10:0:12 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securitytracker.com/id/1036330
Added Reference

								
							
							
						
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/
Added Reference

								
							
							
						
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/

CVE Modified by Source 10/28/2016 9:59:33 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149

CVE Modified by Red Hat, Inc. 1/18/2018 1:18:06 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html [No Types Assigned]

CVE Modified by Red Hat, Inc. 4/01/2020 12:15:24 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E [No Types Assigned]
Added Reference

								
							
							
						
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E [No Types Assigned]

CVE Modified by Source 9/27/2016 10:1:31 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://rhn.redhat.com/errata/RHSA-2016-1648.html
Added Reference

								
							
							
						
http://rhn.redhat.com/errata/RHSA-2016-1649.html
Added Reference

								
							
							
						
http://rhn.redhat.com/errata/RHSA-2016-1650.html
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

CVE Modified by Red Hat, Inc. 11/13/2017 9:29:00 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://support.apple.com/HT208221 [No Types Assigned]