{"cve": [{"lastseen": "2021-02-02T05:24:38", "description": "ssl_engine_kernel.c in mod_ssl before 2.8.24, when using \"SSLVerifyClient optional\" in the global virtual host configuration, does not properly enforce \"SSLVerifyClient require\" in a per-location context, which allows remote attackers to bypass intended access restrictions.", "edition": 6, "cvss3": {}, "published": "2005-09-06T23:03:00", "title": "CVE-2005-2700", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-2700"], "modified": "2017-10-11T01:30:00", "cpe": ["cpe:/a:apache:http_server:2.0.40", "cpe:/a:apache:http_server:2.0.39", "cpe:/a:mod_ssl:mod_ssl:2.2.8", "cpe:/a:mod_ssl:mod_ssl:2.6.6", "cpe:/a:mod_ssl:mod_ssl:2.8.22", "cpe:/a:mod_ssl:mod_ssl:2.5.1", "cpe:/a:mod_ssl:mod_ssl:2.1.8", "cpe:/a:mod_ssl:mod_ssl:2.8.24", "cpe:/a:apache:http_server:2.0.32", "cpe:/a:mod_ssl:mod_ssl:2.0.15", "cpe:/a:apache:http_server:2.0.38", "cpe:/a:apache:http_server:2.0.35", "cpe:/a:apache:http_server:2.0.49", "cpe:/a:apache:http_server:2.0", "cpe:/a:apache:http_server:2.0.53", "cpe:/a:apache:http_server:2.0.50", "cpe:/a:mod_ssl:mod_ssl:2.8.14", "cpe:/a:mod_ssl:mod_ssl:2.8.21", "cpe:/a:mod_ssl:mod_ssl:2.8.15", "cpe:/a:apache:http_server:2.0.9", "cpe:/o:redhat:enterprise_linux:3.0", "cpe:/a:apache:http_server:2.0.28", "cpe:/a:apache:http_server:2.0.48", "cpe:/a:mod_ssl:mod_ssl:2.8.16", "cpe:/a:apache:http_server:2.0.46", "cpe:/a:apache:http_server:2.1.5", "cpe:/a:apache:http_server:2.1.6", "cpe:/a:apache:http_server:2.0.45", "cpe:/a:mod_ssl:mod_ssl:2.8.20", "cpe:/a:mod_ssl:mod_ssl:2.4.10", "cpe:/a:apache:http_server:2.0.41", "cpe:/a:apache:http_server:2.1.2", "cpe:/a:mod_ssl:mod_ssl:2.8.23", "cpe:/o:redhat:enterprise_linux_desktop:3.0", "cpe:/a:apache:http_server:2.0.44", "cpe:/a:mod_ssl:mod_ssl:2.8.18", "cpe:/a:apache:http_server:2.1.3", "cpe:/a:apache:http_server:2.1", "cpe:/o:redhat:enterprise_linux_desktop:4.0", "cpe:/a:mod_ssl:mod_ssl:2.8.19", "cpe:/a:apache:http_server:2.0.37", "cpe:/a:apache:http_server:2.0.54", "cpe:/a:apache:http_server:2.0.43", "cpe:/a:apache:http_server:2.0.47", "cpe:/a:apache:http_server:2.0.36", "cpe:/a:apache:http_server:2.1.4", "cpe:/a:apache:http_server:2.0.42", "cpe:/a:mod_ssl:mod_ssl:2.3.11", "cpe:/a:apache:http_server:2.0.52", "cpe:/a:mod_ssl:mod_ssl:2.7.1", "cpe:/a:apache:http_server:2.1.1", "cpe:/a:apache:http_server:2.0.51", "cpe:/o:redhat:enterprise_linux:4.0"], "id": "CVE-2005-2700", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2700", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:mod_ssl:mod_ssl:2.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.51:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.53:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:mod_ssl:mod_ssl:2.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:mod_ssl:mod_ssl:2.8.15:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*", "cpe:2.3:a:mod_ssl:mod_ssl:2.8.24:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.43:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:mod_ssl:mod_ssl:2.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:mod_ssl:mod_ssl:2.8.14:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:*", "cpe:2.3:a:mod_ssl:mod_ssl:2.8.22:*:*:*:*:*:*:*", "cpe:2.3:a:mod_ssl:mod_ssl:2.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*", "cpe:2.3:a:mod_ssl:mod_ssl:2.8.21:*:*:*:*:*:*:*", "cpe:2.3:a:mod_ssl:mod_ssl:2.8.18:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.42:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "cpe:2.3:a:mod_ssl:mod_ssl:2.8.16:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*", "cpe:2.3:a:mod_ssl:mod_ssl:2.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*", "cpe:2.3:a:mod_ssl:mod_ssl:2.8.19:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.54:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:mod_ssl:mod_ssl:2.8.20:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mod_ssl:mod_ssl:2.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", "cpe:2.3:a:mod_ssl:mod_ssl:2.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*", "cpe:2.3:a:mod_ssl:mod_ssl:2.8.23:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*", "cpe:2.3:a:mod_ssl:mod_ssl:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.45:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2016-09-26T17:23:06", "bulletinFamily": "software", "cvelist": ["CVE-2005-2700"], "edition": 1, "description": "In the default configuration, BIG-IP and 3-DNS do not require client certificates to connect to the Configuration utility. This vulnerability cannot be exploited without making unsupported changes to the BIG-IP or 3-DNS web server configuration.\n\nThis problem was tracked as CR53583 and CR53585 and was fixed in BIG-IP and 3-DNS version 4.5.14.\n", "modified": "2013-03-28T00:00:00", "published": "2007-05-16T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/5000/800/sol5857.html", "id": "SOL5857", "title": "SOL5857 - Client certificate check vulnerability in Apache - CVE-2005-2700", "type": "f5", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-26T17:23:26", "bulletinFamily": "software", "cvelist": ["CVE-2005-2700"], "edition": 1, "description": "Apache mod_ssl SSLVerifyClient bypass vulnerability CAN-2005-2700.\n\nInformation about this advisory is available at the following location:\n\n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700>\n", "modified": "2013-03-28T00:00:00", "published": "2007-05-16T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/5000/200/sol5278.html", "id": "SOL5278", "title": "SOL5278 - Apache mod_ssl SSLVerifyClient bypass - CAN-2005-2700", "type": "f5", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-20T21:07:46", "bulletinFamily": "software", "cvelist": ["CVE-2005-2700"], "description": "", "edition": 1, "modified": "2017-10-02T20:39:00", "published": "2007-05-17T04:00:00", "id": "F5:K5278", "href": "https://support.f5.com/csp/article/K5278", "title": "Apache mod_ssl SSLVerifyClient bypass - CAN-2005-2700", "type": "f5", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-01-06T10:03:30", "description": "A problem has been discovered in mod_ssl, which provides strong\ncryptography (HTTPS support) for Apache that allows remote attackers\nto bypass access restrictions.", "edition": 25, "published": "2005-09-13T00:00:00", "title": "Debian DSA-807-1 : libapache-mod-ssl - acl restriction bypass", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2700"], "modified": "2005-09-13T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libapache-mod-ssl", "cpe:/o:debian:debian_linux:3.1", "cpe:/o:debian:debian_linux:3.0"], "id": "DEBIAN_DSA-807.NASL", "href": "https://www.tenable.com/plugins/nessus/19682", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-807. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(19682);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2005-2700\");\n script_bugtraq_id(14721);\n script_xref(name:\"CERT\", value:\"744929\");\n script_xref(name:\"DSA\", value:\"807\");\n\n script_name(english:\"Debian DSA-807-1 : libapache-mod-ssl - acl restriction bypass\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A problem has been discovered in mod_ssl, which provides strong\ncryptography (HTTPS support) for Apache that allows remote attackers\nto bypass access restrictions.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2005/dsa-807\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libapache-mod-ssl package.\n\nFor the old stable distribution (woody) this problem has been fixed in\nversion 2.8.9-2.5.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 2.8.22-1sarge1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libapache-mod-ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/09/13\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/09/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"libapache-mod-ssl\", reference:\"2.8.9-2.5\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libapache-mod-ssl-doc\", reference:\"2.8.9-2.5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libapache-mod-ssl\", reference:\"2.8.22-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libapache-mod-ssl-doc\", reference:\"2.8.22-1sarge1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:05:32", "description": "An updated mod_ssl package for Apache that corrects a security issue\nis now available.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe mod_ssl module provides strong cryptography for the Apache Web\nserver via the Secure Sockets Layer (SSL) and Transport Layer Security\n(TLS) protocols.\n\nA flaw was discovered in mod_ssl's handling of the 'SSLVerifyClient'\ndirective. This flaw occurs if a virtual host is configured using\n'SSLVerifyClient optional' and a directive 'SSLVerifyClient required'\nis set for a specific location. For servers configured in this\nfashion, an attacker may be able to access resources that should\notherwise be protected, by not supplying a client certificate when\nconnecting. The Common Vulnerabilities and Exposures project assigned\nthe name CVE-2005-2700 to this issue.\n\nUsers of mod_ssl should upgrade to this updated package, which\ncontains a backported patch to correct this issue.", "edition": 27, "published": "2005-09-17T00:00:00", "title": "RHEL 2.1 : mod_ssl (RHSA-2005:773)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2700"], "modified": "2005-09-17T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:mod_ssl"], "id": "REDHAT-RHSA-2005-773.NASL", "href": "https://www.tenable.com/plugins/nessus/19714", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:773. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(19714);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-2700\");\n script_xref(name:\"RHSA\", value:\"2005:773\");\n\n script_name(english:\"RHEL 2.1 : mod_ssl (RHSA-2005:773)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated mod_ssl package for Apache that corrects a security issue\nis now available.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe mod_ssl module provides strong cryptography for the Apache Web\nserver via the Secure Sockets Layer (SSL) and Transport Layer Security\n(TLS) protocols.\n\nA flaw was discovered in mod_ssl's handling of the 'SSLVerifyClient'\ndirective. This flaw occurs if a virtual host is configured using\n'SSLVerifyClient optional' and a directive 'SSLVerifyClient required'\nis set for a specific location. For servers configured in this\nfashion, an attacker may be able to access resources that should\notherwise be protected, by not supplying a client certificate when\nconnecting. The Common Vulnerabilities and Exposures project assigned\nthe name CVE-2005-2700 to this issue.\n\nUsers of mod_ssl should upgrade to this updated package, which\ncontains a backported patch to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-2700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2005:773\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mod_ssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/09/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^2\\.1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i386\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2005:773\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"mod_ssl-2.8.12-8\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_ssl\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T09:10:16", "description": "New mod_ssl packages are available for Slackware 8.1, 9.0, 9.1, 10.0,\n10.1, and -current to fix a security issue. If 'SSLVerifyClient\noptional' was configured in the global section of the config file, it\ncould improperly override 'SSLVerifyClient require' in a per-location\nsection.", "edition": 25, "published": "2005-10-05T00:00:00", "title": "Slackware 10.0 / 10.1 / 8.1 / 9.0 / 9.1 / current : mod_ssl (SSA:2005-251-02)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2700"], "modified": "2005-10-05T00:00:00", "cpe": ["cpe:/o:slackware:slackware_linux:8.1", "cpe:/o:slackware:slackware_linux:9.0", "cpe:/o:slackware:slackware_linux:9.1", "cpe:/o:slackware:slackware_linux:10.1", "cpe:/o:slackware:slackware_linux:10.0", "cpe:/o:slackware:slackware_linux", "p-cpe:/a:slackware:slackware_linux:mod_ssl"], "id": "SLACKWARE_SSA_2005-251-02.NASL", "href": "https://www.tenable.com/plugins/nessus/19862", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2005-251-02. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(19862);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-2700\");\n script_xref(name:\"SSA\", value:\"2005-251-02\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 8.1 / 9.0 / 9.1 / current : mod_ssl (SSA:2005-251-02)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New mod_ssl packages are available for Slackware 8.1, 9.0, 9.1, 10.0,\n10.1, and -current to fix a security issue. If 'SSLVerifyClient\noptional' was configured in the global section of the config file, it\ncould improperly override 'SSLVerifyClient require' in a per-location\nsection.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.458879\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5e540b17\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mod_ssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/10/05\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/09/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"8.1\", pkgname:\"mod_ssl\", pkgver:\"2.8.24_1.3.33\", pkgarch:\"i386\", pkgnum:\"1\")) flag++;\n\nif (slackware_check(osver:\"9.0\", pkgname:\"mod_ssl\", pkgver:\"2.8.24_1.3.33\", pkgarch:\"i386\", pkgnum:\"1\")) flag++;\n\nif (slackware_check(osver:\"9.1\", pkgname:\"mod_ssl\", pkgver:\"2.8.24_1.3.33\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"mod_ssl\", pkgver:\"2.8.24_1.3.33\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"mod_ssl\", pkgver:\"2.8.24_1.3.33\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"mod_ssl\", pkgver:\"2.8.24_1.3.33\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T11:51:29", "description": "A flaw was discovered in mod_ssl's handling of the 'SSLVerifyClient'\ndirective. This flaw occurs if a virtual host is configured using\n'SSLVerifyClient optional' and a directive 'SSLVerifyClient required'\nis set for a specific location. For servers configured in this\nfashion, an attacker may be able to access resources that should\notherwise be protected, by not supplying a client certificate when\nconnecting. (CVE-2005-2700)\n\nA flaw was discovered in Apache httpd where the byterange filter would\nbuffer certain responses into memory. If a server has a dynamic\nresource such as a CGI script or PHP script that generates a large\namount of data, an attacker could send carefully crafted requests in\norder to consume resources, potentially leading to a Denial of\nService. (CVE-2005-2728)\n\nThe updated packages have been patched to address these issues.", "edition": 25, "published": "2005-10-05T00:00:00", "title": "Mandrake Linux Security Advisory : apache2 (MDKSA-2005:161)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2700", "CVE-2005-2728"], "modified": "2005-10-05T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:apache2-mod_dav", "p-cpe:/a:mandriva:linux:apache2-mod_ssl", "p-cpe:/a:mandriva:linux:apache2-mod_ldap", "p-cpe:/a:mandriva:linux:apache2", "p-cpe:/a:mandriva:linux:lib64apr0", "cpe:/o:mandrakesoft:mandrake_linux:10.1", "cpe:/o:mandrakesoft:mandrake_linux:10.0", "p-cpe:/a:mandriva:linux:apache2-mod_disk_cache", "p-cpe:/a:mandriva:linux:apache2-common", "p-cpe:/a:mandriva:linux:apache2-devel", "p-cpe:/a:mandriva:linux:apache2-modules", "p-cpe:/a:mandriva:linux:apache2-mod_mem_cache", "p-cpe:/a:mandriva:linux:apache2-manual", "p-cpe:/a:mandriva:linux:apache2-mod_file_cache", "p-cpe:/a:mandriva:linux:apache2-mod_proxy", "x-cpe:/o:mandrakesoft:mandrake_linux:le2005", "p-cpe:/a:mandriva:linux:apache2-mod_cache", "p-cpe:/a:mandriva:linux:libapr0", "p-cpe:/a:mandriva:linux:apache2-mod_deflate", "p-cpe:/a:mandriva:linux:apache2-worker", "p-cpe:/a:mandriva:linux:apache2-source", "p-cpe:/a:mandriva:linux:apache2-peruser"], "id": "MANDRAKE_MDKSA-2005-161.NASL", "href": "https://www.tenable.com/plugins/nessus/19916", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2005:161. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(19916);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-2700\", \"CVE-2005-2728\");\n script_xref(name:\"MDKSA\", value:\"2005:161\");\n\n script_name(english:\"Mandrake Linux Security Advisory : apache2 (MDKSA-2005:161)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was discovered in mod_ssl's handling of the 'SSLVerifyClient'\ndirective. This flaw occurs if a virtual host is configured using\n'SSLVerifyClient optional' and a directive 'SSLVerifyClient required'\nis set for a specific location. For servers configured in this\nfashion, an attacker may be able to access resources that should\notherwise be protected, by not supplying a client certificate when\nconnecting. (CVE-2005-2700)\n\nA flaw was discovered in Apache httpd where the byterange filter would\nbuffer certain responses into memory. If a server has a dynamic\nresource such as a CGI script or PHP script that generates a large\namount of data, an attacker could send carefully crafted requests in\norder to consume resources, potentially leading to a Denial of\nService. (CVE-2005-2728)\n\nThe updated packages have been patched to address these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_dav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_deflate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_disk_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_file_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_mem_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-peruser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64apr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libapr0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:mandrakesoft:mandrake_linux:le2005\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/10/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.0\", reference:\"apache2-2.0.48-6.11.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"apache2-common-2.0.48-6.11.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"apache2-devel-2.0.48-6.11.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"apache2-manual-2.0.48-6.11.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"apache2-mod_cache-2.0.48-6.11.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"apache2-mod_dav-2.0.48-6.11.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"apache2-mod_deflate-2.0.48-6.11.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"apache2-mod_disk_cache-2.0.48-6.11.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"apache2-mod_file_cache-2.0.48-6.11.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"apache2-mod_ldap-2.0.48-6.11.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"apache2-mod_mem_cache-2.0.48-6.11.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"apache2-mod_proxy-2.0.48-6.11.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"apache2-mod_ssl-2.0.48-6.11.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"apache2-modules-2.0.48-6.11.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"apache2-source-2.0.48-6.11.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64apr0-2.0.48-6.11.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libapr0-2.0.48-6.11.100mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-2.0.50-7.4.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-common-2.0.50-7.4.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-devel-2.0.50-7.4.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-manual-2.0.50-7.4.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_cache-2.0.50-7.4.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_dav-2.0.50-7.4.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_deflate-2.0.50-7.4.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_disk_cache-2.0.50-7.4.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_file_cache-2.0.50-7.4.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_ldap-2.0.50-7.4.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_mem_cache-2.0.50-7.4.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_proxy-2.0.50-7.4.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_ssl-2.0.50-4.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-modules-2.0.50-7.4.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-source-2.0.50-7.4.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-worker-2.0.50-7.4.101mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-2.0.53-9.2.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-common-2.0.53-9.2.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-devel-2.0.53-9.2.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-manual-2.0.53-9.2.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_cache-2.0.53-9.2.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_dav-2.0.53-9.2.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_deflate-2.0.53-9.2.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_disk_cache-2.0.53-9.2.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_file_cache-2.0.53-9.2.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_ldap-2.0.53-9.2.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_mem_cache-2.0.53-9.2.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_proxy-2.0.53-9.2.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_ssl-2.0.53-8.2.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-modules-2.0.53-9.2.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-peruser-2.0.53-9.2.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-source-2.0.53-9.2.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-worker-2.0.53-9.2.102mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:05:52", "description": "This update includes two security fixes. An issue was discovered in\nmod_ssl where 'SSLVerifyClient require' would not be honoured in\nlocation context if the virtual host had 'SSLVerifyClient optional'\nconfigured (CVE-2005-2700). An issue was discovered in memory\nconsumption of the byterange filter for dynamic resources such as PHP\nor CGI script (CVE-2005-2728).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2005-09-17T00:00:00", "title": "Fedora Core 4 : httpd-2.0.54-10.2 (2005-849)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2700", "CVE-2005-2728"], "modified": "2005-09-17T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:httpd", "p-cpe:/a:fedoraproject:fedora:httpd-devel", "p-cpe:/a:fedoraproject:fedora:httpd-manual", "cpe:/o:fedoraproject:fedora_core:4", "p-cpe:/a:fedoraproject:fedora:httpd-debuginfo", "p-cpe:/a:fedoraproject:fedora:mod_ssl"], "id": "FEDORA_2005-849.NASL", "href": "https://www.tenable.com/plugins/nessus/19728", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2005-849.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(19728);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_xref(name:\"FEDORA\", value:\"2005-849\");\n\n script_name(english:\"Fedora Core 4 : httpd-2.0.54-10.2 (2005-849)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update includes two security fixes. An issue was discovered in\nmod_ssl where 'SSLVerifyClient require' would not be honoured in\nlocation context if the virtual host had 'SSLVerifyClient optional'\nconfigured (CVE-2005-2700). An issue was discovered in memory\nconsumption of the byterange filter for dynamic resources such as PHP\nor CGI script (CVE-2005-2728).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2005-September/001342.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b5f70a26\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/09/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 4.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC4\", reference:\"httpd-2.0.54-10.2\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"httpd-debuginfo-2.0.54-10.2\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"httpd-devel-2.0.54-10.2\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"httpd-manual-2.0.54-10.2\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"mod_ssl-2.0.54-10.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-debuginfo / httpd-devel / httpd-manual / mod_ssl\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:05:52", "description": "This update includes two security fixes. An issue was discovered in\nmod_ssl where 'SSLVerifyClient require' would not be honoured in\nlocation context if the virtual host had 'SSLVerifyClient optional'\nconfigured (CVE-2005-2700). An issue was discovered in memory\nconsumption of the byterange filter for dynamic resources such as PHP\nor CGI script (CVE-2005-2728).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2005-09-17T00:00:00", "title": "Fedora Core 3 : httpd-2.0.53-3.3 (2005-848)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2700", "CVE-2005-2728"], "modified": "2005-09-17T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:httpd", "cpe:/o:fedoraproject:fedora_core:3", "p-cpe:/a:fedoraproject:fedora:httpd-devel", "p-cpe:/a:fedoraproject:fedora:httpd-manual", "p-cpe:/a:fedoraproject:fedora:httpd-suexec", "p-cpe:/a:fedoraproject:fedora:httpd-debuginfo", "p-cpe:/a:fedoraproject:fedora:mod_ssl"], "id": "FEDORA_2005-848.NASL", "href": "https://www.tenable.com/plugins/nessus/19727", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2005-848.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(19727);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_xref(name:\"FEDORA\", value:\"2005-848\");\n\n script_name(english:\"Fedora Core 3 : httpd-2.0.53-3.3 (2005-848)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update includes two security fixes. An issue was discovered in\nmod_ssl where 'SSLVerifyClient require' would not be honoured in\nlocation context if the virtual host had 'SSLVerifyClient optional'\nconfigured (CVE-2005-2700). An issue was discovered in memory\nconsumption of the byterange filter for dynamic resources such as PHP\nor CGI script (CVE-2005-2728).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2005-September/001343.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4989b5ff\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd-suexec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/09/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 3.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC3\", reference:\"httpd-2.0.53-3.3\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"httpd-debuginfo-2.0.53-3.3\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"httpd-devel-2.0.53-3.3\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"httpd-manual-2.0.53-3.3\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"httpd-suexec-2.0.53-3.3\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"mod_ssl-2.0.53-3.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-debuginfo / httpd-devel / httpd-manual / httpd-suexec / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:05:30", "description": "Updated Apache httpd packages that correct two security issues are now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular and freely-available Web server.\n\nA flaw was discovered in mod_ssl's handling of the 'SSLVerifyClient'\ndirective. This flaw occurs if a virtual host is configured using\n'SSLVerifyClient optional' and a directive 'SSLVerifyClient required'\nis set for a specific location. For servers configured in this\nfashion, an attacker may be able to access resources that should\notherwise be protected, by not supplying a client certificate when\nconnecting. The Common Vulnerabilities and Exposures project assigned\nthe name CVE-2005-2700 to this issue.\n\nA flaw was discovered in Apache httpd where the byterange filter would\nbuffer certain responses into memory. If a server has a dynamic\nresource such as a CGI script or PHP script that generates a large\namount of data, an attacker could send carefully crafted requests in\norder to consume resources, potentially leading to a Denial of\nService. (CVE-2005-2728)\n\nUsers of Apache httpd should update to these errata packages that\ncontain backported patches to correct these issues.", "edition": 28, "published": "2005-09-12T00:00:00", "title": "RHEL 3 / 4 : httpd (RHSA-2005:608)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2700", "CVE-2005-2728"], "modified": "2005-09-12T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "p-cpe:/a:redhat:enterprise_linux:httpd-suexec", "p-cpe:/a:redhat:enterprise_linux:mod_ssl", "p-cpe:/a:redhat:enterprise_linux:httpd", "p-cpe:/a:redhat:enterprise_linux:httpd-manual", "p-cpe:/a:redhat:enterprise_linux:httpd-devel"], "id": "REDHAT-RHSA-2005-608.NASL", "href": "https://www.tenable.com/plugins/nessus/19673", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:608. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(19673);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-2700\", \"CVE-2005-2728\");\n script_xref(name:\"RHSA\", value:\"2005:608\");\n\n script_name(english:\"RHEL 3 / 4 : httpd (RHSA-2005:608)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated Apache httpd packages that correct two security issues are now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular and freely-available Web server.\n\nA flaw was discovered in mod_ssl's handling of the 'SSLVerifyClient'\ndirective. This flaw occurs if a virtual host is configured using\n'SSLVerifyClient optional' and a directive 'SSLVerifyClient required'\nis set for a specific location. For servers configured in this\nfashion, an attacker may be able to access resources that should\notherwise be protected, by not supplying a client certificate when\nconnecting. The Common Vulnerabilities and Exposures project assigned\nthe name CVE-2005-2700 to this issue.\n\nA flaw was discovered in Apache httpd where the byterange filter would\nbuffer certain responses into memory. If a server has a dynamic\nresource such as a CGI script or PHP script that generates a large\namount of data, an attacker could send carefully crafted requests in\norder to consume resources, potentially leading to a Denial of\nService. (CVE-2005-2728)\n\nUsers of Apache httpd should update to these errata packages that\ncontain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-2700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-2728\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2005:608\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-suexec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/08/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/09/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2005:608\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"httpd-2.0.46-46.3.ent\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"httpd-devel-2.0.46-46.3.ent\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"mod_ssl-2.0.46-46.3.ent\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"httpd-2.0.52-12.2.ent\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"httpd-devel-2.0.52-12.2.ent\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"httpd-manual-2.0.52-12.2.ent\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"httpd-suexec-2.0.52-12.2.ent\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"mod_ssl-2.0.52-12.2.ent\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / httpd-manual / httpd-suexec / mod_ssl\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:24:51", "description": "Updated Apache httpd packages that correct two security issues are now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular and freely-available Web server.\n\nA flaw was discovered in mod_ssl's handling of the 'SSLVerifyClient'\ndirective. This flaw occurs if a virtual host is configured using\n'SSLVerifyClient optional' and a directive 'SSLVerifyClient required'\nis set for a specific location. For servers configured in this\nfashion, an attacker may be able to access resources that should\notherwise be protected, by not supplying a client certificate when\nconnecting. The Common Vulnerabilities and Exposures project assigned\nthe name CVE-2005-2700 to this issue.\n\nA flaw was discovered in Apache httpd where the byterange filter would\nbuffer certain responses into memory. If a server has a dynamic\nresource such as a CGI script or PHP script that generates a large\namount of data, an attacker could send carefully crafted requests in\norder to consume resources, potentially leading to a Denial of\nService. (CVE-2005-2728)\n\nUsers of Apache httpd should update to these errata packages that\ncontain backported patches to correct these issues.", "edition": 27, "published": "2006-07-03T00:00:00", "title": "CentOS 3 / 4 : httpd (CESA-2005:608)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2700", "CVE-2005-2728"], "modified": "2006-07-03T00:00:00", "cpe": ["p-cpe:/a:centos:centos:httpd-suexec", "p-cpe:/a:centos:centos:mod_ssl", "p-cpe:/a:centos:centos:httpd-manual", "cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:httpd", "p-cpe:/a:centos:centos:httpd-devel", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2005-608.NASL", "href": "https://www.tenable.com/plugins/nessus/21845", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:608 and \n# CentOS Errata and Security Advisory 2005:608 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(21845);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2005-2700\", \"CVE-2005-2728\");\n script_xref(name:\"RHSA\", value:\"2005:608\");\n\n script_name(english:\"CentOS 3 / 4 : httpd (CESA-2005:608)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated Apache httpd packages that correct two security issues are now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular and freely-available Web server.\n\nA flaw was discovered in mod_ssl's handling of the 'SSLVerifyClient'\ndirective. This flaw occurs if a virtual host is configured using\n'SSLVerifyClient optional' and a directive 'SSLVerifyClient required'\nis set for a specific location. For servers configured in this\nfashion, an attacker may be able to access resources that should\notherwise be protected, by not supplying a client certificate when\nconnecting. The Common Vulnerabilities and Exposures project assigned\nthe name CVE-2005-2700 to this issue.\n\nA flaw was discovered in Apache httpd where the byterange filter would\nbuffer certain responses into memory. If a server has a dynamic\nresource such as a CGI script or PHP script that generates a large\namount of data, an attacker could send carefully crafted requests in\norder to consume resources, potentially leading to a Denial of\nService. (CVE-2005-2728)\n\nUsers of Apache httpd should update to these errata packages that\ncontain backported patches to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-September/012113.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f8ace65b\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-September/012114.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?48e31449\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-September/012117.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?81f110a4\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-September/012118.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?affef2d3\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-September/012119.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7f48d9a8\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-September/012121.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5db487cf\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected httpd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-suexec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/08/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/07/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x / 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"httpd-2.0.46-46.3.ent.centos.1\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"httpd-devel-2.0.46-46.3.ent.centos.1\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"mod_ssl-2.0.46-46.3.ent.centos.1\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", reference:\"httpd-2.0.52-12.2.ent.centos4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"httpd-devel-2.0.52-12.2.ent.centos4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"httpd-manual-2.0.52-12.2.ent.centos4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"httpd-suexec-2.0.52-12.2.ent.centos4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"mod_ssl-2.0.52-12.2.ent.centos4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / httpd-manual / httpd-suexec / mod_ssl\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T10:51:59", "description": "The remote host is affected by the vulnerability described in GLSA-200509-12\n(Apache, mod_ssl: Multiple vulnerabilities)\n\n mod_ssl contains a security issue when 'SSLVerifyClient optional' is\n configured in the global virtual host configuration (CAN-2005-2700).\n Also, Apache's httpd includes a PCRE library, which makes it vulnerable\n to an integer overflow (CAN-2005-2491).\n \nImpact :\n\n Under a specific configuration, mod_ssl does not properly enforce the\n client-based certificate authentication directive, 'SSLVerifyClient\n require', in a per-location context, which could be potentially used by\n a remote attacker to bypass some restrictions. By creating a specially\n crafted '.htaccess' file, a local attacker could possibly exploit\n Apache's vulnerability, which would result in a local privilege\n escalation.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 25, "published": "2005-10-05T00:00:00", "title": "GLSA-200509-12 : Apache, mod_ssl: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2700", "CVE-2005-2491"], "modified": "2005-10-05T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:mod_ssl", "p-cpe:/a:gentoo:linux:apache"], "id": "GENTOO_GLSA-200509-12.NASL", "href": "https://www.tenable.com/plugins/nessus/19811", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200509-12.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(19811);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-2491\", \"CVE-2005-2700\");\n script_bugtraq_id(14620);\n script_xref(name:\"GLSA\", value:\"200509-12\");\n\n script_name(english:\"GLSA-200509-12 : Apache, mod_ssl: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200509-12\n(Apache, mod_ssl: Multiple vulnerabilities)\n\n mod_ssl contains a security issue when 'SSLVerifyClient optional' is\n configured in the global virtual host configuration (CAN-2005-2700).\n Also, Apache's httpd includes a PCRE library, which makes it vulnerable\n to an integer overflow (CAN-2005-2491).\n \nImpact :\n\n Under a specific configuration, mod_ssl does not properly enforce the\n client-based certificate authentication directive, 'SSLVerifyClient\n require', in a per-location context, which could be potentially used by\n a remote attacker to bypass some restrictions. By creating a specially\n crafted '.htaccess' file, a local attacker could possibly exploit\n Apache's vulnerability, which would result in a local privilege\n escalation.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200509-12\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All mod_ssl users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-www/mod_ssl-2.8.24'\n All Apache 2 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/apache-2.0.54-r15'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:apache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/10/05\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/08/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-servers/apache\", unaffected:make_list(\"ge 2.0.54-r15\", \"lt 2\"), vulnerable:make_list(\"lt 2.0.54-r15\"))) flag++;\nif (qpkg_check(package:\"net-www/mod_ssl\", unaffected:make_list(\"ge 2.8.24\"), vulnerable:make_list(\"lt 2.8.24\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Apache / mod_ssl\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:14:48", "description": "The remote host is missing the patch for the advisory SUSE-SA:2006:051 (apache2).\n\n\nThe web server Apache2 has been updated to fix several security issues:\n\nThe security fix for CVE-2005-3357 (denial of service) broke the\nearlier security fix for SSL verification (CVE-2005-2700). This\nproblem has been corrected.\n\nAdditionally a cross site scripting bug with the 'Expect' header error\nreporting was fixed (CVE-2006-3918). The Apache foundation does not\nconsider this a security problem.", "edition": 7, "published": "2007-02-18T00:00:00", "title": "SUSE-SA:2006:051: apache2", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2700", "CVE-2006-3918", "CVE-2005-3357"], "modified": "2007-02-18T00:00:00", "cpe": [], "id": "SUSE_SA_2006_051.NASL", "href": "https://www.tenable.com/plugins/nessus/24429", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# This plugin text was extracted from SuSE Security Advisory SUSE-SA:2006:051\n#\n\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif(description)\n{\n script_id(24429);\n script_version(\"1.10\");\n \n name[\"english\"] = \"SUSE-SA:2006:051: apache2\";\n \n script_name(english:name[\"english\"]);\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a vendor-supplied security patch\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is missing the patch for the advisory SUSE-SA:2006:051 (apache2).\n\n\nThe web server Apache2 has been updated to fix several security issues:\n\nThe security fix for CVE-2005-3357 (denial of service) broke the\nearlier security fix for SSL verification (CVE-2005-2700). This\nproblem has been corrected.\n\nAdditionally a cross site scripting bug with the 'Expect' header error\nreporting was fixed (CVE-2006-3918). The Apache foundation does not\nconsider this a security problem.\" );\n script_set_attribute(attribute:\"solution\", value:\n\"http://www.novell.com/linux/security/advisories/2006_51_apache.html\" );\n script_set_attribute(attribute:\"risk_factor\", value:\"Medium\" );\n\n\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2007/02/18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n script_end_attributes();\n\n \n summary[\"english\"] = \"Check for the version of the apache2 package\";\n script_summary(english:summary[\"english\"]);\n \n script_category(ACT_GATHER_INFO);\n \n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n family[\"english\"] = \"SuSE Local Security Checks\";\n script_family(english:family[\"english\"]);\n \n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/SuSE/rpm-list\");\n exit(0);\n}\n\ninclude(\"rpm.inc\");\nif ( rpm_check( reference:\"apache2-2.0.54-10.8\", release:\"SUSE10.0\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"apache2-prefork-2.0.54-10.8\", release:\"SUSE10.0\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"apache2-worker-2.0.54-10.8\", release:\"SUSE10.0\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"apache2-2.0.50-7.17\", release:\"SUSE9.2\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"apache2-prefork-2.0.50-7.17\", release:\"SUSE9.2\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"apache2-worker-2.0.50-7.17\", release:\"SUSE9.2\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"apache2-2.0.53-9.15\", release:\"SUSE9.3\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"apache2-prefork-2.0.53-9.15\", release:\"SUSE9.3\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"apache2-worker-2.0.53-9.15\", release:\"SUSE9.3\") )\n{\n security_warning(0);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-07-24T12:56:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2700"], "description": "Check for the Version of Apache", "modified": "2017-07-06T00:00:00", "published": "2009-05-05T00:00:00", "id": "OPENVAS:835101", "href": "http://plugins.openvas.org/nasl.php?oid=835101", "type": "openvas", "title": "HP-UX Update for Apache HPSBUX01232", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for Apache HPSBUX01232\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote unauthorized access.\";\ntag_affected = \"Apache on\n HP-UX B.11.00, B.11.11, B.11.22, and B.11.23 running the hpuxwsAPACHE HP-UX \n Apache-based Web Server.\";\ntag_insight = \"A potential security vulnerability has been identified with Apacherunning on \n HP-UX. The vulnerability could be exploitedremotely to bypass client-based \n certificate authentication andgain unauthorized access to certain web pages.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c00896445-1\");\n script_id(835101);\n script_version(\"$Revision: 6584 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 16:13:23 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-05 12:14:23 +0200 (Tue, 05 May 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"HPSBUX\", value: \"01232\");\n script_cve_id(\"CVE-2005-2700\");\n script_name( \"HP-UX Update for Apache HPSBUX01232\");\n\n script_summary(\"Check for the Version of Apache\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.00\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE\", revision:\"A.2.0.54.02\", rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE\", revision:\"A.2.0.54.02\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE\", revision:\"B.2.0.54.02\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE\", revision:\"B.2.0.54.02\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2700"], "description": "The remote host is missing an update as announced\nvia advisory SSA:2005-251-02.", "modified": "2017-07-07T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:55258", "href": "http://plugins.openvas.org/nasl.php?oid=55258", "type": "openvas", "title": "Slackware Advisory SSA:2005-251-02 mod_ssl", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2005_251_02.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New mod_ssl packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1,\nand -current to fix a security issue. If 'SSLVerifyClient optional' was\nconfigured in the global section of the config file, it could improperly\noverride 'SSLVerifyClient require' in a per-location section.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2005-251-02.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2005-251-02\";\n \nif(description)\n{\n script_id(55258);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_bugtraq_id(14721);\n script_cve_id(\"CVE-2005-2700\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 6598 $\");\n name = \"Slackware Advisory SSA:2005-251-02 mod_ssl \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"mod_ssl\", ver:\"2.8.24_1.3.33-i386-1\", rls:\"SLK8.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"mod_ssl\", ver:\"2.8.24_1.3.33-i386-1\", rls:\"SLK9.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"mod_ssl\", ver:\"2.8.24_1.3.33-i486-1\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"mod_ssl\", ver:\"2.8.24_1.3.33-i486-1\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"mod_ssl\", ver:\"2.8.24_1.3.33-i486-1\", rls:\"SLK10.1\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2700"], "description": "The remote host is missing an update as announced\nvia advisory SSA:2005-251-02.", "modified": "2019-03-15T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:136141256231055258", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231055258", "type": "openvas", "title": "Slackware Advisory SSA:2005-251-02 mod_ssl", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2005_251_02.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.55258\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_bugtraq_id(14721);\n script_cve_id(\"CVE-2005-2700\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2005-251-02 mod_ssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(8\\.1|9\\.0|9\\.1|10\\.0|10\\.1)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2005-251-02\");\n\n script_tag(name:\"insight\", value:\"New mod_ssl packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1,\nand -current to fix a security issue. If 'SSLVerifyClient optional' was\nconfigured in the global section of the config file, it could improperly\noverride 'SSLVerifyClient require' in a per-location section.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2005-251-02.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"mod_ssl\", ver:\"2.8.24_1.3.33-i386-1\", rls:\"SLK8.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"mod_ssl\", ver:\"2.8.24_1.3.33-i386-1\", rls:\"SLK9.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"mod_ssl\", ver:\"2.8.24_1.3.33-i486-1\", rls:\"SLK9.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"mod_ssl\", ver:\"2.8.24_1.3.33-i486-1\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"mod_ssl\", ver:\"2.8.24_1.3.33-i486-1\", rls:\"SLK10.1\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-04-09T11:40:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2700"], "description": "Check for the Version of Apache", "modified": "2018-04-06T00:00:00", "published": "2009-05-05T00:00:00", "id": "OPENVAS:1361412562310835101", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310835101", "type": "openvas", "title": "HP-UX Update for Apache HPSBUX01232", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for Apache HPSBUX01232\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote unauthorized access.\";\ntag_affected = \"Apache on\n HP-UX B.11.00, B.11.11, B.11.22, and B.11.23 running the hpuxwsAPACHE HP-UX \n Apache-based Web Server.\";\ntag_insight = \"A potential security vulnerability has been identified with Apacherunning on \n HP-UX. The vulnerability could be exploitedremotely to bypass client-based \n certificate authentication andgain unauthorized access to certain web pages.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c00896445-1\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.835101\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-05 12:14:23 +0200 (Tue, 05 May 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"HPSBUX\", value: \"01232\");\n script_cve_id(\"CVE-2005-2700\");\n script_name( \"HP-UX Update for Apache HPSBUX01232\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of Apache\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.00\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE\", revision:\"A.2.0.54.02\", rls:\"HPUX11.00\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE\", revision:\"A.2.0.54.02\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE\", revision:\"B.2.0.54.02\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE\", revision:\"B.2.0.54.02\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2700"], "description": "The remote host is missing an update to libapache-mod-ssl\nannounced via advisory DSA 807-1.\n\nA problem has been discovered in mod_ssl, which provides strong\ncryptography (HTTPS support) for Apache that allows remote attackers\nto bypass access restrictions.\n\nFor the old stable distribution (woody) this problem has been fixed in\nversion 2.8.9-2.5.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:55284", "href": "http://plugins.openvas.org/nasl.php?oid=55284", "type": "openvas", "title": "Debian Security Advisory DSA 807-1 (libapache-mod-ssl)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_807_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 807-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) this problem has been fixed in\nversion 2.8.22-1sarge1.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 2.8.24-1.\n\nWe recommend that you upgrade your libapache-mod-ssl package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20807-1\";\ntag_summary = \"The remote host is missing an update to libapache-mod-ssl\nannounced via advisory DSA 807-1.\n\nA problem has been discovered in mod_ssl, which provides strong\ncryptography (HTTPS support) for Apache that allows remote attackers\nto bypass access restrictions.\n\nFor the old stable distribution (woody) this problem has been fixed in\nversion 2.8.9-2.5.\";\n\n\nif(description)\n{\n script_id(55284);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:03:37 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2005-2700\");\n script_bugtraq_id(14721);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 807-1 (libapache-mod-ssl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libapache-mod-ssl-doc\", ver:\"2.8.9-2.5\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache-mod-ssl\", ver:\"2.8.9-2.5\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache-mod-ssl-doc\", ver:\"2.8.22-1sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache-mod-ssl\", ver:\"2.8.22-1sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2700", "CVE-2005-2491"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200509-12.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:55392", "href": "http://plugins.openvas.org/nasl.php?oid=55392", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200509-12 (Apache)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"mod_ssl and Apache are vulnerable to a restriction bypass and a potential\nlocal privilege escalation.\";\ntag_solution = \"All mod_ssl users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-www/mod_ssl-2.8.24'\n\nAll Apache 2 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-www/apache-2.0.54-r15'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200509-12\nhttp://bugs.gentoo.org/show_bug.cgi?id=103554\nhttp://bugs.gentoo.org/show_bug.cgi?id=104807\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200509-12.\";\n\n \n\nif(description)\n{\n script_id(55392);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2005-2491\", \"CVE-2005-2700\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200509-12 (Apache)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-www/mod_ssl\", unaffected: make_list(\"ge 2.8.24\"), vulnerable: make_list(\"lt 2.8.24\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"net-www/apache\", unaffected: make_list(\"ge 2.0.54-r15\"), vulnerable: make_list(\"lt 2.0.54-r15\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2700", "CVE-2006-3918", "CVE-2005-3357"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2-worker\n apache2-prefork\n apache2\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5013454 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:65575", "href": "http://plugins.openvas.org/nasl.php?oid=65575", "type": "openvas", "title": "SLES9: Security update for apache2,apache2-prefork,apache2-worker", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5013454.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for apache2,apache2-prefork,apache2-worker\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2-worker\n apache2-prefork\n apache2\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5013454 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65575);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2005-3357\", \"CVE-2005-2700\", \"CVE-2006-3918\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for apache2,apache2-prefork,apache2-worker\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.0.49~27.59\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:51", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2700", "CVE-2005-2728", "CVE-2005-2491"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2\n apache2-devel\n libapr0\n apache2-worker\n apache2-prefork\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021652 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:65363", "href": "http://plugins.openvas.org/nasl.php?oid=65363", "type": "openvas", "title": "SLES9: Security update for Apache2", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5021652.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for Apache2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2\n apache2-devel\n libapr0\n apache2-worker\n apache2-prefork\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021652 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65363);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2005-2491\", \"CVE-2005-2728\", \"CVE-2005-2700\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for Apache2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.0.49~27.34\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2700", "CVE-2005-2728", "CVE-2005-2491"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2\n apache2-devel\n libapr0\n apache2-worker\n apache2-prefork\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021652 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:136141256231065363", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065363", "type": "openvas", "title": "SLES9: Security update for Apache2", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5021652.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for Apache2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2\n apache2-devel\n libapr0\n apache2-worker\n apache2-prefork\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021652 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65363\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2005-2491\", \"CVE-2005-2728\", \"CVE-2005-2700\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for Apache2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.0.49~27.34\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2700", "CVE-2006-3918", "CVE-2005-3357"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2-worker\n apache2-prefork\n apache2\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5013454 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:136141256231065575", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065575", "type": "openvas", "title": "SLES9: Security update for apache2,apache2-prefork,apache2-worker", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5013454.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for apache2,apache2-prefork,apache2-worker\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2-worker\n apache2-prefork\n apache2\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5013454 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65575\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2005-3357\", \"CVE-2005-2700\", \"CVE-2006-3918\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for apache2,apache2-prefork,apache2-worker\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.0.49~27.59\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:15", "bulletinFamily": "software", "cvelist": ["CVE-2005-2700"], "edition": 1, "description": "## Vulnerability Description\nmod_ssl contains a flaw that may allow a malicious user to bypass certain security restrictions. The issue is due to an error in enforcing client-based certificate authentication (\"SSLVerifyClient require\") in per-location context, if \"SSLVerifyClient optional\" was configured in the global virtual host configuration. It is possible that the flaw may allow an attacker to bypass client-based certificate authentication, resulting in a loss of confidentiality or integrity.\n## Solution Description\nUpgrade to version 2.8.24 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nmod_ssl contains a flaw that may allow a malicious user to bypass certain security restrictions. The issue is due to an error in enforcing client-based certificate authentication (\"SSLVerifyClient require\") in per-location context, if \"SSLVerifyClient optional\" was configured in the global virtual host configuration. It is possible that the flaw may allow an attacker to bypass client-based certificate authentication, resulting in a loss of confidentiality or integrity.\n## References:\nVendor Specific Solution URL: http://www.modssl.org/source/mod_ssl-2.8.24-1.3.33.tar.gz\nVendor Specific News/Changelog Entry: http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117\n[Vendor Specific Advisory URL](ftp://patches.sgi.com/support/free/security/advisories/20050901-01-U.asc)\n[Vendor Specific Advisory URL](http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01232)\n[Vendor Specific Advisory URL](http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1)\n[Vendor Specific Advisory URL](http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1)\nSecurity Tracker: 1014833\n[Secunia Advisory ID:16714](https://secuniaresearch.flexerasoftware.com/advisories/16714/)\n[Secunia Advisory ID:16743](https://secuniaresearch.flexerasoftware.com/advisories/16743/)\n[Secunia Advisory ID:16746](https://secuniaresearch.flexerasoftware.com/advisories/16746/)\n[Secunia Advisory ID:16753](https://secuniaresearch.flexerasoftware.com/advisories/16753/)\n[Secunia Advisory ID:16748](https://secuniaresearch.flexerasoftware.com/advisories/16748/)\n[Secunia Advisory ID:17311](https://secuniaresearch.flexerasoftware.com/advisories/17311/)\n[Secunia Advisory ID:22523](https://secuniaresearch.flexerasoftware.com/advisories/22523/)\n[Secunia Advisory ID:16705](https://secuniaresearch.flexerasoftware.com/advisories/16705/)\n[Secunia Advisory ID:16755](https://secuniaresearch.flexerasoftware.com/advisories/16755/)\n[Secunia Advisory ID:16769](https://secuniaresearch.flexerasoftware.com/advisories/16769/)\n[Secunia Advisory ID:16864](https://secuniaresearch.flexerasoftware.com/advisories/16864/)\n[Secunia Advisory ID:17813](https://secuniaresearch.flexerasoftware.com/advisories/17813/)\n[Secunia Advisory ID:16754](https://secuniaresearch.flexerasoftware.com/advisories/16754/)\n[Secunia Advisory ID:16789](https://secuniaresearch.flexerasoftware.com/advisories/16789/)\n[Secunia Advisory ID:16771](https://secuniaresearch.flexerasoftware.com/advisories/16771/)\n[Secunia Advisory ID:17088](https://secuniaresearch.flexerasoftware.com/advisories/17088/)\n[Secunia Advisory ID:17288](https://secuniaresearch.flexerasoftware.com/advisories/17288/)\n[Secunia Advisory ID:19072](https://secuniaresearch.flexerasoftware.com/advisories/19072/)\n[Secunia Advisory ID:19073](https://secuniaresearch.flexerasoftware.com/advisories/19073/)\n[Secunia Advisory ID:16700](https://secuniaresearch.flexerasoftware.com/advisories/16700/)\n[Secunia Advisory ID:16956](https://secuniaresearch.flexerasoftware.com/advisories/16956/)\nRedHat RHSA: RHSA-2005:816\nRedHat RHSA: RHSA-2005:608\nRedHat RHSA: RHSA-2005:358\nOther Advisory URL: http://www.ubuntulinux.org/usn/usn-177-1\nOther Advisory URL: http://frontal1.mandriva.com/security/advisories?name=MDKSA-2005:161\nOther Advisory URL: http://www.debian.org/security/2005/dsa-805\nOther Advisory URL: http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.458879\nOther Advisory URL: http://www.debian.org/security/2005/dsa-807\nOther Advisory URL: http://www.trustix.org/errata/2005/0055/\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml\nOther Advisory URL: http://support.avaya.com/elmodocs2/security/ASA-2005-204.pdf\nOther Advisory URL: http://docs.info.apple.com/article.html?artnum=302847\nOther Advisory URL: http://lists.suse.com/archive/suse-security-announce/2005-Sep/0003.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-11/0354.html\nKeyword: APPLE-SA-2005-11-29 Security Update 2005-009\n[CVE-2005-2700](https://vulners.com/cve/CVE-2005-2700)\n", "modified": "2005-09-02T07:52:05", "published": "2005-09-02T07:52:05", "href": "https://vulners.com/osvdb/OSVDB:19188", "id": "OSVDB:19188", "title": "Apache HTTP Server mod_ssl SSLVerifyClient Per-location Context Restriction Bypass", "type": "osvdb", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cert": [{"lastseen": "2020-09-18T20:43:24", "bulletinFamily": "info", "cvelist": ["CVE-2005-2700"], "description": "### Overview \n\nmod_ssl, the Apache web server module for Secure Socket Layer (SSL) communications, may not properly authenticate client certificates.\n\n### Description \n\nmod_ssl provides Secure Socket Layer (SSL) communications for the Apache web server. SSL is designed to provide the ability to encrypt and authenticate TCP connections. Apache, using mod_ssl, can be configured to use SSL to authenticate web users using client certificates.\n\nThe requirement for client certificates is not enforced if a web server configuration specifies client authentication as optional (\"SSLVerifyClient optional\") in the global virtual host configuration, but specifies client certificates as required in some location's context (\"SSLVerifyClient require\"). \n \n--- \n \n### Impact \n\nAn attacker may access web documents in a restricted section of a web site without providing a valid client certificate. \n \n--- \n \n### Solution \n\nUpgrade to mod_ssl 2.8.24 or later, or apply a patch as specified by your vendor. \n \n--- \n \n### Vendor Information\n\n744929\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Apache HTTP Server Project __ Affected\n\nUpdated: October 18, 2005 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe Apache HTTP Server Project distributes a version of mod_ssl with Apache 2.0. According to Apache's [changelog](<http://www.apache.org/dist/httpd/CHANGES_2.0.55>), this issue has been resolved in Apache 2.0.55.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23744929 Feedback>).\n\n### Avaya, Inc. __ Affected\n\nUpdated: October 03, 2005 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nAccourding to [Avaya Security Advisory ASA-2005-004](<http://support.avaya.com/elmodocs2/security/ASA-2005-204.pdf>), the following Avaya products may be affected:\n\n * Avaya S8710/S8700/S8500/S8300\n * Avaya Converged Communications Server (CCS) / SIP Enablement Services (SES)\n * Avaya Message Networking\n * Avaya Intuity LX\n * Avaya Modular Messaging Message Storage Server (MSS)\n * Avaya CVLAN\n * Avaya Intergrated Management\nMore specific vulnerability information is contained within the advisory. \n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23744929 Feedback>).\n\n### Debian Linux __ Affected\n\nNotified: September 07, 2005 Updated: September 12, 2005 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\n**For Apache 2.0:**\n\nThe old stable distribution (woody) does not contain Apache2 packages. \n \nFor the stable distribution (sarge) these problems have been fixed in version 2.0.54-5. \n \nFor the unstable distribution (sid) these problems have been fixed in version 2.0.54-5. \n \n**For Apache 1.3:** \n \nFor the old stable distribution (woody) this problem has been fixed in version 2.8.9-2.5. \n \nFor the stable distribution (sarge) this problem has been fixed in version 2.8.22-1sarge1. \n \nFor the unstable distribution (sid) this problem has been fixed in version 2.8.24-1.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\n[Debian Security Advisory DBA-805-1](<http://www.debian.org/security/2005/dsa-805>) contains additional details for the apache2 package. \n \n[Debian Security Advisory DBA-807-1](<http://www.debian.org/security/2005/dsa-805>) [](<http://www.debian.org/security/2005/dsa-805>)contains vulnerability and remediation details for mod_ssl (package name libapache-mod-ssl).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23744929 Feedback>).\n\n### F5 Networks, Inc. __ Affected\n\nNotified: September 07, 2005 Updated: September 08, 2005 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nBigIP v4 and v9 do not support client-side authentication to the Management user interface, so the vulnerability does not apply.\n\nFirePass is not vulnerable. \n \nTrafficShield uses Apache 2.0.53 and therefore is vulnerable. A hotfix will be forthcoming and included in the next security hotfix to be issued on TrafficShield 3.2.1.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Fedora Project __ Affected\n\nUpdated: September 09, 2005 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nVulnerability and remediation information can be found in:\n\n * For Fedora Core 3, [Fedora Update Notification FEDORA-2005-848](<https://www.redhat.com/archives/fedora-announce-list/2005-September/msg00025.html>)\n * For Fedora Core 4, [Fedora Update Notification FEDORA-2005-849](<https://www.redhat.com/archives/fedora-announce-list/2005-September/msg00024.html>)\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23744929 Feedback>).\n\n### Gentoo Linux __ Affected\n\nUpdated: September 23, 2005 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\n[Gentoo Linux Security Advisory GLSA 200509-12](<http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml>) includes vulnerability and remediation information.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23744929 Feedback>).\n\n### Mandriva, Inc. __ Affected\n\nNotified: September 07, 2005 Updated: October 03, 2005 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\n[Conectiva Linux Advisory CLA-2005:1013](<http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=001013>) contains vulnerability and remediation instructions.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23744929 Feedback>).\n\n### Mandriva, Inc. __ Affected\n\nNotified: September 07, 2005 Updated: September 09, 2005 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\n[Mandriva Security Advisory MDSKA-2005:161](<http://www.mandriva.com/security/advisories?name=MDKSA-2005:161>) contains remediation instructions.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23744929 Feedback>).\n\n### OpenPKG __ Affected\n\nNotified: September 07, 2005 Updated: September 07, 2005 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nOpenPKG has posted a security advisory with remediation instructions: \n\n<http://www.openpkg.org/security/OpenPKG-SA-2005.017-modssl.html>\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23744929 Feedback>).\n\n### Oracle Corporation __ Affected\n\nNotified: September 07, 2005 Updated: October 18, 2006 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nRefer to <http://www.oracle.com/technology/deploy/security/critical-patch-updates/public_vuln_to_advisory_mapping.html>.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23744929 Feedback>).\n\n### Red Hat, Inc. __ Affected\n\nNotified: September 07, 2005 Updated: December 28, 2005 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nUpdated Apache httpd packages (for Red Hat Enterprise Linux 3 and 4) and an updated mod_ssl package (for Red Hat Enterprise Linux 2.1) to correct this issue are available at the URL below and by using the Red Hat Network 'up2date' tool.\n\n<http://rhn.redhat.com/errata/CAN-2005-2700.html>.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\n[Red Hat Security Advisory RHSA-2005:608](<https://rhn.redhat.com/errata/RHSA-2005-608.html>) contains vulnerability and remediation information for Apache 2. \n \n[Red Hat Security Advisory RHSA-2005:773](<https://rhn.redhat.com/errata/RHSA-2005-773.html>) contains vulnerability and remediation information for the mod_ssl package itself. \n \nFor Stronghold, consult [RHSA-2005:882](<https://rhn.redhat.com/errata/RHSA-2005-882.html>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23744929 Feedback>).\n\n### SUSE Linux __ Affected\n\nNotified: September 07, 2005 Updated: September 16, 2005 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nOur customers can update their systems by using the YaST Online Update (YOU) tool or by installing the RPM file (apache2) directly after downloading it from\n\n<http://www.novell.com/de-de/linux/download/updates/index.html>\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nSUSE has released [SUSE Security Advisory SUSE-SA:2005:052](<http://lists.suse.com/archive/suse-security-announce/2005-Sep/0005.html>) with vulnerability and remediation instructions for this and some other recent Apache vulnerabilities.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23744929 Feedback>).\n\n### Slackware Linux Inc. __ Affected\n\nUpdated: September 09, 2005 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\n[Slackware Security Advisory SSA:2005-251-02](<http://www.slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.458879>) contains vulnerability and remediation information.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23744929 Feedback>).\n\n### Trustix Secure Linux __ Affected\n\nUpdated: September 09, 2005 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\n[Trustix Secure Linux Security Advisory #2005-0047](<http://lists.trustix.org/pipermail/tsl-announce/2005-September/000342.html>) gives vulnerability and remediation instructions.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23744929 Feedback>).\n\n### Ubuntu __ Affected\n\nUpdated: September 08, 2005 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUbuntu provides remediation instructions in [Ubuntu Security Notice USN-177-1](<http://www.ubuntu.com/usn/usn-177-1/document_view>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23744929 Feedback>).\n\n### mod_ssl __ Affected\n\nNotified: September 07, 2005 Updated: September 09, 2005 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nRelease 2.8.24-1.3.33 address this issue. It is available at:\n\n<http://www.modssl.org/source/mod_ssl-2.8.24-1.3.33.tar.gz>\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23744929 Feedback>).\n\n### Juniper Networks, Inc. __ Not Affected\n\nNotified: September 07, 2005 Updated: September 09, 2005 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nJuniper Networks products are not susceptible to this vulnerability\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Microsoft Corporation Not Affected\n\nNotified: September 07, 2005 Updated: September 09, 2005 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Openwall GNU/*/Linux __ Not Affected\n\nNotified: September 07, 2005 Updated: September 08, 2005 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nOpenwall GNU/*/Linux is not vulnerable. We currently do not provide mod_ssl.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Apache-SSL Unknown\n\nNotified: September 07, 2005 Updated: September 09, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Apple Computer, Inc. __ Unknown\n\nNotified: September 07, 2005 Updated: December 06, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nConsult [APPLE-SA-2005-11-29 Security Update 2005-009](<http://docs.info.apple.com/article.html?artnum=302847>) for vulnerability details and remediation instructions.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23744929 Feedback>).\n\n### Cray, Inc. Unknown\n\nNotified: September 07, 2005 Updated: September 07, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### EMC, Inc. (formerly Data General Corporation) Unknown\n\nNotified: September 07, 2005 Updated: September 07, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Engarde Secure Linux Unknown\n\nNotified: September 07, 2005 Updated: September 07, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### FreeBSD, Inc. Unknown\n\nNotified: September 07, 2005 Updated: September 07, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Fujitsu Limited Unknown\n\nNotified: September 07, 2005 Updated: September 07, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Hewlett-Packard Company __ Unknown\n\nNotified: September 07, 2005 Updated: October 07, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nHP Security Bulletin HPSBUX01232 (SSRT051043) lists affected software and with remediation instructions.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23744929 Feedback>).\n\n### Hitachi __ Unknown\n\nNotified: September 07, 2005 Updated: September 23, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nHitachi Web Server is not vulnerable to this issue.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### IBM Corporation Unknown\n\nNotified: September 07, 2005 Updated: September 07, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Immunix Communications, Inc. Unknown\n\nNotified: September 07, 2005 Updated: September 07, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Ingrian Networks, Inc. Unknown\n\nNotified: September 07, 2005 Updated: September 07, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### MontaVista Software, Inc. Unknown\n\nNotified: September 07, 2005 Updated: September 07, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### NEC Corporation Unknown\n\nNotified: September 07, 2005 Updated: September 07, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### NetBSD Unknown\n\nNotified: September 07, 2005 Updated: September 07, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Nokia Unknown\n\nNotified: September 12, 2005 Updated: September 12, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Novell, Inc. Unknown\n\nNotified: September 07, 2005 Updated: September 07, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### OpenBSD Unknown\n\nNotified: September 07, 2005 Updated: September 07, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### QNX, Software Systems, Inc. Unknown\n\nNotified: September 07, 2005 Updated: September 07, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Silicon Graphics, Inc. Unknown\n\nNotified: September 07, 2005 Updated: September 07, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Sony Corporation Unknown\n\nNotified: September 07, 2005 Updated: September 07, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Sun Microsystems, Inc. Unknown\n\nNotified: September 07, 2005 Updated: September 07, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### The SCO Group (SCO UnixWare) Unknown\n\nNotified: September 07, 2005 Updated: September 07, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Turbolinux Unknown\n\nNotified: September 07, 2005 Updated: September 07, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Unisys Unknown\n\nNotified: September 07, 2005 Updated: September 07, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Wind River Systems, Inc. Unknown\n\nNotified: September 07, 2005 Updated: September 07, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\nView all 45 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References \n\n * [http://svn.apache.org/viewcvs?rev=264800&view=rev](<http://svn.apache.org/viewcvs?rev=264800&view=rev>)\n * <http://www.mail-archive.com/modssl-users@modssl.org/msg17148.html>\n * [http://marc.theaimsgroup.com/?l=apache-modssl&m=112569517603897&w=2](<http://marc.theaimsgroup.com/?l=apache-modssl&m=112569517603897&w=2>)\n * <http://secunia.com/advisories/16700/>\n * <http://www.osvdb.org/19188>\n * <http://www.openpkg.org/security/OpenPKG-SA-2005.017-modssl.html>\n * <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167195>\n * <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167194>\n * <http://rhn.redhat.com/errata/RHSA-2005-608.html>\n * [http://www.slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.458879](<http://www.slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.458879>)\n\n### Acknowledgements\n\nReported by Joe Orton of Red Hat.\n\nThis document was written by Hal Burch.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2005-2700](<http://web.nvd.nist.gov/vuln/detail/CVE-2005-2700>) \n---|--- \n**Severity Metric:** | 1.45 \n**Date Public:** | 2005-08-31 \n**Date First Published:** | 2005-09-09 \n**Date Last Updated: ** | 2006-10-18 11:30 UTC \n**Document Revision: ** | 69 \n", "modified": "2006-10-18T11:30:00", "published": "2005-09-09T00:00:00", "id": "VU:744929", "href": "https://www.kb.cert.org/vuls/id/744929", "type": "cert", "title": "mod_ssl fails to properly enforce client certificates authentication", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:13", "bulletinFamily": "software", "cvelist": ["CVE-2005-2700"], "description": "mod_ssl "SSLVerifyClient" Security Bypass Security Issue \r\n\r\n \r\nSecunia Advisory: SA16700 \r\nRelease Date: 2005-09-05 \r\n\r\n \r\nCritical: \r\nModerately critical \r\nImpact: Security Bypass\r\n \r\nWhere: From remote\r\n \r\nSolution Status: Vendor Patch \r\n\r\n \r\nSoftware: mod_ssl 2.x\r\n\r\n \r\n Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it. \r\n\r\n \r\nCVE reference: CAN-2005-2700\r\n \r\n\r\n \r\nDescription:\r\nA security issue has been reported in mod_ssl, which potentially can be exploited by malicious people to bypass certain security restrictions.\r\n\r\nThe security issue is caused due to an error in enforcing client-based certificate authentication ("SSLVerifyClient require") in per-location context, if "SSLVerifyClient optional" was configured in the global virtual host configuration. This may allow malicious people to bypass client-based certificate authentication and gain unauthorised access to certain web pages.\r\n\r\nSolution:\r\nUpdate to version 2.8.24.\r\nhttp://www.modssl.org/source/mod_ssl-2.8.24-1.3.33.tar.gz\r\n\r\nProvided and/or discovered by:\r\nReported by vendor. \r\n \r\n", "edition": 1, "modified": "2005-09-05T00:00:00", "published": "2005-09-05T00:00:00", "id": "SECURITYVULNS:DOC:9652", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:9652", "title": "mod_ssl "SSLVerifyClient" Security Bypass Security Issue", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "httpd": [{"lastseen": "2016-09-26T21:39:38", "bulletinFamily": "software", "cvelist": ["CVE-2005-2700"], "description": "\n\nA flaw in the mod_ssl handling of the \"SSLVerifyClient\"\ndirective. This flaw would occur if a virtual host has been configured\nusing \"SSLVerifyClient optional\" and further a directive \"SSLVerifyClient\nrequired\" is set for a specific location. For servers configured in this\nfashion, an attacker may be able to access resources that should otherwise\nbe protected, by not supplying a client certificate when connecting.\n\n", "edition": 1, "modified": "2005-10-14T00:00:00", "published": "2005-08-30T00:00:00", "id": "HTTPD:0D70B21619553B49F38DA0741D80B5CE", "href": "https://httpd.apache.org/security_report.html", "type": "httpd", "title": "Apache Httpd < 2.0.55: SSLVerifyClient bypass", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-12-24T14:26:52", "bulletinFamily": "software", "cvelist": ["CVE-2005-2700"], "description": "\n\nA flaw in the mod_ssl handling of the \"SSLVerifyClient\"\ndirective. This flaw would occur if a virtual host has been configured\nusing \"SSLVerifyClient optional\" and further a directive \"SSLVerifyClient\nrequired\" is set for a specific location. For servers configured in this\nfashion, an attacker may be able to access resources that should otherwise\nbe protected, by not supplying a client certificate when connecting.\n\n", "edition": 5, "modified": "2005-08-30T00:00:00", "published": "2005-08-30T00:00:00", "id": "HTTPD:916FEE252ECE7E599F0CD440FE07DE92", "href": "https://httpd.apache.org/security_report.html", "title": "Apache Httpd < None: SSLVerifyClient bypass", "type": "httpd", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2020-11-11T13:14:10", "bulletinFamily": "unix", "cvelist": ["CVE-2005-2700"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 807-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nSeptember 12th, 2005 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : libapache-mod-ssl\nVulnerability : acl restriction bypass\nProblem type : remote\nDebian-specific: no\nCVE ID : CAN-2005-2700\nCERT advisory : VU#744929\nBugTraq ID : 14721\n\nA problem has been discovered in mod_ssl, which provides strong\ncryptography (HTTPS support) for Apache that allows remote attackers\nto bypass access restrictions.\n\nFor the old stable distribution (woody) this problem has been fixed in\nversion 2.8.9-2.5.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 2.8.22-1sarge1.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 2.8.24-1.\n\nWe recommend that you upgrade your libapache-mod-ssl package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.9-2.5.dsc\n Size/MD5 checksum: 678 42c9d0a0f14e44ba466f2bf07aa91a2f\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.9-2.5.diff.gz\n Size/MD5 checksum: 18176 ae891738b92b0ba9f59723818f994240\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.9.orig.tar.gz\n Size/MD5 checksum: 752613 aad438a4eaeeee29ae74483f7afe9db0\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl-doc_2.8.9-2.5_all.deb\n Size/MD5 checksum: 288148 c1ac22c913e960e5b3e62360d3486aa3\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.9-2.5_alpha.deb\n Size/MD5 checksum: 248124 e011a4adbdf97b724ab8a8162217c9a9\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.9-2.5_arm.deb\n Size/MD5 checksum: 240264 bf3f0f685d7d207a17d39e2181ba989e\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.9-2.5_i386.deb\n Size/MD5 checksum: 239404 eca68ce8bf3e2247e0279c1b3628e60c\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.9-2.5_ia64.deb\n Size/MD5 checksum: 268944 1ede24bd30b8ea77e0fce6a49010033e\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.9-2.5_hppa.deb\n Size/MD5 checksum: 248308 a56a68fb2b0a7ab063602e8c8f3f2538\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.9-2.5_m68k.deb\n Size/MD5 checksum: 241318 2fbeb081aef69c28e5f8fc2ecd7db836\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.9-2.5_mips.deb\n Size/MD5 checksum: 236352 fbd352506975b03aef5f6e4086774709\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.9-2.5_mipsel.deb\n Size/MD5 checksum: 236222 e9961d0c726dda2043871299fa025c06\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.9-2.5_powerpc.deb\n Size/MD5 checksum: 242200 3bc5c820ed9d3b1809d155849503ef62\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.9-2.5_s390.deb\n Size/MD5 checksum: 242268 7904cf59c3721ea30e81ef459779ff61\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.9-2.5_sparc.deb\n Size/MD5 checksum: 244344 482824082ae26b56d7c11a1097594c10\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.22-1sarge1.dsc\n Size/MD5 checksum: 777 aec67b282ab592d34db203410ef5cde6\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.22-1sarge1.diff.gz\n Size/MD5 checksum: 30142 52ac6a109d51bd1f62f7cb7377a60d7f\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.22.orig.tar.gz\n Size/MD5 checksum: 754606 cdfdf1f576f77768c90825b43b462405\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl-doc_2.8.22-1sarge1_all.deb\n Size/MD5 checksum: 253078 b3928bc80d9fcbf60a3d0d464be33d4c\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.22-1sarge1_alpha.deb\n Size/MD5 checksum: 273382 94b20d48635978fc3d3dd5cc793070dc\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.22-1sarge1_amd64.deb\n Size/MD5 checksum: 269692 7fa6da362ad89889e76573298849e1f8\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.22-1sarge1_arm.deb\n Size/MD5 checksum: 262890 1f7a033007f8b439723f7f7efbb3b03b\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.22-1sarge1_i386.deb\n Size/MD5 checksum: 265342 ba6d68db82b12e75ff84e0de13bb665a\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.22-1sarge1_ia64.deb\n Size/MD5 checksum: 291062 bb299b74a00d4997f3c44680cce1e5a5\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.22-1sarge1_hppa.deb\n Size/MD5 checksum: 275966 9a9cb9625e8d5f65026a7fb52ce50a18\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.22-1sarge1_m68k.deb\n Size/MD5 checksum: 267556 ddfdc0675713fc0a00787a6e9781e8e4\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.22-1sarge1_mips.deb\n Size/MD5 checksum: 262734 faa260d56b0dea69c27095c062c04ade\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.22-1sarge1_mipsel.deb\n Size/MD5 checksum: 262600 3fbc806ed03c1276f7c210258623beac\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.22-1sarge1_powerpc.deb\n Size/MD5 checksum: 266024 3bae19ace2cd7023bbe5c6d73bf7adcb\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.22-1sarge1_s390.deb\n Size/MD5 checksum: 273948 a18d42e87496c31df94b35f2053e729e\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/liba/libapache-mod-ssl/libapache-mod-ssl_2.8.22-1sarge1_sparc.deb\n Size/MD5 checksum: 267428 b54b9bba8902ba95470baa6f32738570\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 3, "modified": "2005-09-12T00:00:00", "published": "2005-09-12T00:00:00", "id": "DEBIAN:DSA-807-1:FAC7B", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00197.html", "title": "[SECURITY] [DSA 807-1] New mod_ssl packages fix acl restriction bypass", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:22:18", "bulletinFamily": "unix", "cvelist": ["CVE-2005-2700", "CVE-2005-1268", "CVE-2005-2728", "CVE-2005-2088"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 805-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nSeptember 8th, 2005 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : apache2\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE IDs : CAN-2005-1268 CAN-2005-2088 CAN-2005-2700 CAN-2005-2728\nBugTraq ID : 14660\nDebian Bugs : 316173 320048 320063 326435\n\nSeveral problems have been discovered in Apache2, the next generation,\nscalable, extendable web server. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\nCAN-2005-1268\n\n Marc Stern discovered an off-by-one error in the mod_ssl\n Certificate Revocation List (CRL) verification callback. When\n Apache is configured to use a CRL this can be used to cause a\n denial of service.\n\nCAN-2005-2088\n\n A vulnerability has been discovered in the Apache web server.\n When it is acting as an HTTP proxy, it allows remote attackers to\n poison the web cache, bypass web application firewall protection,\n and conduct cross-site scripting attacks, which causes Apache to\n incorrectly handle and forward the body of the request.\n\nCAN-2005-2700\n\n A problem has been discovered in mod_ssl, which provides strong\n cryptography (HTTPS support) for Apache that allows remote\n attackers to bypass access restrictions.\n\nCAN-2005-2728\n\n The byte-range filter in Apache 2.0 allows remote attackers to\n cause a denial of service via an HTTP header with a large Range\n field.\n\nThe old stable distribution (woody) does not contain Apache2 packages.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 2.0.54-5.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 2.0.54-5.\n\nWe recommend that you upgrade your apache2 packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5.dsc\n Size/MD5 checksum: 1141 779558a3a1edad615114d9e951d44352\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5.diff.gz\n Size/MD5 checksum: 110044 3f51c615473cb57d4d182e1abbeffcd4\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54.orig.tar.gz\n Size/MD5 checksum: 7493636 37d0d0a3e25ad93d37f0483021e70409\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.0.54-5_all.deb\n Size/MD5 checksum: 3861324 429e520dda920f145468b39f4b3f2c2c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-threadpool_2.0.54-5_all.deb\n Size/MD5 checksum: 33460 df584a81cd27a1858014ac52cfdd9ab9\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_alpha.deb\n Size/MD5 checksum: 33380 6b79f9d492027d367c61604068f0d9d4\n http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_alpha.deb\n Size/MD5 checksum: 865256 35799c3a99a6bf00ab6912c062f6e688\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_alpha.deb\n Size/MD5 checksum: 246262 898ac33f06c871d251bb661e0f6bd214\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_alpha.deb\n Size/MD5 checksum: 241370 73e3c57d0a294829c88dcc1532720e64\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_alpha.deb\n Size/MD5 checksum: 245574 76324bf7139b28f909f3b20d5fa7e264\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_alpha.deb\n Size/MD5 checksum: 167582 1dde0667290c8a7cb467125c3b0196c2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_alpha.deb\n Size/MD5 checksum: 168322 4a7cde084ac397d4065069aa5aae1810\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_alpha.deb\n Size/MD5 checksum: 97434 790fee8043ace4b008de01a572376e4d\n http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_alpha.deb\n Size/MD5 checksum: 155684 859a64401d2e62a38b254cb71a64be74\n http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_alpha.deb\n Size/MD5 checksum: 315136 216e4e5bc44c80be8d7652d3da7c58e1\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_amd64.deb\n Size/MD5 checksum: 33380 ed2ad5506faff830f641e22874d87f0d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_amd64.deb\n Size/MD5 checksum: 826590 333b8e6067c0b5b071b9233e4a299477\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_amd64.deb\n Size/MD5 checksum: 221254 7fa0efb05dba185f0d392172a625408e\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_amd64.deb\n Size/MD5 checksum: 216702 5f7672249bdf52cdbc06d5a9a515e78e\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_amd64.deb\n Size/MD5 checksum: 220486 47697857b82b03715b0aee60baa05db5\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_amd64.deb\n Size/MD5 checksum: 167570 8653f01104d7abf6a8b1e4ae7d08a11c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_amd64.deb\n Size/MD5 checksum: 168298 ebc158cf1767c2f52ee47bc106639c8a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_amd64.deb\n Size/MD5 checksum: 92628 1ce73449a400d72cbd3c639c2a4c3be2\n http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_amd64.deb\n Size/MD5 checksum: 137212 86c22d780802d7b98489caadcdc93a1e\n http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_amd64.deb\n Size/MD5 checksum: 278712 64da54b20a2bfccd63871a3150917cf7\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_arm.deb\n Size/MD5 checksum: 33388 ee560fb40ce2199a3605c9d3070287b3\n http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_arm.deb\n Size/MD5 checksum: 793648 dd2dac8513f797dbf4f95d448a6b5c5c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_arm.deb\n Size/MD5 checksum: 202212 f08e6a2edfdb14556f1a7765606bc807\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_arm.deb\n Size/MD5 checksum: 197848 ed05c9efdfe150499d41d6882c7db201\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_arm.deb\n Size/MD5 checksum: 201246 c6170179756435d8ddbcb0737e11578d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_arm.deb\n Size/MD5 checksum: 167610 c82b3286884b7c20c77adfad118cb4e8\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_arm.deb\n Size/MD5 checksum: 168352 efd48c27b8b15ea4e2cfd06056b6a57d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_arm.deb\n Size/MD5 checksum: 92542 b9632cb88b7f63e4532e3f6b09971a8e\n http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_arm.deb\n Size/MD5 checksum: 122294 c0f845ef93a0c879031205c8d3758610\n http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_arm.deb\n Size/MD5 checksum: 267804 d975fb73ed0fea9472556443f2cf8775\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_i386.deb\n Size/MD5 checksum: 33384 f2bb4abd8a56f74165641a1ffb98268d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_i386.deb\n Size/MD5 checksum: 799800 143fb414c293aaa8d89e178306dca35a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_i386.deb\n Size/MD5 checksum: 206602 8cb83e70bbe05872ba5a9de9eacdadc2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_i386.deb\n Size/MD5 checksum: 202826 670721077006223829903285d28b428d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_i386.deb\n Size/MD5 checksum: 206374 824b90f8be18f53abef31e66aca2b0dd\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_i386.deb\n Size/MD5 checksum: 167626 46926e9e39dba00825c06b1bc6afa847\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_i386.deb\n Size/MD5 checksum: 168356 a22f739befa46e30b9c9f5ad8e6b2bc7\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_i386.deb\n Size/MD5 checksum: 90962 3dc37ae17bb34d4068f5153bfd2ffd54\n http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_i386.deb\n Size/MD5 checksum: 130614 0f1b46d69ed1665dbc7175fd777dc9eb\n http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_i386.deb\n Size/MD5 checksum: 259890 f877c48fae275c3e011dcdcddf6f4bdc\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_ia64.deb\n Size/MD5 checksum: 33378 16ea158380bb44a31025300b0cd09c9c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_ia64.deb\n Size/MD5 checksum: 973576 dee3c239893171c050526423c13a19e8\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_ia64.deb\n Size/MD5 checksum: 289172 a785101466af9f71123b22228555b66b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_ia64.deb\n Size/MD5 checksum: 281186 857a2a8796e7bfed8f0d38c7ce8d5454\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_ia64.deb\n Size/MD5 checksum: 287774 b59ac38a030ec2f415322ff151281ae4\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_ia64.deb\n Size/MD5 checksum: 167598 0b45eadf799958a8cf9c834b34a4585d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_ia64.deb\n Size/MD5 checksum: 168330 01cd617a7c005fbda78606e3545c678c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_ia64.deb\n Size/MD5 checksum: 106294 d51ebb22c4f40e973ce48f39c724bf8e\n http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_ia64.deb\n Size/MD5 checksum: 177728 2ae0b000991bf01eb3c8a152407663d7\n http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_ia64.deb\n Size/MD5 checksum: 328378 49a1257846b48e59fc7103e26b68bb60\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_hppa.deb\n Size/MD5 checksum: 33386 ff69db1811e9bd56d86fba73852e2e17\n http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_hppa.deb\n Size/MD5 checksum: 880128 996bfa2e0569f2fe6cd1846cf2087b0c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_hppa.deb\n Size/MD5 checksum: 228680 4cfac3f9d40fa33d3d4f372006ebd981\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_hppa.deb\n Size/MD5 checksum: 222678 2f78edc1cf89c7b39efae57759f0ed3f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_hppa.deb\n Size/MD5 checksum: 227508 697f93a4465c091c852c13bee07aee57\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_hppa.deb\n Size/MD5 checksum: 167598 d9764a237d76b8943da9fb47b3813a3d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_hppa.deb\n Size/MD5 checksum: 168332 9e4b1b975718853053bf059c6671ae7f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_hppa.deb\n Size/MD5 checksum: 98724 86a838af0191b1c2ef441063ba043a32\n http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_hppa.deb\n Size/MD5 checksum: 144892 d913a23b61e3a6ddbb9be5a89f2041e4\n http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_hppa.deb\n Size/MD5 checksum: 284900 e8c14c0d1a4f2da6dcf50ea4a631ec24\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_m68k.deb\n Size/MD5 checksum: 33390 c8ebf9432602c6f8ba4d4a8a5d40ba3c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_m68k.deb\n Size/MD5 checksum: 783284 13bfa82dbb83773e89088762d1b05904\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_m68k.deb\n Size/MD5 checksum: 188788 fcec0cadfdab8d84a2da76e2b2163ab8\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_m68k.deb\n Size/MD5 checksum: 185370 9af7ee0ab1b8efc8eec259a7f9bfa804\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_m68k.deb\n Size/MD5 checksum: 188202 3ec4e66f1c3dcf8e86ec9cebb2c25c0c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_m68k.deb\n Size/MD5 checksum: 167638 79e2e99b10dd27fb80c2e41b61380f50\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_m68k.deb\n Size/MD5 checksum: 168372 09f65665053dd9ca357466135ddfb141\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_m68k.deb\n Size/MD5 checksum: 87918 a048bd1b67d4b25261a32f1efb8bbd3a\n http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_m68k.deb\n Size/MD5 checksum: 117434 452edee7e17df559290add73e05e8d50\n http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_m68k.deb\n Size/MD5 checksum: 249912 95b76222d325b8debe4dbd771b075005\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_mips.deb\n Size/MD5 checksum: 33386 64d4455bd417d27a86f654cb478b0910\n http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_mips.deb\n Size/MD5 checksum: 807432 351414d10d9404d339a3176eeb3a2522\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_mips.deb\n Size/MD5 checksum: 217848 a51ce033722f6450ff840141515537e9\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_mips.deb\n Size/MD5 checksum: 213062 0c78a1693b34b2958706cefdb5933dd5\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_mips.deb\n Size/MD5 checksum: 217232 d9753aa6eaa6e5c59bb58aecda7eb3fc\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_mips.deb\n Size/MD5 checksum: 167602 12e79648f3f01f2d13e017898a0d4af1\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_mips.deb\n Size/MD5 checksum: 168330 f021c67c7a6b77986695595bb399025c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_mips.deb\n Size/MD5 checksum: 102890 cc929a885c1a94ca7f05966611ba899c\n http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_mips.deb\n Size/MD5 checksum: 134356 2bb882cb3f14de3395f15808c7122944\n http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_mips.deb\n Size/MD5 checksum: 286392 3d969e211240450e6f89740659382111\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_mipsel.deb\n Size/MD5 checksum: 33388 08da26a58e9a33ebe8c46d694153df0e\n http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_mipsel.deb\n Size/MD5 checksum: 807240 c415e8b3edf74e1d1a24b893bfe1a1cc\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_mipsel.deb\n Size/MD5 checksum: 217130 ee3f0c080d8489f2b42330123f36b527\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_mipsel.deb\n Size/MD5 checksum: 212480 f9ebfc61cdc737e99bbabd93e8d226bb\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_mipsel.deb\n Size/MD5 checksum: 216356 4a514ad5c2193c9f192112765c54a76a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_mipsel.deb\n Size/MD5 checksum: 167608 89389a45144930d019970613fed37c73\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_mipsel.deb\n Size/MD5 checksum: 168328 c9ab2d3f7c69218aa1f7fa6b61175844\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_mipsel.deb\n Size/MD5 checksum: 102810 751df40f1a1efaa412f314f7b725bf63\n http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_mipsel.deb\n Size/MD5 checksum: 134404 5a6fb39068de5daee05c8c70ffd2876e\n http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_mipsel.deb\n Size/MD5 checksum: 287028 a1f5e5c12eb23992a3785308c792cd84\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_powerpc.deb\n Size/MD5 checksum: 33386 19875b5ac54cb9a6d6e0621d8428f65a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_powerpc.deb\n Size/MD5 checksum: 856028 eab66e90e0070de689cf9639ad0fe294\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_powerpc.deb\n Size/MD5 checksum: 214548 e1dd7ce5ab6b566d13efcef31d14dcb2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_powerpc.deb\n Size/MD5 checksum: 209618 3907930dad17e1d3339a1183d9aeaa1d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_powerpc.deb\n Size/MD5 checksum: 213610 1a116ca5f4e098be2696b5ef557e4359\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_powerpc.deb\n Size/MD5 checksum: 167590 e5ccd009647e41e7e48d573cc0149003\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_powerpc.deb\n Size/MD5 checksum: 168338 895dd813f4220f1e3eaff483b40d1a46\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_powerpc.deb\n Size/MD5 checksum: 101966 f621a7cec5ad678721020c058536c7a0\n http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_powerpc.deb\n Size/MD5 checksum: 134202 92b5b6e0632f8dd6abc155aedcd30b87\n http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_powerpc.deb\n Size/MD5 checksum: 271900 87a95d99fa922a4e508b88240e5f6aed\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_s390.deb\n Size/MD5 checksum: 33388 c8cb1b656bdfb21d0e7ae52c4f5b410b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_s390.deb\n Size/MD5 checksum: 836870 89e41b35884d42361df869a3a922f640\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_s390.deb\n Size/MD5 checksum: 223826 a85cba45f51831e2d8cc1644c18b74ad\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_s390.deb\n Size/MD5 checksum: 219688 4038e67e7950f1e635a27aa1d8c769b2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_s390.deb\n Size/MD5 checksum: 223210 065871dc4c96f330c225ed7470cd8724\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_s390.deb\n Size/MD5 checksum: 167598 ac630af622500cb8d275b01d94ec4f5a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_s390.deb\n Size/MD5 checksum: 168330 11ac0fc59fd5a7303da34d1e639ecdc7\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_s390.deb\n Size/MD5 checksum: 95782 44c89383fa73caef05d2d1e63f9cc7cd\n http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_s390.deb\n Size/MD5 checksum: 145898 14070b311d4a90ae83203e33c257ebbe\n http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_s390.deb\n Size/MD5 checksum: 275138 9fb591f2f9bf0120f437842ab159165f\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5_sparc.deb\n Size/MD5 checksum: 33388 8a1db10a708878f634f63dfbb69f50c2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5_sparc.deb\n Size/MD5 checksum: 802602 e1440b38879a691d3b2b7e7a4916d822\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5_sparc.deb\n Size/MD5 checksum: 205498 ff2f786da35c0c9d639ee429d30d4a11\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5_sparc.deb\n Size/MD5 checksum: 200778 2c2c0bfbb9e04d66b51f38fc429b5cd9\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5_sparc.deb\n Size/MD5 checksum: 204426 9aecd2ce11734643416867a97298aa5c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5_sparc.deb\n Size/MD5 checksum: 167612 26aa5df84d0c5d329cfc69facf6c3acb\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5_sparc.deb\n Size/MD5 checksum: 168348 8cc7ada29f653ab4dae52267c988a2c3\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5_sparc.deb\n Size/MD5 checksum: 90910 d34cabdb839a784da5952ba42782fb8d\n http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5_sparc.deb\n Size/MD5 checksum: 123508 313f29dc0f626016e7af021b0415d403\n http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5_sparc.deb\n Size/MD5 checksum: 260382 77dff3b820bb1f6d9198fa45e9feda96\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 3, "modified": "2005-09-08T00:00:00", "published": "2005-09-08T00:00:00", "id": "DEBIAN:DSA-805-1:3D823", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00195.html", "title": "[SECURITY] [DSA 805-1] New Apache2 packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "slackware": [{"lastseen": "2019-05-30T07:37:15", "bulletinFamily": "unix", "cvelist": ["CVE-2005-2700"], "description": "New mod_ssl packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1,\nand -current to fix a security issue. If "SSLVerifyClient optional" was\nconfigured in the global section of the config file, it could improperly\noverride "SSLVerifyClient require" in a per-location section.\n\nMore details about this issue may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700\n\nHere are the details from the Slackware 10.1 ChangeLog:\n\npatches/packages/mod_ssl-2.8.24_1.3.33-i486-1.tgz: Upgraded to\n mod_ssl-2.8.24-1.3.33. From the CHANGES file:\n Fix a security issue (CAN-2005-2700) where "SSLVerifyClient require" was\n not enforced in per-location context if "SSLVerifyClient optional" was\n configured in the global virtual host configuration.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700\n (* Security fix *)\n\nWhere to find the new packages:\n\nUpdated package for Slackware 8.1:\nftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/mod_ssl-2.8.24_1.3.33-i386-1.tgz\n\nUpdated package for Slackware 9.0:\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/mod_ssl-2.8.24_1.3.33-i386-1.tgz\n\nUpdated package for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/mod_ssl-2.8.24_1.3.33-i486-1.tgz\n\nUpdated package for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/mod_ssl-2.8.24_1.3.33-i486-1.tgz\n\nUpdated package for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/mod_ssl-2.8.24_1.3.33-i486-1.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/mod_ssl-2.8.24_1.3.33-i486-1.tgz\n\n\nMD5 signatures:\n\nSlackware 8.1 package:\n469f8428c07cd2e737e5937ec15d5493 mod_ssl-2.8.24_1.3.33-i386-1.tgz\n\nSlackware 9.0 package:\n3aec2d3362e320655801d3c96b6e0a65 mod_ssl-2.8.24_1.3.33-i386-1.tgz\n\nSlackware 9.1 package:\nd6e3e52c94a07720804f11a8b6ae637f mod_ssl-2.8.24_1.3.33-i486-1.tgz\n\nSlackware 10.0 package:\ncc304adec35e4fe0aa998dfb4033c480 mod_ssl-2.8.24_1.3.33-i486-1.tgz\n\nSlackware 10.1 package:\n4c2da461e7fec6fac6a392b18ca67717 mod_ssl-2.8.24_1.3.33-i486-1.tgz\n\nSlackware -current package:\n588e2f479a46fcb149b964d4fc747a78 mod_ssl-2.8.24_1.3.33-i486-1.tgz\n\n\nInstallation instructions:\n\nFirst, stop apache:\n\n > apachectl stop\n\nThe upgrade will should save the important config files for mod_ssl,\nnevertheless it's a good idea to backup any keys/certificates you wish\nto save for mod_ssl (in /etc/apache/ssl.*), then upgrade mod_ssl:\n\n > upgradepkg mod_ssl-2.8.24_1.3.33-i486-1.tgz\n\nIf necessary, restore any mod_ssl config files.\n\nFinally, restart apache:\n\n > apachectl startssl", "modified": "2005-09-08T15:54:45", "published": "2005-09-08T15:54:45", "id": "SSA-2005-251-02", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.458879", "type": "slackware", "title": "mod_ssl", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T07:36:52", "bulletinFamily": "unix", "cvelist": ["CVE-2005-2700", "CVE-2005-2498", "CVE-2005-2494", "CVE-2005-2370", "CVE-2005-2103", "CVE-2004-0969", "CVE-2005-2491", "CVE-2005-2102"], "description": "This advisory summarizes recent security fixes in Slackware -current.\n\nUsually security advisories are not issued on problems that exist only\nwithin the test version of Slackware (slackware-current), but since it's\nso close to being released as Slackware 10.2, and since there have been\nseveral -cuurent-only issues recently, it has been decided that it would\nbe a good idea to release a summary of all of the security fixes in\nSlackware -current for the last 2 weeks. Some of these are -current only,\nand some affect other versions of Slackware (and advisories for these\nhave already been issued).\n\n\nHere are the details from the Slackware -current ChangeLog:\n\nap/groff-1.19.1-i486-3.tgz: Fixed a /tmp bug in groffer. Groffer is a\n script to display formatted output on the console or X, and is not normally\n used in other scripts (for printers, etc) like most groff components are.\n The risk from this bug is probably quite low. The fix was pulled from the\n just-released groff-1.19.2. With Slackware 10.2 just around the corner it\n didn't seem prudent to upgrade to that -- the diff from 1.19.1 to 1.19.2\n is over a megabyte compressed.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0969\n (* Security fix *)\n\nkde/kdebase-3.4.2-i486-2.tgz: Patched a bug in Konqueror's handling of\n characters such as '*', '[', and '?'.\n Generated new kdm config files.\n Added /opt/kde/man to $MANPATH.\n Patched a security bug in kcheckpass that could allow a local user to\n gain root privileges.\n For more information, see:\n http://www.kde.org/info/security/advisory-20050905-1.txt\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2494\n (* Security fix *)\n\nn/mod_ssl-2.8.24_1.3.33-i486-1.tgz: Upgraded to mod_ssl-2.8.24-1.3.33.\n From the CHANGES file:\n Fix a security issue (CAN-2005-2700) where "SSLVerifyClient require" was\n not enforced in per-location context if "SSLVerifyClient optional" was\n configured in the global virtual host configuration.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700\n (* Security fix *)\n\nn/openssh-4.2p1-i486-1.tgz: Upgraded to openssh-4.2p1.\n From the OpenSSH 4.2 release announcement:\n SECURITY: Fix a bug introduced in OpenSSH 4.0 that caused\n GatewayPorts to be incorrectly activated for dynamic ("-D") port\n forwardings when no listen address was explicitly specified.\n (* Security fix *)\n\nkde/kdeedu-3.4.2-i486-2.tgz: Fixed a minor /tmp bug in kvoctrain.\n (* Security fix *)\n\nn/php-4.4.0-i486-3.tgz: Relinked with the system PCRE library, as the builtin\n library has a buffer overflow that could be triggered by the processing of a\n specially crafted regular expression.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491\n (* Security fix *)\n Upgraded PEAR::XMLRPC to version 1.4.0, which eliminates the use of the\n insecure eval() function.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2498\n (* Security fix *)\n\nxap/gaim-1.5.0-i486-1.tgz: Upgraded to gaim-1.5.0.\n This fixes some more security issues.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2103\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2102\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370\n (* Security fix *)\n\ntesting/packages/php-5.0.4/php-5.0.4-i486-3.tgz: Relinked with the\n system PCRE library, as the builtin library has a buffer overflow\n that could be triggered by the processing of a specially crafted\n regular expression.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491\n (* Security fix *)\n Upgraded PEAR::XMLRPC to version 1.4.0, which eliminates the use of the\n insecure eval() function.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2498\n (* Security fix *)\n Recompiled with support for mbstring, cURL, and XSLT.\n Thanks to Den (aka Diesel) for suggesting XSLT.\n\nWhere to find the new packages:\n\nAdd of these packages are available in the slackware-current directory\non ftp.slackware.com:\n\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/groff-1.19.1-i486-3.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/kde/kdebase-3.4.2-i486-2.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/mod_ssl-2.8.24_1.3.33-i486-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssh-4.2p1-i486-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/kde/kdeedu-3.4.2-i486-2.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-4.4.0-i486-3.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/gaim-1.5.0-i486-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/testing/packages/php-5.0.4/php-5.0.4-i486-3.tgz\n\nA .asc file is provided next to each package. This can be used along\nwith 'gpg --verify' to verify the integrity of the packages.", "modified": "2005-09-08T15:55:02", "published": "2005-09-08T15:55:02", "id": "SSA-2005-251-03", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.651553", "type": "slackware", "title": "slackware-current security updates", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:46:18", "bulletinFamily": "unix", "cvelist": ["CVE-2005-2700"], "description": "The mod_ssl module provides strong cryptography for the Apache Web\r\nserver via the Secure Sockets Layer (SSL) and Transport Layer Security\r\n(TLS) protocols.\r\n\r\nA flaw was discovered in mod_ssl's handling of the \"SSLVerifyClient\"\r\ndirective. This flaw occurs if a virtual host is configured\r\nusing \"SSLVerifyClient optional\" and a directive \"SSLVerifyClient\r\nrequired\" is set for a specific location. For servers configured in this\r\nfashion, an attacker may be able to access resources that should otherwise\r\nbe protected, by not supplying a client certificate when connecting. The\r\nCommon Vulnerabilities and Exposures project assigned the name\r\nCAN-2005-2700 to this issue.\r\n\r\nUsers of mod_ssl should upgrade to this updated package, which contains a\r\nbackported patch to correct this issue.", "modified": "2018-03-14T19:27:20", "published": "2005-09-15T04:00:00", "id": "RHSA-2005:773", "href": "https://access.redhat.com/errata/RHSA-2005:773", "type": "redhat", "title": "(RHSA-2005:773) mod_ssl security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:44:39", "bulletinFamily": "unix", "cvelist": ["CVE-2005-2700", "CVE-2005-2728"], "description": "The Apache HTTP Server is a popular and freely-available Web server.\r\n\r\nA flaw was discovered in mod_ssl's handling of the \"SSLVerifyClient\"\r\ndirective. This flaw occurs if a virtual host is configured\r\nusing \"SSLVerifyClient optional\" and a directive \"SSLVerifyClient\r\nrequired\" is set for a specific location. For servers configured in this\r\nfashion, an attacker may be able to access resources that should otherwise\r\nbe protected, by not supplying a client certificate when connecting. The\r\nCommon Vulnerabilities and Exposures project assigned the name\r\nCAN-2005-2700 to this issue.\r\n\r\nA flaw was discovered in Apache httpd where the byterange filter would\r\nbuffer certain responses into memory. If a server has a dynamic\r\nresource such as a CGI script or PHP script that generates a large amount\r\nof data, an attacker could send carefully crafted requests in order to\r\nconsume resources, potentially leading to a Denial of Service. (CAN-2005-2728)\r\n\r\nUsers of Apache httpd should update to these errata packages that contain\r\nbackported patches to correct these issues.", "modified": "2017-09-08T11:57:14", "published": "2005-09-06T04:00:00", "id": "RHSA-2005:608", "href": "https://access.redhat.com/errata/RHSA-2005:608", "type": "redhat", "title": "(RHSA-2005:608) httpd security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:25:09", "bulletinFamily": "unix", "cvelist": ["CVE-2005-2700"], "description": "**CentOS Errata and Security Advisory** CESA-2005:773-01\n\n\nThe mod_ssl module provides strong cryptography for the Apache Web\r\nserver via the Secure Sockets Layer (SSL) and Transport Layer Security\r\n(TLS) protocols.\r\n\r\nA flaw was discovered in mod_ssl's handling of the \"SSLVerifyClient\"\r\ndirective. This flaw occurs if a virtual host is configured\r\nusing \"SSLVerifyClient optional\" and a directive \"SSLVerifyClient\r\nrequired\" is set for a specific location. For servers configured in this\r\nfashion, an attacker may be able to access resources that should otherwise\r\nbe protected, by not supplying a client certificate when connecting. The\r\nCommon Vulnerabilities and Exposures project assigned the name\r\nCAN-2005-2700 to this issue.\r\n\r\nUsers of mod_ssl should upgrade to this updated package, which contains a\r\nbackported patch to correct this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-September/024215.html\n\n**Affected packages:**\nmod_ssl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 5, "modified": "2005-09-16T00:34:35", "published": "2005-09-16T00:34:35", "href": "http://lists.centos.org/pipermail/centos-announce/2005-September/024215.html", "id": "CESA-2005:773-01", "title": "mod_ssl security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:25:11", "bulletinFamily": "unix", "cvelist": ["CVE-2005-2700", "CVE-2005-2728"], "description": "**CentOS Errata and Security Advisory** CESA-2005:608\n\n\nThe Apache HTTP Server is a popular and freely-available Web server.\r\n\r\nA flaw was discovered in mod_ssl's handling of the \"SSLVerifyClient\"\r\ndirective. This flaw occurs if a virtual host is configured\r\nusing \"SSLVerifyClient optional\" and a directive \"SSLVerifyClient\r\nrequired\" is set for a specific location. For servers configured in this\r\nfashion, an attacker may be able to access resources that should otherwise\r\nbe protected, by not supplying a client certificate when connecting. The\r\nCommon Vulnerabilities and Exposures project assigned the name\r\nCAN-2005-2700 to this issue.\r\n\r\nA flaw was discovered in Apache httpd where the byterange filter would\r\nbuffer certain responses into memory. If a server has a dynamic\r\nresource such as a CGI script or PHP script that generates a large amount\r\nof data, an attacker could send carefully crafted requests in order to\r\nconsume resources, potentially leading to a Denial of Service. (CAN-2005-2728)\r\n\r\nUsers of Apache httpd should update to these errata packages that contain\r\nbackported patches to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-September/024151.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-September/024152.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-September/024155.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-September/024156.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-September/024157.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-September/024159.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-September/024162.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-September/024164.html\n\n**Affected packages:**\nhttpd\nhttpd-devel\nhttpd-manual\nhttpd-suexec\nmod_ssl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2005-608.html", "edition": 4, "modified": "2005-09-07T02:16:28", "published": "2005-09-06T15:58:02", "href": "http://lists.centos.org/pipermail/centos-announce/2005-September/024151.html", "id": "CESA-2005:608", "title": "httpd, mod_ssl security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:33", "bulletinFamily": "unix", "cvelist": ["CVE-2005-2700", "CVE-2005-2491"], "edition": 1, "description": "### Background\n\nThe Apache HTTP server is one of the most popular web servers on the Internet. mod_ssl provides SSL v2/v3 and TLS v1 support for Apache 1.3 and is also included in Apache 2. \n\n### Description\n\nmod_ssl contains a security issue when \"SSLVerifyClient optional\" is configured in the global virtual host configuration (CAN-2005-2700). Also, Apache's httpd includes a PCRE library, which makes it vulnerable to an integer overflow (CAN-2005-2491). \n\n### Impact\n\nUnder a specific configuration, mod_ssl does not properly enforce the client-based certificate authentication directive, \"SSLVerifyClient require\", in a per-location context, which could be potentially used by a remote attacker to bypass some restrictions. By creating a specially crafted \".htaccess\" file, a local attacker could possibly exploit Apache's vulnerability, which would result in a local privilege escalation. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll mod_ssl users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-www/mod_ssl-2.8.24\"\n\nAll Apache 2 users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-servers/apache-2.0.54-r15\"", "modified": "2007-12-30T00:00:00", "published": "2005-09-19T00:00:00", "id": "GLSA-200509-12", "href": "https://security.gentoo.org/glsa/200509-12", "type": "gentoo", "title": "Apache, mod_ssl: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T11:57:19", "bulletinFamily": "unix", "cvelist": ["CVE-2005-2700", "CVE-2005-2728", "CVE-2005-2491"], "description": "PLEASE NOTE: This advisory is a re-release of SUSE-SA:2005:051 with a new SA ID because the ID SUSE-SA:2005:051 was already used.\n#### Solution\nThere are no workarounds known.", "edition": 1, "modified": "2005-09-16T12:34:21", "published": "2005-09-16T12:34:21", "id": "SUSE-SA:2005:052", "href": "http://lists.opensuse.org/opensuse-security-announce/2005-09/msg00016.html", "type": "suse", "title": "local command execution, authentication bypass, in apache2", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:36:33", "bulletinFamily": "unix", "cvelist": ["CVE-2005-2700", "CVE-2006-3918", "CVE-2005-3357"], "description": "The web server Apache2 has been updated to fix several security issues:\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2006-09-08T14:34:17", "published": "2006-09-08T14:34:17", "id": "SUSE-SA:2006:051", "href": "http://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html", "type": "suse", "title": "cryptographic problems in apache2", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:47:01", "bulletinFamily": "unix", "cvelist": ["CVE-2005-2700", "CVE-2005-2498", "CVE-2005-2728", "CVE-2005-1921", "CVE-2005-2491"], "description": "This update of apache2 fixes an integer overflow in the PCRE quantifier parsing which can be triggered by a local untrusted user by using a carefully crafted regex in a .htaccess file to execute arbitrary code. (CAN-2005-2491)\n#### Solution\nThere are no workarounds known.", "edition": 1, "modified": "2005-09-12T13:00:50", "published": "2005-09-12T13:00:50", "id": "SUSE-SA:2005:051", "href": "http://lists.opensuse.org/opensuse-security-announce/2005-09/msg00014.html", "title": "local command execution, authentication bypass, in apache2", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2020-07-09T19:41:33", "bulletinFamily": "unix", "cvelist": ["CVE-2005-2700", "CVE-2004-0700", "CVE-2004-0885", "CVE-2005-2728"], "description": "Apache did not honour the \"SSLVerifyClient require\" directive within a\n\nblock if the surrounding block contained a \ndirective \"SSLVerifyClient optional\". This allowed clients to bypass \nclient certificate validation on servers with the above configuration. \n(CAN-2005-2700)\n\nFilip Sneppe discovered a Denial of Service vulnerability in the byte \nrange filter handler. By requesting certain large byte ranges, a \nremote attacker could cause memory exhaustion in the server. \n(CAN-2005-2728)\n\nThe updated libapache-mod-ssl also fixes two older Denial of Service \nvulnerabilities: A format string error in the ssl_log() function which \ncould be exploited to crash the server (CAN-2004-0700), and a flaw in \nthe SSL cipher negotiation which could be exploited to terminate a \nsession (CAN-2004-0885). Please note that Apache 1.3 and \nlibapache-mod-ssl are not officially supported (they are in the \n\"universe\" component of the Ubuntu archive).", "edition": 5, "modified": "2005-09-07T00:00:00", "published": "2005-09-07T00:00:00", "id": "USN-177-1", "href": "https://ubuntu.com/security/notices/USN-177-1", "title": "Apache 2 vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
