Description
A regression was found in the Red Hat Enterprise Linux 6.9 version of httpd 2.2.15-60, causing comments in the "Allow" and "Deny" configuration lines to be parsed incorrectly. A web administrator could unintentionally allow any client to access a restricted HTTP resource.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Editor.md Cross-Site Scripting (1.6)
Oracle HTTP Server Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2015-2808)
Moodle Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2020-1754)
OpenSSL Integer Overflow or Wraparound Vulnerability (CVE-2021-23840)