Oval Definition:oval:org.opensuse.security:def:20153185
Revision Date:2022-09-02Version:1
Title:CVE-2015-3185
Description:

The ap_some_auth_required function in server/request.c in the Apache HTTP Server 2.4.x before 2.4.14 does not consider that a Require directive may be associated with an authorization setting rather than an authentication setting, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging the presence of a module that relies on the 2.2 API behavior.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2015-3185
Mitre CVE-2015-3185
SUSE CVE-2015-3185
openSUSE-SU-2015:1684-1
openSUSE-SU-2015:1684-1
SUSE-SU-2015:1851-1
SUSE-SU-2015:1851-1
Platform(s):openSUSE 13.1
openSUSE 13.2
SUSE CaaS Platform 4.5
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15 SP3
SUSE Linux Enterprise Desktop 15 SP4
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE Linux Enterprise High Performance Computing 15 SP4
SUSE Linux Enterprise Module for Basesystem 15 SP3
SUSE Linux Enterprise Module for Basesystem 15 SP4
SUSE Linux Enterprise Module for Server Applications 15 SP3
SUSE Linux Enterprise Module for Server Applications 15 SP4
SUSE Linux Enterprise Real Time 15 SP2
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server 15 SP4
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP4
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
Product(s):
Definition Synopsis
  • openSUSE 13.1 is installed
  • AND Package Information
  • apache2-2.4.6-6.50.1 is installed
  • OR apache2-devel-2.4.6-6.50.1 is installed
  • OR apache2-doc-2.4.6-6.50.1 is installed
  • OR apache2-event-2.4.6-6.50.1 is installed
  • OR apache2-example-pages-2.4.6-6.50.1 is installed
  • OR apache2-prefork-2.4.6-6.50.1 is installed
  • OR apache2-utils-2.4.6-6.50.1 is installed
  • OR apache2-worker-2.4.6-6.50.1 is installed
    • Definition Synopsis
  • openSUSE 13.2 is installed
  • AND Package Information
  • apache2-2.4.10-28.1 is installed
  • OR apache2-devel-2.4.10-28.1 is installed
  • OR apache2-doc-2.4.10-28.1 is installed
  • OR apache2-event-2.4.10-28.1 is installed
  • OR apache2-example-pages-2.4.10-28.1 is installed
  • OR apache2-prefork-2.4.10-28.1 is installed
  • OR apache2-utils-2.4.10-28.1 is installed
  • OR apache2-worker-2.4.10-28.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 is installed
  • AND
  • apache2-2.4.10-14.10 is installed
  • OR apache2-doc-2.4.10-14.10 is installed
  • OR apache2-example-pages-2.4.10-14.10 is installed
  • OR apache2-mod_auth_kerb-5.4-2.4 is installed
  • OR apache2-mod_jk-1.2.40-2.6 is installed
  • OR apache2-mod_security2-2.8.0-3.4 is installed
  • OR apache2-prefork-2.4.10-14.10 is installed
  • OR apache2-utils-2.4.10-14.10 is installed
  • OR apache2-worker-2.4.10-14.10 is installed
  • OR Package Information
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • AND
  • apache2-2.4.10-14.10 is installed
  • OR apache2-devel-2.4.10-14.10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND Package Information
  • apache2-2.4.10-14.10 is installed
  • OR apache2-doc-2.4.10-14.10 is installed
  • OR apache2-example-pages-2.4.10-14.10 is installed
  • OR apache2-mod_auth_kerb-5.4-2.4 is installed
  • OR apache2-mod_jk-1.2.40-2.6 is installed
  • OR apache2-mod_security2-2.8.0-3.4 is installed
  • OR apache2-prefork-2.4.10-14.10 is installed
  • OR apache2-utils-2.4.10-14.10 is installed
  • OR apache2-worker-2.4.10-14.10 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • AND
  • apache2-2.4.10-14.10 is installed
  • OR apache2-devel-2.4.10-14.10 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 is installed
  • AND
  • apache2-2.4.10-14.10 is installed
  • OR apache2-doc-2.4.10-14.10 is installed
  • OR apache2-example-pages-2.4.10-14.10 is installed
  • OR apache2-mod_auth_kerb-5.4-2.4 is installed
  • OR apache2-mod_jk-1.2.40-2.6 is installed
  • OR apache2-mod_security2-2.8.0-3.4 is installed
  • OR apache2-prefork-2.4.10-14.10 is installed
  • OR apache2-utils-2.4.10-14.10 is installed
  • OR apache2-worker-2.4.10-14.10 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 is installed
  • AND Package Information
  • apache2-2.4.10-14.10 is installed
  • OR apache2-doc-2.4.10-14.10 is installed
  • OR apache2-example-pages-2.4.10-14.10 is installed
  • OR apache2-mod_auth_kerb-5.4-2.4 is installed
  • OR apache2-mod_jk-1.2.40-2.6 is installed
  • OR apache2-mod_security2-2.8.0-3.4 is installed
  • OR apache2-prefork-2.4.10-14.10 is installed
  • OR apache2-utils-2.4.10-14.10 is installed
  • OR apache2-worker-2.4.10-14.10 is installed
    • Definition Synopsis
  • Release Information
  • SUSE CaaS Platform 4.5 is installed
  • AND apache2 is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • AND
  • apache2 is not affected
  • OR apache2-devel is not affected
  • OR apache2-doc is not affected
  • OR apache2-prefork is not affected
  • OR apache2-utils is not affected
  • OR apache2-worker is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • OR SUSE Linux Enterprise Server 11 SP3 is installed
  • AND apache2 is affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP3 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP3 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Storage 7.1 is installed
  • OR SUSE Manager Proxy 4.2 is installed
  • OR SUSE Manager Retail Branch Server 4.2 is installed
  • OR SUSE Manager Server 4.2 is installed
  • AND
  • apache2 is not affected
  • OR apache2-prefork is not affected
  • OR apache2-utils is not affected
  • OR Package Information
  • SUSE Linux Enterprise High Performance Computing 15 SP3 is installed
  • OR SUSE Linux Enterprise Module for Server Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Storage 7.1 is installed
  • OR SUSE Manager Proxy 4.2 is installed
  • OR SUSE Manager Retail Branch Server 4.2 is installed
  • OR SUSE Manager Server 4.2 is installed
  • AND
  • apache2-devel is not affected
  • OR apache2-doc is not affected
  • OR apache2-worker is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP3 is installed
  • OR SUSE Linux Enterprise Desktop 15 SP4 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP3 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP4 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP4 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed
  • OR SUSE Linux Enterprise Storage 7.1 is installed
  • OR SUSE Manager Proxy 4.2 is installed
  • OR SUSE Manager Proxy 4.3 is installed
  • OR SUSE Manager Retail Branch Server 4.2 is installed
  • OR SUSE Manager Retail Branch Server 4.3 is installed
  • OR SUSE Manager Server 4.2 is installed
  • OR SUSE Manager Server 4.3 is installed
  • AND Package Information
  • apache2 is not affected
  • OR apache2-prefork is not affected
  • OR apache2-utils is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND apache2 is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • AND
  • apache2 is not affected
  • OR apache2-doc is not affected
  • OR apache2-example-pages is not affected
  • OR apache2-prefork is not affected
  • OR apache2-utils is not affected
  • OR apache2-worker is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 is installed
  • AND
  • apache2-2.4.10-14.10.1 is installed
  • OR apache2-doc-2.4.10-14.10.1 is installed
  • OR apache2-example-pages-2.4.10-14.10.1 is installed
  • OR apache2-mod_auth_kerb-5.4-2.4.1 is installed
  • OR apache2-mod_jk-1.2.40-2.6.1 is installed
  • OR apache2-mod_security2-2.8.0-3.4.1 is installed
  • OR apache2-prefork-2.4.10-14.10.1 is installed
  • OR apache2-utils-2.4.10-14.10.1 is installed
  • OR apache2-worker-2.4.10-14.10.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Real Time 15 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • OR SUSE Manager Proxy 4.1 is installed
  • OR SUSE Manager Retail Branch Server 4.1 is installed
  • OR SUSE Manager Server 4.1 is installed
  • AND Package Information
  • apache2 is not affected
  • OR apache2-devel is not affected
  • OR apache2-doc is not affected
  • OR apache2-prefork is not affected
  • OR apache2-utils is not affected
  • OR apache2-worker is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP3 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP3 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Storage 7.1 is installed
  • OR SUSE Manager Proxy 4.2 is installed
  • OR SUSE Manager Retail Branch Server 4.2 is installed
  • OR SUSE Manager Server 4.2 is installed
  • AND
  • apache2 is not affected
  • OR apache2-prefork is not affected
  • OR apache2-utils is not affected
  • OR Package Information
  • SUSE Enterprise Storage 7 is installed
  • OR SUSE Linux Enterprise Real Time 15 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • AND
  • apache2 is not affected
  • OR apache2-devel is not affected
  • OR apache2-doc is not affected
  • OR apache2-prefork is not affected
  • OR apache2-utils is not affected
  • OR apache2-worker is not affected
  • OR Package Information
  • SUSE Linux Enterprise High Performance Computing 15 SP3 is installed
  • OR SUSE Linux Enterprise Module for Server Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Storage 7.1 is installed
  • OR SUSE Manager Proxy 4.2 is installed
  • OR SUSE Manager Retail Branch Server 4.2 is installed
  • OR SUSE Manager Server 4.2 is installed
  • AND
  • apache2-devel is not affected
  • OR apache2-doc is not affected
  • OR apache2-worker is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP4 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP4 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP4 is installed
  • OR SUSE Linux Enterprise Server 15 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed
  • OR SUSE Manager Proxy 4.3 is installed
  • OR SUSE Manager Retail Branch Server 4.3 is installed
  • OR SUSE Manager Server 4.3 is installed
  • AND
  • apache2 is not affected
  • OR apache2-prefork is not affected
  • OR apache2-utils is not affected
  • OR Package Information
  • SUSE Linux Enterprise High Performance Computing 15 SP4 is installed
  • OR SUSE Linux Enterprise Module for Server Applications 15 SP4 is installed
  • OR SUSE Linux Enterprise Server 15 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed
  • OR SUSE Manager Proxy 4.3 is installed
  • OR SUSE Manager Retail Branch Server 4.3 is installed
  • OR SUSE Manager Server 4.3 is installed
  • AND
  • apache2-devel is not affected
  • OR apache2-doc is not affected
  • OR apache2-worker is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND apache2 is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • AND
  • apache2 is not affected
  • OR apache2-doc is not affected
  • OR apache2-example-pages is not affected
  • OR apache2-prefork is not affected
  • OR apache2-utils is not affected
  • OR apache2-worker is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Real Time 15 SP2 is installed
  • AND apache2 is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • AND
  • apache2 is not affected
  • OR apache2-devel is not affected
  • OR apache2-doc is not affected
  • OR apache2-prefork is not affected
  • OR apache2-utils is not affected
  • OR apache2-worker is not affected
    • BACK