Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.52884
Kategorie:Turbolinux Local Security Tests
Titel:Turbolinux TLSA-2004-11 (httpd)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing an update to httpd
announced via advisory TLSA-2004-11.

Apache is a powerful, full-featured, efficient, and freely-available Web server.

- Apache does not filter terminal escape sequences from its error logs,
which could make it easier for attackers to insert those sequences
into terminal emulators containing vulnerabilities related to escape sequences.

- Memory leak in ssl_engine_io.c for mod_ssl in Apache 2.

The vulnerabilities may allow an attacker to cause a denial of service of httpd.

Solution: Please use the turbopkg (zabom) tool to apply the update.
https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2004-11

Risk factor : Medium

CVSS Score:
5.0

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2003-0020
http://marc.info/?l=bugtraq&m=108369640424244&w=2
BugTraq ID: 9930
http://www.securityfocus.com/bid/9930
Bugtraq: 20030224 Terminal Emulator Security Issues (Google Search)
http://marc.info/?l=bugtraq&m=104612710031920&w=2
Bugtraq: 20040512 [OpenPKG-SA-2004.021] OpenPKG Security Advisory (apache) (Google Search)
http://marc.info/?l=bugtraq&m=108437852004207&w=2
http://security.gentoo.org/glsa/glsa-200405-22.xml
HPdes Security Advisory: SSRT4717
http://marc.info/?l=bugtraq&m=108731648532365&w=2
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:050
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:046
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100109
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A150
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4114
http://www.redhat.com/support/errata/RHSA-2003-082.html
http://www.redhat.com/support/errata/RHSA-2003-083.html
http://www.redhat.com/support/errata/RHSA-2003-104.html
http://www.redhat.com/support/errata/RHSA-2003-139.html
http://www.redhat.com/support/errata/RHSA-2003-243.html
http://www.redhat.com/support/errata/RHSA-2003-244.html
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.529643
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1
http://www.trustix.org/errata/2004/0017
http://www.trustix.org/errata/2004/0027
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html
http://www.iss.net/security_center/static/11412.php
Common Vulnerability Exposure (CVE) ID: CVE-2004-0113
BugTraq ID: 9826
http://www.securityfocus.com/bid/9826
Bugtraq: 20040325 LNSA-#2004-0006: bug workaround for Apache 2.0.48 (Google Search)
http://marc.info/?l=bugtraq&m=108034113406858&w=2
Conectiva Linux advisory: CLSA-2004:839
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000839
http://security.gentoo.org/glsa/glsa-200403-04.xml
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:043
http://issues.apache.org/bugzilla/show_bug.cgi?id=27106
http://marc.info/?l=apache-cvs&m=107869699329638
https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E
http://www.osvdb.org/4182
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A876
http://www.redhat.com/support/errata/RHSA-2004-084.html
http://www.redhat.com/support/errata/RHSA-2004-182.html
XForce ISS Database: apache-modssl-plain-dos(15419)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15419
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.