Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.52904
Kategorie:Turbolinux Local Security Tests
Titel:Turbolinux TLSA-2004-31 (apache)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing an update to apache
announced via advisory TLSA-2004-31.

Apache is a powerful, full-featured, efficient, and freely-available
Web server.

- A buffer overflow vulnerability has been found in Apache's mod_proxy
module exploitable via malformed Content-Length headers.

- A buffer overflow vulnerability has been found in Apache's mod_include
module -- in its get_tag() function.

The mod_proxy vulnerability may allow an attacker to cause a denial of
service of httpd.

A local user could exploit the mod_include vulnerability to gain apache
user privileges.

Solution: Please use the turbopkg (zabom) tool to apply the update.
https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2004-31

Risk factor : Critical

CVSS Score:
10.0

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2004-0492
Bugtraq: 20040611 [OpenPKG-SA-2004.029] OpenPKG Security Advisory (apache) (Google Search)
http://marc.info/?l=bugtraq&m=108711172710140&w=2
CERT/CC vulnerability note: VU#541310
http://www.kb.cert.org/vuls/id/541310
Debian Security Information: DSA-525 (Google Search)
http://www.debian.org/security/2004/dsa-525
https://bugzilla.fedora.us/show_bug.cgi?id=1737
http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html
HPdes Security Advisory: HPSBOV02683
http://marc.info/?l=bugtraq&m=130497311408250&w=2
HPdes Security Advisory: SSRT090208
http://www.mandriva.com/security/advisories?name=MDKSA-2004:065
http://www.guninski.com/modproxy1.html
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863
RedHat Security Advisories: RHSA-2004:245
http://rhn.redhat.com/errata/RHSA-2004-245.html
http://secunia.com/advisories/11841
SGI Security Advisory: 20040605-01-U
ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1
XForce ISS Database: apache-modproxy-contentlength-bo(16387)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16387
Common Vulnerability Exposure (CVE) ID: CVE-2004-0940
BugTraq ID: 11471
http://www.securityfocus.com/bid/11471
Debian Security Information: DSA-594 (Google Search)
http://www.debian.org/security/2004/dsa-594
http://www.mandriva.com/security/advisories?name=MDKSA-2004:134
http://marc.info/?l=bugtraq&m=109906660225051&w=2
http://www.redhat.com/support/errata/RHSA-2004-600.html
http://www.redhat.com/support/errata/RHSA-2005-816.html
http://securitytracker.com/id?1011783
http://secunia.com/advisories/12898/
http://secunia.com/advisories/19073
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1
http://www.vupen.com/english/advisories/2006/0789
XForce ISS Database: apache-modinclude-bo(17785)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17785
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.