Search...

CentOS 5 : httpd (CESA-2007:0556)

2007-06-27T00:00:00

ID CENTOS_RHSA-2007-0556.NASL
Type nessus
Reporter This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2007-06-27T00:00:00

Description

Updated Apache httpd packages that correct three security issues are now available for Red Hat Enterprise Linux 5.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

The Apache HTTP Server is a popular Web server.

The Apache HTTP Server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the Apache HTTP Server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service (CVE-2007-3304). This issue is not exploitable on Red Hat Enterprise Linux 5 if using the default SELinux targeted policy.

A flaw was found in the Apache HTTP Server mod_status module. On sites where the server-status page is publicly accessible and ExtendedStatus is enabled this could lead to a cross-site scripting attack. On Red Hat Enterprise Linux the server-status page is not enabled by default and it is best practice to not make this publicly available. (CVE-2006-5752)

A bug was found in the Apache HTTP Server mod_cache module. On sites where caching is enabled, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module. (CVE-2007-1863)

Users of httpd should upgrade to these updated packages, which contain backported patches to correct these issues. Users should restart Apache after installing this update.

                                        
                                            #%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2007:0556 and 
# CentOS Errata and Security Advisory 2007:0556 respectively.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(25579);
  script_version("1.17");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");

  script_cve_id("CVE-2006-5752", "CVE-2007-1863", "CVE-2007-3304");
  script_bugtraq_id(24215, 24645, 24649);
  script_xref(name:"RHSA", value:"2007:0556");

  script_name(english:"CentOS 5 : httpd (CESA-2007:0556)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote CentOS host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated Apache httpd packages that correct three security issues are
now available for Red Hat Enterprise Linux 5.

This update has been rated as having moderate security impact by the
Red Hat Security Response Team.

The Apache HTTP Server is a popular Web server.

The Apache HTTP Server did not verify that a process was an Apache
child process before sending it signals. A local attacker with the
ability to run scripts on the Apache HTTP Server could manipulate the
scoreboard and cause arbitrary processes to be terminated which could
lead to a denial of service (CVE-2007-3304). This issue is not
exploitable on Red Hat Enterprise Linux 5 if using the default SELinux
targeted policy.

A flaw was found in the Apache HTTP Server mod_status module. On sites
where the server-status page is publicly accessible and ExtendedStatus
is enabled this could lead to a cross-site scripting attack. On Red
Hat Enterprise Linux the server-status page is not enabled by default
and it is best practice to not make this publicly available.
(CVE-2006-5752)

A bug was found in the Apache HTTP Server mod_cache module. On sites
where caching is enabled, a remote attacker could send a carefully
crafted request that would cause the Apache child process handling
that request to crash. This could lead to a denial of service if using
a threaded Multi-Processing Module. (CVE-2007-1863)

Users of httpd should upgrade to these updated packages, which contain
backported patches to correct these issues. Users should restart
Apache after installing this update."
  );
  # https://lists.centos.org/pipermail/centos-announce/2007-June/013990.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?973c2000"
  );
  # https://lists.centos.org/pipermail/centos-announce/2007-June/013991.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?78e603e2"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected httpd packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:httpd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:httpd-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:httpd-manual");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:mod_ssl");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5");

  script_set_attribute(attribute:"vuln_publication_date", value:"2007/06/20");
  script_set_attribute(attribute:"patch_publication_date", value:"2007/06/27");
  script_set_attribute(attribute:"plugin_publication_date", value:"2007/06/27");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"CentOS Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/CentOS/release");
if (isnull(release) || "CentOS" &gt;!&lt; release) audit(AUDIT_OS_NOT, "CentOS");
os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
os_ver = os_ver[1];
if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 5.x", "CentOS " + os_ver);

if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" &gt;!&lt; cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);


flag = 0;
if (rpm_check(release:"CentOS-5", reference:"httpd-2.2.3-7.el5.centos")) flag++;
if (rpm_check(release:"CentOS-5", reference:"httpd-devel-2.2.3-7.el5.centos")) flag++;
if (rpm_check(release:"CentOS-5", reference:"httpd-manual-2.2.3-7.el5.centos")) flag++;
if (rpm_check(release:"CentOS-5", reference:"mod_ssl-2.2.3-7.el5.centos")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "httpd / httpd-devel / httpd-manual / mod_ssl");
}

JSON Vulners Source

Initial Source

{"id": "CENTOS_RHSA-2007-0556.NASL", "bulletinFamily": "scanner", "title": "CentOS 5 : httpd (CESA-2007:0556)", "description": "Updated Apache httpd packages that correct three security issues are\nnow available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nThe Apache HTTP Server did not verify that a process was an Apache\nchild process before sending it signals. A local attacker with the\nability to run scripts on the Apache HTTP Server could manipulate the\nscoreboard and cause arbitrary processes to be terminated which could\nlead to a denial of service (CVE-2007-3304). This issue is not\nexploitable on Red Hat Enterprise Linux 5 if using the default SELinux\ntargeted policy.\n\nA flaw was found in the Apache HTTP Server mod_status module. On sites\nwhere the server-status page is publicly accessible and ExtendedStatus\nis enabled this could lead to a cross-site scripting attack. On Red\nHat Enterprise Linux the server-status page is not enabled by default\nand it is best practice to not make this publicly available.\n(CVE-2006-5752)\n\nA bug was found in the Apache HTTP Server mod_cache module. On sites\nwhere caching is enabled, a remote attacker could send a carefully\ncrafted request that would cause the Apache child process handling\nthat request to crash. This could lead to a denial of service if using\na threaded Multi-Processing Module. (CVE-2007-1863)\n\nUsers of httpd should upgrade to these updated packages, which contain\nbackported patches to correct these issues. Users should restart\nApache after installing this update.", "published": "2007-06-27T00:00:00", "modified": "2007-06-27T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://www.tenable.com/plugins/nessus/25579", "reporter": "This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?78e603e2", "http://www.nessus.org/u?973c2000"], "cvelist": ["CVE-2007-3304", "CVE-2006-5752", "CVE-2007-1863"], "type": "nessus", "lastseen": "2021-01-06T09:25:09", "edition": 26, "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-3304", "CVE-2006-5752", "CVE-2007-1863"]}, {"type": "redhat", "idList": ["RHSA-2007:0662", "RHSA-2007:0534", "RHSA-2007:0557", "RHSA-2007:0533", "RHSA-2007:0532", "RHSA-2007:0556"]}, {"type": "oraclelinux", "idList": ["ELSA-2007-0556", "ELSA-2007-0662", "ELSA-2007-0534", "ELSA-2007-0747", "ELSA-2007-0746", "ELSA-2007-0533"]}, {"type": "centos", "idList": ["CESA-2007:0556", "CESA-2007:0533", "CESA-2007:0532-01", "CESA-2007:0534", "CESA-2007:0662"]}, {"type": "ubuntu", "idList": ["USN-499-1"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310830294", "OPENVAS:65113", "OPENVAS:830294", "OPENVAS:850088", "OPENVAS:1361412562310122688", "OPENVAS:58804", "OPENVAS:840092", "OPENVAS:861325", "OPENVAS:861373", "OPENVAS:861246"]}, {"type": "nessus", "idList": ["ORACLELINUX_ELSA-2007-0556.NASL", "MANDRAKE_MDKSA-2007-140.NASL", "FEDORA_2007-0704.NASL", "FEDORA_2007-617.NASL", "SUSE_APACHE2-4669.NASL", "SL_20070626_HTTPD_ON_SL5_X.NASL", "FEDORA_2007-615.NASL", "UBUNTU_USN-499-1.NASL", "REDHAT-RHSA-2007-0556.NASL", "FREEBSD_PKG_C115271D602B11DC898C001921AB2FA4.NASL"]}, {"type": "fedora", "idList": ["FEDORA:M1G27PL9027710", "FEDORA:L8J2ROS5020550", "FEDORA:L6CMRP6R013550", "FEDORA:L62F1CGQ016053", "FEDORA:L5R3QDPY011231"]}, {"type": "freebsd", "idList": ["C115271D-602B-11DC-898C-001921AB2FA4"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:18002", "SECURITYVULNS:VULN:7757"]}, {"type": "suse", "idList": ["SUSE-SA:2007:061"]}, {"type": "gentoo", "idList": ["GLSA-200711-06"]}, {"type": "vmware", "idList": ["VMSA-2009-0010"]}, {"type": "osvdb", "idList": ["OSVDB:38630", "OSVDB:38939", "OSVDB:37079", "OSVDB:37052"]}, {"type": "httpd", "idList": ["HTTPD:E64DD2992869E3B570507A803F6B61DC", "HTTPD:37C9FB4717E55404648E661334891D18", "HTTPD:40D3FE87B71DE5DE61C248550CCA14BC", "HTTPD:0C1B25786AC8D8ABAE94968CF5338235", "HTTPD:54F2521BC13F2D35EB25F335F6F906BB", "HTTPD:EA81A7FD4BED06F6CEF71C3521A44027", "HTTPD:DE2DCBB7F497C546416A82A8C580176E", "HTTPD:DBD6B4CFAA46D62C4F04EB981A23089E", "HTTPD:EB702124981FF0A598C6ED98A2E069D9", "HTTPD:F530D75F8856ACC4F8157FC2A041822A"]}, {"type": "seebug", "idList": ["SSV:2174"]}], "modified": "2021-01-06T09:25:09", "rev": 2}, "score": {"value": 5.2, "vector": "NONE", "modified": "2021-01-06T09:25:09", "rev": 2}, "vulnersScore": 5.2}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:0556 and \n# CentOS Errata and Security Advisory 2007:0556 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25579);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2006-5752\", \"CVE-2007-1863\", \"CVE-2007-3304\");\n script_bugtraq_id(24215, 24645, 24649);\n script_xref(name:\"RHSA\", value:\"2007:0556\");\n\n script_name(english:\"CentOS 5 : httpd (CESA-2007:0556)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated Apache httpd packages that correct three security issues are\nnow available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nThe Apache HTTP Server did not verify that a process was an Apache\nchild process before sending it signals. A local attacker with the\nability to run scripts on the Apache HTTP Server could manipulate the\nscoreboard and cause arbitrary processes to be terminated which could\nlead to a denial of service (CVE-2007-3304). This issue is not\nexploitable on Red Hat Enterprise Linux 5 if using the default SELinux\ntargeted policy.\n\nA flaw was found in the Apache HTTP Server mod_status module. On sites\nwhere the server-status page is publicly accessible and ExtendedStatus\nis enabled this could lead to a cross-site scripting attack. On Red\nHat Enterprise Linux the server-status page is not enabled by default\nand it is best practice to not make this publicly available.\n(CVE-2006-5752)\n\nA bug was found in the Apache HTTP Server mod_cache module. On sites\nwhere caching is enabled, a remote attacker could send a carefully\ncrafted request that would cause the Apache child process handling\nthat request to crash. This could lead to a denial of service if using\na threaded Multi-Processing Module. (CVE-2007-1863)\n\nUsers of httpd should upgrade to these updated packages, which contain\nbackported patches to correct these issues. Users should restart\nApache after installing this update.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-June/013990.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?973c2000\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-June/013991.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?78e603e2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected httpd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/06/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/06/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"httpd-2.2.3-7.el5.centos\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"httpd-devel-2.2.3-7.el5.centos\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"httpd-manual-2.2.3-7.el5.centos\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"mod_ssl-2.2.3-7.el5.centos\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / httpd-manual / mod_ssl\");\n}\n", "naslFamily": "CentOS Local Security Checks", "pluginID": "25579", "cpe": ["p-cpe:/a:centos:centos:mod_ssl", "p-cpe:/a:centos:centos:httpd-manual", "p-cpe:/a:centos:centos:httpd", "p-cpe:/a:centos:centos:httpd-devel", "cpe:/o:centos:centos:5"], "scheme": null}

{"cve": [{"lastseen": "2020-10-03T11:48:19", "description": "Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform \"charset detection\" when the content-type is not specified.", "edition": 5, "cvss3": {}, "published": "2007-06-27T17:30:00", "title": "CVE-2006-5752", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-5752"], "modified": "2018-10-17T21:44:00", "cpe": ["cpe:/a:apache:http_server:2.2.4", "cpe:/a:apache:http_server:2.2.0", "cpe:/a:apache:http_server:2.2.3"], "id": "CVE-2006-5752", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-5752", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:45:52", "description": "Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka \"SIGUSR1 killer.\"", "edition": 5, "cvss3": {}, "published": "2007-06-20T22:30:00", "title": "CVE-2007-3304", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3304"], "modified": "2018-10-16T16:48:00", "cpe": ["cpe:/a:apache:http_server:2.2.4", "cpe:/a:apache:http_server:2.0.59", "cpe:/a:apache:http_server:1.3.37"], "id": "CVE-2007-3304", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-3304", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:apache:http_server:1.3.37:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.59:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:45:50", "description": "cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value.", "edition": 5, "cvss3": {}, "published": "2007-06-27T17:30:00", "title": "CVE-2007-1863", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-1863"], "modified": "2018-10-16T16:40:00", "cpe": ["cpe:/o:apple:mac_os_x_server:10.4.8", "cpe:/o:apple:mac_os_x_server:10.0", "cpe:/o:apple:mac_os_x_server:10.1.5", "cpe:/o:apple:mac_os_x_server:10.3.8", "cpe:/o:apple:mac_os_x_server:10.3.7", "cpe:/o:apple:mac_os_x_server:10.3.1", "cpe:/o:apple:mac_os_x_server:10.4.5", "cpe:/o:apple:mac_os_x_server:10.4.2", "cpe:/o:apple:mac_os_x_server:10.2.3", "cpe:/o:apple:mac_os_x_server:10.2.2", "cpe:/o:apple:mac_os_x_server:10.4.6", "cpe:/o:apple:mac_os_x_server:10.3.4", "cpe:/o:apple:mac_os_x_server:10.4.4", "cpe:/o:apple:mac_os_x_server:10.1.4", "cpe:/o:apple:mac_os_x_server:10.2.4", "cpe:/o:apple:mac_os_x_server:10.4.1", "cpe:/o:apple:mac_os_x_server:10.3.6", "cpe:/o:apple:mac_os_x_server:10.4.9", "cpe:/o:apple:mac_os_x_server:10.1.1", "cpe:/o:apple:mac_os_x_server:10.2.6", "cpe:/o:apple:mac_os_x_server:10.3.2", "cpe:/o:apple:mac_os_x_server:10.2", "cpe:/o:apple:mac_os_x_server:10.3.9", "cpe:/o:apple:mac_os_x_server:10.3", "cpe:/o:apple:mac_os_x_server:10.4.3", "cpe:/o:apple:mac_os_x_server:10.1.3", "cpe:/o:apple:mac_os_x_server:10.3.5", "cpe:/o:apple:mac_os_x_server:10.1.2", "cpe:/o:apple:mac_os_x_server:10.3.3", "cpe:/o:apple:mac_os_x_server:10.2.1", "cpe:/o:apple:mac_os_x_server:10.4", "cpe:/o:apple:mac_os_x_server:10.4.7", "cpe:/o:apple:mac_os_x_server:10.2.5", "cpe:/o:apple:mac_os_x_server:10.1", "cpe:/o:apple:mac_os_x_server:10.2.8", "cpe:/o:apple:mac_os_x_server:10.2.7"], "id": "CVE-2007-1863", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-1863", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*"]}], "redhat": [{"lastseen": "2019-08-13T18:46:50", "bulletinFamily": "unix", "cvelist": ["CVE-2006-5752", "CVE-2007-1863", "CVE-2007-3304"], "description": "The Apache HTTP Server is a popular Web server.\r\n\r\nA flaw was found in the Apache HTTP Server mod_status module. On sites\r\nwhere the server-status page is publicly accessible and ExtendedStatus is\r\nenabled, this flaw could lead to a cross-site scripting attack. On Red Hat\r\nEnterprise Linux, the server-status page is not enabled by default and it\r\nis best practice to not make this publicly available. (CVE-2006-5752)\r\n\r\nA bug was found in the Apache HTTP Server mod_cache module. On sites where\r\ncaching is enabled, a remote attacker could send a carefully crafted\r\nrequest that would cause the Apache child process handling that request to\r\ncrash. This could lead to a denial of service if using a threaded\r\nMulti-Processing Module. (CVE-2007-1863)\r\n\r\nThe Apache HTTP Server did not verify that a process was an Apache child\r\nprocess before sending it signals. A local attacker with the ability to run\r\nscripts on the Apache HTTP Server could manipulate the scoreboard and cause\r\narbitrary processes to be terminated which could lead to a denial of\r\nservice. (CVE-2007-3304).\r\n\r\nUsers of httpd should upgrade to these updated packages, which contain\r\nbackported patches to correct these issues. Users should restart Apache\r\nafter installing this update.", "modified": "2019-03-22T23:44:36", "published": "2007-07-13T04:00:00", "id": "RHSA-2007:0557", "href": "https://access.redhat.com/errata/RHSA-2007:0557", "type": "redhat", "title": "(RHSA-2007:0557) Moderate: httpd security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:44:43", "bulletinFamily": "unix", "cvelist": ["CVE-2006-5752", "CVE-2007-1863", "CVE-2007-3304"], "description": "The Apache HTTP Server is a popular Web server.\r\n\r\nThe Apache HTTP Server did not verify that a process was an Apache child\r\nprocess before sending it signals. A local attacker with the ability to run\r\nscripts on the Apache HTTP Server could manipulate the scoreboard and cause\r\narbitrary processes to be terminated which could lead to a denial of\r\nservice (CVE-2007-3304). This issue is not exploitable on Red Hat\r\nEnterprise Linux 5 if using the default SELinux targeted policy.\r\n\r\nA flaw was found in the Apache HTTP Server mod_status module. On sites\r\nwhere the server-status page is publicly accessible and ExtendedStatus is\r\nenabled this could lead to a cross-site scripting attack. On Red Hat\r\nEnterprise Linux the server-status page is not enabled by default and it is\r\nbest practice to not make this publicly available. (CVE-2006-5752)\r\n\r\nA bug was found in the Apache HTTP Server mod_cache module. On sites where\r\ncaching is enabled, a remote attacker could send a carefully crafted\r\nrequest that would cause the Apache child process handling that request to\r\ncrash. This could lead to a denial of service if using a threaded\r\nMulti-Processing Module. (CVE-2007-1863)\r\n\r\nUsers of httpd should upgrade to these updated packages, which contain\r\nbackported patches to correct these issues. Users should restart Apache\r\nafter installing this update.", "modified": "2017-09-08T11:54:40", "published": "2007-06-26T04:00:00", "id": "RHSA-2007:0556", "href": "https://access.redhat.com/errata/RHSA-2007:0556", "type": "redhat", "title": "(RHSA-2007:0556) Moderate: httpd security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:45:00", "bulletinFamily": "unix", "cvelist": ["CVE-2006-5752", "CVE-2007-3304"], "description": "The Apache HTTP Server is a popular Web server.\r\n\r\nThe Apache HTTP Server did not verify that a process was an Apache child\r\nprocess before sending it signals. A local attacker who has the ability to\r\nrun scripts on the Apache HTTP Server could manipulate the scoreboard and\r\ncause arbitrary processes to be terminated, which could lead to a denial of\r\nservice. (CVE-2007-3304) \r\n\r\nA flaw was found in the Apache HTTP Server mod_status module. Sites with\r\nthe server-status page publicly accessible and ExtendedStatus enabled were\r\nvulnerable to a cross-site scripting attack. On Red Hat Enterprise Linux\r\nthe server-status page is not enabled by default and it is best practice to\r\nnot make this publicly available. (CVE-2006-5752)\r\n\r\nUsers of Apache should upgrade to these updated packages, which contain\r\nbackported patches to correct these issues. Users should restart Apache\r\nafter installing this update.", "modified": "2018-03-14T19:27:53", "published": "2007-06-26T04:00:00", "id": "RHSA-2007:0532", "href": "https://access.redhat.com/errata/RHSA-2007:0532", "type": "redhat", "title": "(RHSA-2007:0532) Moderate: apache security update", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:47:12", "bulletinFamily": "unix", "cvelist": ["CVE-2006-5752", "CVE-2007-1863"], "description": "The Apache HTTP Server is a popular Web server.\r\n\r\nA flaw was found in the Apache HTTP Server mod_status module. On sites\r\nwhere the server-status page is publicly accessible and ExtendedStatus is\r\nenabled this could lead to a cross-site scripting attack. On Red Hat\r\nEnterprise Linux the server-status page is not enabled by default and it is\r\nbest practice to not make this publicly available. (CVE-2006-5752)\r\n\r\nA flaw was found in the Apache HTTP Server mod_cache module. On sites where\r\ncaching is enabled, a remote attacker could send a carefully crafted\r\nrequest that would cause the Apache child process handling that request to\r\ncrash. This could lead to a denial of service if using a threaded\r\nMulti-Processing Module. (CVE-2007-1863)\r\n\r\nIn addition, two bugs were fixed:\r\n\r\n* when the ProxyErrorOverride directive was enabled, responses with 3xx\r\nstatus-codes would be overriden at the proxy. This has been changed so that\r\nonly 4xx and 5xx responses are overriden.\r\n\r\n* the \"ProxyTimeout\" directive was not inherited across virtual host\r\ndefinitions.\r\n\r\nUsers of httpd should upgrade to these updated packages, which contain\r\nbackported patches to correct these issues. Users should restart Apache\r\nafter installing this update.", "modified": "2017-07-28T18:43:48", "published": "2007-06-27T04:00:00", "id": "RHSA-2007:0533", "href": "https://access.redhat.com/errata/RHSA-2007:0533", "type": "redhat", "title": "(RHSA-2007:0533) Moderate: httpd security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:45:52", "bulletinFamily": "unix", "cvelist": ["CVE-2006-5752", "CVE-2007-1863"], "description": "The Apache HTTP Server is a popular Web server.\r\n\r\nA flaw was found in the Apache HTTP Server mod_status module. On sites\r\nwhere the server-status page is publicly accessible and ExtendedStatus is\r\nenabled this could lead to a cross-site scripting attack. On Red Hat\r\nEnterprise Linux the server-status page is not enabled by default and it is\r\nbest practice to not make this publicly available. (CVE-2006-5752)\r\n\r\nA bug was found in the Apache HTTP Server mod_cache module. On sites where\r\ncaching is enabled, a remote attacker could send a carefully crafted\r\nrequest that would cause the Apache child process handling that request to\r\ncrash. This could lead to a denial of service if using a threaded\r\nMulti-Processing Module. (CVE-2007-1863)\r\n\r\nUsers of httpd should upgrade to these updated packages, which contain\r\nbackported patches to correct these issues. Users should restart Apache\r\nafter installing this update.", "modified": "2017-09-08T12:18:23", "published": "2007-06-26T04:00:00", "id": "RHSA-2007:0534", "href": "https://access.redhat.com/errata/RHSA-2007:0534", "type": "redhat", "title": "(RHSA-2007:0534) Moderate: httpd security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:45:47", "bulletinFamily": "unix", "cvelist": ["CVE-2007-3304"], "description": "The Apache HTTP Server is a popular Web server. \r\n\r\nThe Apache HTTP Server did not verify that a process was an Apache child\r\nprocess before sending it signals. A local attacker with the ability to run\r\nscripts on the Apache HTTP Server could manipulate the scoreboard and cause\r\narbitrary processes to be terminated which could lead to a denial of\r\nservice. (CVE-2007-3304).\r\n\r\nUsers of httpd should upgrade to these updated packages, which contain\r\nbackported patches to correct this issue. Users should restart Apache\r\nafter installing this update.", "modified": "2017-09-08T11:58:39", "published": "2007-07-13T04:00:00", "id": "RHSA-2007:0662", "href": "https://access.redhat.com/errata/RHSA-2007:0662", "type": "redhat", "title": "(RHSA-2007:0662) Moderate: httpd security update", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:37:06", "bulletinFamily": "unix", "cvelist": ["CVE-2007-3304", "CVE-2006-5752", "CVE-2007-1863"], "description": " [2.2.3-7.el5.0.1]\n - Marks removal + index page cleanup\n \n [2.2.3-7.el5]\n - add security fixes for CVE-2007-1863, CVE-2007-3304,\n and CVE-2006-5752 (#244665) ", "edition": 4, "modified": "2007-06-26T00:00:00", "published": "2007-06-26T00:00:00", "id": "ELSA-2007-0556", "href": "http://linux.oracle.com/errata/ELSA-2007-0556.html", "title": "Moderate: httpd security update ", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:18", "bulletinFamily": "unix", "cvelist": ["CVE-2007-3304", "CVE-2006-5752", "CVE-2007-3847", "CVE-2007-1863"], "description": "[2.0.52-38.ent.0.1]\n- use oracle index page oracle_index.html\n- updated string and distro in specfile\n[2.0.52-38.ent]\n- fix server version string (#236419)\n[2.0.52-37.ent]\n- add security fix for CVE-2007-3847 (#250760)\n[2.0.52-36.ent]\n- add mod_version, load in default httpd.conf (#248696)\n[2.0.52-35.ent]\n- add 'ServerTokens Full-Release' config option (#236419)\n- add security fix for CVE-2007-3304 (#246182)\n- add security fixes for CVE-2007-1863 and CVE-2006-5752 (#244664)\n[2.0.52-34.ent]\n- use init script in logrotate postrotate (#241407)\n- mod_proxy: fix handling of percent chars (#233254)\n- fix {default,cgi}_handler returning bogus errors (#197915)\n- fix unnecessary loss of C-L in HEAD responses (#173467)\n[2.0.52-33.ent]\n- fix ProxyErrorOverride to only affect 4xx, 5xx responses (#240022)\n- fix mod_proxy option inheritance (#242920)", "edition": 4, "modified": "2007-11-27T00:00:00", "published": "2007-11-27T00:00:00", "id": "ELSA-2007-0747", "href": "http://linux.oracle.com/errata/ELSA-2007-0747.html", "title": "httpd security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:26", "bulletinFamily": "unix", "cvelist": ["CVE-2007-3304", "CVE-2006-5752", "CVE-2007-3847", "CVE-2007-1863"], "description": "[2.2.3-11.el5.0.1]\n- use oracle index page oracle_index.html, update vstring and distro\n[2.2.3-11.el5]\n- mark httpd.conf config(noreplace) (#247881)\n[2.2.3-10.el5]\n- add security fix for CVE-2007-3847 (#250761)\n[2.2.3-9.el5]\n- load mod_version by default (#247881)\n[2.2.3-8.el5]\n- add 'ServerTokens Full-Release' config option (#240857)\n- use init script in logrotate postrotate (#241680)\n- fix mod_proxy option inheritance (#245719)\n- fix ProxyErrorOverride to only affect 4xx, 5xx responses (#240024)\n- bump logresolve line buffer length to 10K (#245763)\n- add security fixes for CVE-2007-1863, CVE-2007-3304,\n and CVE-2006-5752 (#244666)", "edition": 4, "modified": "2007-11-19T00:00:00", "published": "2007-11-19T00:00:00", "id": "ELSA-2007-0746", "href": "http://linux.oracle.com/errata/ELSA-2007-0746.html", "title": "httpd security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:22", "bulletinFamily": "unix", "cvelist": ["CVE-2006-5752", "CVE-2007-1863"], "description": " [2.0.46-67.ent.0.1]\n - index.html cleanup and logo removal\n \n [2.0.46-67.ent]\n - rebuild\n \n [2.0.46-66.ent]\n - mod_cache: follow upstream max-stale handling in\n CVE-2007-1863 fix (#244662)\n \n [2.0.46-65.ent]\n - add security fixes for CVE-2007-1863 and CVE-2006-5752 (#244662)\n \n [2.0.46-64.ent]\n - fix ProxyErrorOverride to only affect 4xx, 5xx responses (#244639)\n - fix mod_proxy option inheritance (#244638) ", "edition": 4, "modified": "2007-06-27T00:00:00", "published": "2007-06-27T00:00:00", "id": "ELSA-2007-0533", "href": "http://linux.oracle.com/errata/ELSA-2007-0533.html", "title": "Moderate: httpd security update ", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:49", "bulletinFamily": "unix", "cvelist": ["CVE-2006-5752", "CVE-2007-1863"], "description": " [2.0.52-32.2.ent.0.1]\n - merge Oracle modifications\n \n [2.0.52-32.2.ent]\n - add security fixes for CVE-2007-1863 and CVE-2006-5752 (#244663) ", "edition": 4, "modified": "2007-06-26T00:00:00", "published": "2007-06-26T00:00:00", "id": "ELSA-2007-0534", "href": "http://linux.oracle.com/errata/ELSA-2007-0534.html", "title": "Moderate: httpd security update ", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:31", "bulletinFamily": "unix", "cvelist": ["CVE-2007-3304"], "description": " [2.0.52-32.3.ent.0.1]\n - merge Oracle modifications\n \n [2.0.52-32.3.ent]\n - add security fix for CVE-2007-3304 (#246181) ", "edition": 4, "modified": "2007-07-13T00:00:00", "published": "2007-07-13T00:00:00", "id": "ELSA-2007-0662", "href": "http://linux.oracle.com/errata/ELSA-2007-0662.html", "title": "Moderate: httpd security update ", "type": "oraclelinux", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:25:14", "bulletinFamily": "unix", "cvelist": ["CVE-2007-3304", "CVE-2006-5752", "CVE-2007-1863"], "description": "**CentOS Errata and Security Advisory** CESA-2007:0556\n\n\nThe Apache HTTP Server is a popular Web server.\r\n\r\nThe Apache HTTP Server did not verify that a process was an Apache child\r\nprocess before sending it signals. A local attacker with the ability to run\r\nscripts on the Apache HTTP Server could manipulate the scoreboard and cause\r\narbitrary processes to be terminated which could lead to a denial of\r\nservice (CVE-2007-3304). This issue is not exploitable on Red Hat\r\nEnterprise Linux 5 if using the default SELinux targeted policy.\r\n\r\nA flaw was found in the Apache HTTP Server mod_status module. On sites\r\nwhere the server-status page is publicly accessible and ExtendedStatus is\r\nenabled this could lead to a cross-site scripting attack. On Red Hat\r\nEnterprise Linux the server-status page is not enabled by default and it is\r\nbest practice to not make this publicly available. (CVE-2006-5752)\r\n\r\nA bug was found in the Apache HTTP Server mod_cache module. On sites where\r\ncaching is enabled, a remote attacker could send a carefully crafted\r\nrequest that would cause the Apache child process handling that request to\r\ncrash. This could lead to a denial of service if using a threaded\r\nMulti-Processing Module. (CVE-2007-1863)\r\n\r\nUsers of httpd should upgrade to these updated packages, which contain\r\nbackported patches to correct these issues. Users should restart Apache\r\nafter installing this update.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-June/026028.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-June/026029.html\n\n**Affected packages:**\nhttpd\nhttpd-devel\nhttpd-manual\nmod_ssl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2007-0556.html", "edition": 3, "modified": "2007-06-27T11:06:18", "published": "2007-06-27T11:06:14", "href": "http://lists.centos.org/pipermail/centos-announce/2007-June/026028.html", "id": "CESA-2007:0556", "title": "httpd, mod_ssl security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-12-20T18:27:38", "bulletinFamily": "unix", "cvelist": ["CVE-2007-3304", "CVE-2006-5752"], "description": "**CentOS Errata and Security Advisory** CESA-2007:0532-01\n\n\nThe Apache HTTP Server is a popular Web server.\r\n\r\nThe Apache HTTP Server did not verify that a process was an Apache child\r\nprocess before sending it signals. A local attacker who has the ability to\r\nrun scripts on the Apache HTTP Server could manipulate the scoreboard and\r\ncause arbitrary processes to be terminated, which could lead to a denial of\r\nservice. (CVE-2007-3304) \r\n\r\nA flaw was found in the Apache HTTP Server mod_status module. Sites with\r\nthe server-status page publicly accessible and ExtendedStatus enabled were\r\nvulnerable to a cross-site scripting attack. On Red Hat Enterprise Linux\r\nthe server-status page is not enabled by default and it is best practice to\r\nnot make this publicly available. (CVE-2006-5752)\r\n\r\nUsers of Apache should upgrade to these updated packages, which contain\r\nbackported patches to correct these issues. Users should restart Apache\r\nafter installing this update.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-June/026014.html\n\n**Affected packages:**\napache\napache-devel\napache-manual\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 5, "modified": "2007-06-26T23:35:19", "published": "2007-06-26T23:35:19", "href": "http://lists.centos.org/pipermail/centos-announce/2007-June/026014.html", "id": "CESA-2007:0532-01", "title": "apache security update", "type": "centos", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-12-20T18:26:37", "bulletinFamily": "unix", "cvelist": ["CVE-2006-5752", "CVE-2007-1863"], "description": "**CentOS Errata and Security Advisory** CESA-2007:0533\n\n\nThe Apache HTTP Server is a popular Web server.\r\n\r\nA flaw was found in the Apache HTTP Server mod_status module. On sites\r\nwhere the server-status page is publicly accessible and ExtendedStatus is\r\nenabled this could lead to a cross-site scripting attack. On Red Hat\r\nEnterprise Linux the server-status page is not enabled by default and it is\r\nbest practice to not make this publicly available. (CVE-2006-5752)\r\n\r\nA flaw was found in the Apache HTTP Server mod_cache module. On sites where\r\ncaching is enabled, a remote attacker could send a carefully crafted\r\nrequest that would cause the Apache child process handling that request to\r\ncrash. This could lead to a denial of service if using a threaded\r\nMulti-Processing Module. (CVE-2007-1863)\r\n\r\nIn addition, two bugs were fixed:\r\n\r\n* when the ProxyErrorOverride directive was enabled, responses with 3xx\r\nstatus-codes would be overriden at the proxy. This has been changed so that\r\nonly 4xx and 5xx responses are overriden.\r\n\r\n* the \"ProxyTimeout\" directive was not inherited across virtual host\r\ndefinitions.\r\n\r\nUsers of httpd should upgrade to these updated packages, which contain\r\nbackported patches to correct these issues. Users should restart Apache\r\nafter installing this update.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-June/026030.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-June/026031.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-June/026040.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-June/026049.html\n\n**Affected packages:**\nhttpd\nhttpd-devel\nmod_ssl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2007-0533.html", "edition": 4, "modified": "2007-06-29T23:15:34", "published": "2007-06-27T15:34:54", "href": "http://lists.centos.org/pipermail/centos-announce/2007-June/026030.html", "id": "CESA-2007:0533", "title": "httpd, mod_ssl security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-17T03:30:21", "bulletinFamily": "unix", "cvelist": ["CVE-2006-5752", "CVE-2007-1863"], "description": "**CentOS Errata and Security Advisory** CESA-2007:0534\n\n\nThe Apache HTTP Server is a popular Web server.\r\n\r\nA flaw was found in the Apache HTTP Server mod_status module. On sites\r\nwhere the server-status page is publicly accessible and ExtendedStatus is\r\nenabled this could lead to a cross-site scripting attack. On Red Hat\r\nEnterprise Linux the server-status page is not enabled by default and it is\r\nbest practice to not make this publicly available. (CVE-2006-5752)\r\n\r\nA bug was found in the Apache HTTP Server mod_cache module. On sites where\r\ncaching is enabled, a remote attacker could send a carefully crafted\r\nrequest that would cause the Apache child process handling that request to\r\ncrash. This could lead to a denial of service if using a threaded\r\nMulti-Processing Module. (CVE-2007-1863)\r\n\r\nUsers of httpd should upgrade to these updated packages, which contain\r\nbackported patches to correct these issues. Users should restart Apache\r\nafter installing this update.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-June/026022.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-June/026023.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-June/026044.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-June/026050.html\n\n**Affected packages:**\nhttpd\nhttpd-devel\nhttpd-manual\nhttpd-suexec\nmod_ssl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2007-0534.html", "edition": 6, "modified": "2007-06-30T00:03:12", "published": "2007-06-27T00:14:54", "href": "http://lists.centos.org/pipermail/centos-announce/2007-June/026022.html", "id": "CESA-2007:0534", "title": "httpd, mod_ssl security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-12-20T18:24:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-3304"], "description": "**CentOS Errata and Security Advisory** CESA-2007:0662\n\n\nThe Apache HTTP Server is a popular Web server. \r\n\r\nThe Apache HTTP Server did not verify that a process was an Apache child\r\nprocess before sending it signals. A local attacker with the ability to run\r\nscripts on the Apache HTTP Server could manipulate the scoreboard and cause\r\narbitrary processes to be terminated which could lead to a denial of\r\nservice. (CVE-2007-3304).\r\n\r\nUsers of httpd should upgrade to these updated packages, which contain\r\nbackported patches to correct this issue. Users should restart Apache\r\nafter installing this update.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/026071.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/026072.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/026074.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/026075.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/026080.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/026081.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/026082.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/026083.html\n\n**Affected packages:**\nhttpd\nhttpd-devel\nhttpd-manual\nhttpd-suexec\nmod_ssl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2007-0662.html", "edition": 4, "modified": "2007-07-15T11:29:09", "published": "2007-07-13T09:59:54", "href": "http://lists.centos.org/pipermail/centos-announce/2007-July/026071.html", "id": "CESA-2007:0662", "title": "httpd, mod_ssl security update", "type": "centos", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}], "ubuntu": [{"lastseen": "2020-07-09T00:31:50", "bulletinFamily": "unix", "cvelist": ["CVE-2007-3304", "CVE-2006-5752", "CVE-2007-1863"], "description": "Stefan Esser discovered that mod_status did not force a character set, \nwhich could result in browsers becoming vulnerable to XSS attacks when \nprocessing the output. If a user were tricked into viewing server \nstatus output during a crafted server request, a remote attacker could \nexploit this to modify the contents, or steal confidential data (such as \npasswords), within the same domain. By default, mod_status is disabled \nin Ubuntu. (CVE-2006-5752)\n\nNiklas Edmundsson discovered that the mod_cache module could be made to \ncrash using a specially crafted request. A remote user could use this \nto cause a denial of service if Apache was configured to use a threaded \nworker. By default, mod_cache is disabled in Ubuntu. (CVE-2007-1863)\n\nA flaw was discovered in the signal handling of Apache. A local \nattacker could trick Apache into sending SIGUSR1 to other processes. \nThe vulnerable code was only present in Ubuntu Feisty. (CVE-2007-3304)", "edition": 6, "modified": "2007-08-17T00:00:00", "published": "2007-08-17T00:00:00", "id": "USN-499-1", "href": "https://ubuntu.com/security/notices/USN-499-1", "title": "Apache vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2018-04-09T11:40:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3304", "CVE-2006-5752", "CVE-2007-1863"], "description": "Check for the Version of apache", "modified": "2018-04-06T00:00:00", "published": "2009-04-09T00:00:00", "id": "OPENVAS:1361412562310830294", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830294", "type": "openvas", "title": "Mandriva Update for apache MDKSA-2007:140 (apache)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for apache MDKSA-2007:140 (apache)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability was discovered in the the Apache mod_status module\n that could lead to a cross-site scripting attack on sites where the\n server-status page was publicly accessible and ExtendedStatus was\n enabled (CVE-2006-5752).\n\n A vulnerability was found in the Apache mod_cache module that could\n cause the httpd server child process to crash if it was sent a\n carefully crafted request. This could lead to a denial of service\n if using a threaded MPM (CVE-2007-1863).\n \n The Apache server also did not verify that a process was an Apache\n child process before sending it signals. A local attacker with the\n ability to run scripts on the server could manipulate the scoreboard\n and cause arbitrary processes to be terminated (CVE-2007-3304).\n \n Updated packages have been patched to prevent the above issues.\";\n\ntag_affected = \"apache on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2007-07/msg00007.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830294\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 13:57:01 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDKSA\", value: \"2007:140\");\n script_cve_id(\"CVE-2006-5752\", \"CVE-2007-1863\", \"CVE-2007-3304\");\n script_name( \"Mandriva Update for apache MDKSA-2007:140 (apache)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of apache\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-base\", rpm:\"apache-base~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-htcacheclean\", rpm:\"apache-htcacheclean~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_authn_dbd\", rpm:\"apache-mod_authn_dbd~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_cache\", rpm:\"apache-mod_cache~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dav\", rpm:\"apache-mod_dav~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dbd\", rpm:\"apache-mod_dbd~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_deflate\", rpm:\"apache-mod_deflate~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_disk_cache\", rpm:\"apache-mod_disk_cache~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_file_cache\", rpm:\"apache-mod_file_cache~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_ldap\", rpm:\"apache-mod_ldap~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_mem_cache\", rpm:\"apache-mod_mem_cache~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_proxy\", rpm:\"apache-mod_proxy~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_proxy_ajp\", rpm:\"apache-mod_proxy_ajp~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_ssl\", rpm:\"apache-mod_ssl~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_userdir\", rpm:\"apache-mod_userdir~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-modules\", rpm:\"apache-modules~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-event\", rpm:\"apache-mpm-event~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-itk\", rpm:\"apache-mpm-itk~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-prefork\", rpm:\"apache-mpm-prefork~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-worker\", rpm:\"apache-mpm-worker~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-source\", rpm:\"apache-source~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache\", rpm:\"apache~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-base\", rpm:\"apache-base~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-htcacheclean\", rpm:\"apache-htcacheclean~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_authn_dbd\", rpm:\"apache-mod_authn_dbd~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_cache\", rpm:\"apache-mod_cache~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dav\", rpm:\"apache-mod_dav~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dbd\", rpm:\"apache-mod_dbd~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_deflate\", rpm:\"apache-mod_deflate~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_disk_cache\", rpm:\"apache-mod_disk_cache~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_file_cache\", rpm:\"apache-mod_file_cache~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_ldap\", rpm:\"apache-mod_ldap~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_mem_cache\", rpm:\"apache-mod_mem_cache~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_proxy\", rpm:\"apache-mod_proxy~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_proxy_ajp\", rpm:\"apache-mod_proxy_ajp~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_ssl\", rpm:\"apache-mod_ssl~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_userdir\", rpm:\"apache-mod_userdir~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-modules\", rpm:\"apache-modules~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-prefork\", rpm:\"apache-mpm-prefork~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-worker\", rpm:\"apache-mpm-worker~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-source\", rpm:\"apache-source~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache\", rpm:\"apache~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:29:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3304", "CVE-2006-5752", "CVE-2007-1863"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-499-1", "modified": "2017-12-01T00:00:00", "published": "2009-03-23T00:00:00", "id": "OPENVAS:840092", "href": "http://plugins.openvas.org/nasl.php?oid=840092", "type": "openvas", "title": "Ubuntu Update for apache2 vulnerabilities USN-499-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_499_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for apache2 vulnerabilities USN-499-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Stefan Esser discovered that mod_status did not force a character set,\n which could result in browsers becoming vulnerable to XSS attacks when\n processing the output. If a user were tricked into viewing server\n status output during a crafted server request, a remote attacker could\n exploit this to modify the contents, or steal confidential data (such as\n passwords), within the same domain. By default, mod_status is disabled\n in Ubuntu. (CVE-2006-5752)\n\n Niklas Edmundsson discovered that the mod_cache module could be made to\n crash using a specially crafted request. A remote user could use this\n to cause a denial of service if Apache was configured to use a threaded\n worker. By default, mod_cache is disabled in Ubuntu. (CVE-2007-1863)\n \n A flaw was discovered in the signal handling of Apache. A local\n attacker could trick Apache into sending SIGUSR1 to other processes.\n The vulnerable code was only present in Ubuntu Feisty. (CVE-2007-3304)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-499-1\";\ntag_affected = \"apache2 vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 6.10 ,\n Ubuntu 7.04\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-499-1/\");\n script_id(840092);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:55:18 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"USN\", value: \"499-1\");\n script_cve_id(\"CVE-2006-5752\", \"CVE-2007-1863\", \"CVE-2007-3304\");\n script_name( \"Ubuntu Update for apache2 vulnerabilities USN-499-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU7.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.3-3.2ubuntu0.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.3-3.2ubuntu0.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.3-3.2ubuntu0.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.3-3.2ubuntu0.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.3-3.2ubuntu0.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.3-3.2ubuntu0.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.3-3.2ubuntu0.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.3-3.2ubuntu0.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-perchild\", ver:\"2.2.3-3.2ubuntu0.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-src\", ver:\"2.2.3-3.2ubuntu0.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.3-3.2ubuntu0.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2-common\", ver:\"2.0.55-4ubuntu2.2\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-perchild\", ver:\"2.0.55-4ubuntu2.2\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.0.55-4ubuntu2.2\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.0.55-4ubuntu2.2\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.0.55-4ubuntu2.2\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.0.55-4ubuntu2.2\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.0.55-4ubuntu2.2\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.0.55-4ubuntu2.2\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapr0-dev\", ver:\"2.0.55-4ubuntu2.2\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapr0\", ver:\"2.0.55-4ubuntu2.2\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.0.55-4ubuntu2.2\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2-common\", ver:\"2.0.55-4ubuntu4.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-perchild\", ver:\"2.0.55-4ubuntu4.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.0.55-4ubuntu4.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.0.55-4ubuntu4.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.0.55-4ubuntu4.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.0.55-4ubuntu4.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.0.55-4ubuntu4.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.0.55-4ubuntu4.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapr0-dev\", ver:\"2.0.55-4ubuntu4.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapr0\", ver:\"2.0.55-4ubuntu4.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.0.55-4ubuntu4.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3304", "CVE-2006-5752", "CVE-2007-1863"], "description": "Oracle Linux Local Security Checks ELSA-2007-0556", "modified": "2018-09-28T00:00:00", "published": "2015-10-08T00:00:00", "id": "OPENVAS:1361412562310122688", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122688", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2007-0556", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2007-0556.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122688\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:51:08 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2007-0556\");\n script_tag(name:\"insight\", value:\"ELSA-2007-0556 - Moderate: httpd security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2007-0556\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2007-0556.html\");\n script_cve_id(\"CVE-2006-5752\", \"CVE-2007-1863\", \"CVE-2007-3304\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.3~7.el5.0.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.3~7.el5.0.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.3~7.el5.0.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.3~7.el5.0.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:56:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3304", "CVE-2006-5752", "CVE-2007-1863"], "description": "Check for the Version of apache", "modified": "2017-07-06T00:00:00", "published": "2009-04-09T00:00:00", "id": "OPENVAS:830294", "href": "http://plugins.openvas.org/nasl.php?oid=830294", "type": "openvas", "title": "Mandriva Update for apache MDKSA-2007:140 (apache)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for apache MDKSA-2007:140 (apache)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability was discovered in the the Apache mod_status module\n that could lead to a cross-site scripting attack on sites where the\n server-status page was publicly accessible and ExtendedStatus was\n enabled (CVE-2006-5752).\n\n A vulnerability was found in the Apache mod_cache module that could\n cause the httpd server child process to crash if it was sent a\n carefully crafted request. This could lead to a denial of service\n if using a threaded MPM (CVE-2007-1863).\n \n The Apache server also did not verify that a process was an Apache\n child process before sending it signals. A local attacker with the\n ability to run scripts on the server could manipulate the scoreboard\n and cause arbitrary processes to be terminated (CVE-2007-3304).\n \n Updated packages have been patched to prevent the above issues.\";\n\ntag_affected = \"apache on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2007-07/msg00007.php\");\n script_id(830294);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 13:57:01 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDKSA\", value: \"2007:140\");\n script_cve_id(\"CVE-2006-5752\", \"CVE-2007-1863\", \"CVE-2007-3304\");\n script_name( \"Mandriva Update for apache MDKSA-2007:140 (apache)\");\n\n script_summary(\"Check for the Version of apache\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-base\", rpm:\"apache-base~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-htcacheclean\", rpm:\"apache-htcacheclean~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_authn_dbd\", rpm:\"apache-mod_authn_dbd~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_cache\", rpm:\"apache-mod_cache~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dav\", rpm:\"apache-mod_dav~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dbd\", rpm:\"apache-mod_dbd~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_deflate\", rpm:\"apache-mod_deflate~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_disk_cache\", rpm:\"apache-mod_disk_cache~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_file_cache\", rpm:\"apache-mod_file_cache~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_ldap\", rpm:\"apache-mod_ldap~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_mem_cache\", rpm:\"apache-mod_mem_cache~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_proxy\", rpm:\"apache-mod_proxy~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_proxy_ajp\", rpm:\"apache-mod_proxy_ajp~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_ssl\", rpm:\"apache-mod_ssl~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_userdir\", rpm:\"apache-mod_userdir~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-modules\", rpm:\"apache-modules~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-event\", rpm:\"apache-mpm-event~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-itk\", rpm:\"apache-mpm-itk~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-prefork\", rpm:\"apache-mpm-prefork~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-worker\", rpm:\"apache-mpm-worker~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-source\", rpm:\"apache-source~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache\", rpm:\"apache~2.2.4~6.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-base\", rpm:\"apache-base~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-htcacheclean\", rpm:\"apache-htcacheclean~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_authn_dbd\", rpm:\"apache-mod_authn_dbd~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_cache\", rpm:\"apache-mod_cache~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dav\", rpm:\"apache-mod_dav~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dbd\", rpm:\"apache-mod_dbd~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_deflate\", rpm:\"apache-mod_deflate~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_disk_cache\", rpm:\"apache-mod_disk_cache~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_file_cache\", rpm:\"apache-mod_file_cache~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_ldap\", rpm:\"apache-mod_ldap~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_mem_cache\", rpm:\"apache-mod_mem_cache~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_proxy\", rpm:\"apache-mod_proxy~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_proxy_ajp\", rpm:\"apache-mod_proxy_ajp~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_ssl\", rpm:\"apache-mod_ssl~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_userdir\", rpm:\"apache-mod_userdir~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-modules\", rpm:\"apache-modules~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-prefork\", rpm:\"apache-mpm-prefork~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-worker\", rpm:\"apache-mpm-worker~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-source\", rpm:\"apache-source~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache\", rpm:\"apache~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3304", "CVE-2006-5752", "CVE-2007-3847", "CVE-2007-1863"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-15T00:00:00", "published": "2008-09-04T00:00:00", "id": "OPENVAS:58804", "href": "http://plugins.openvas.org/nasl.php?oid=58804", "type": "openvas", "title": "FreeBSD Ports: apache", "sourceData": "#\n#VID c115271d-602b-11dc-898c-001921ab2fa4\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: apache\n\n=====\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\";\nif(description)\n{\n script_id(58804);\n script_version(\"$Revision: 4075 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-15 15:13:05 +0200 (Thu, 15 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2007-3847\", \"CVE-2007-1863\", \"CVE-2006-5752\", \"CVE-2007-3304\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"FreeBSD Ports: apache\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"apache\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.2.0\")>0 && revcomp(a:bver, b:\"2.2.6\")<0) {\n txt += 'Package apache version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"2.0.0\")>0 && revcomp(a:bver, b:\"2.0.61\")<0) {\n txt += 'Package apache version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:57:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3304", "CVE-2006-5752", "CVE-2007-1862", "CVE-2007-1863"], "description": "Check for the Version of httpd", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:861246", "href": "http://plugins.openvas.org/nasl.php?oid=861246", "type": "openvas", "title": "Fedora Update for httpd FEDORA-2007-615", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for httpd FEDORA-2007-615\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"httpd on Fedora Core 6\";\ntag_insight = \"The Apache HTTP Server is a powerful, efficient, and extensible\n web server.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-July/msg00254.html\");\n script_id(861246);\n script_version(\"$Revision: 6622 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 07:52:50 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:31:39 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2007-615\");\n script_cve_id(\"CVE-2007-3304\", \"CVE-2006-5752\", \"CVE-2007-1863\", \"CVE-2007-1862\");\n script_name( \"Fedora Update for httpd FEDORA-2007-615\");\n\n script_summary(\"Check for the Version of httpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora_core\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC6\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.4~2.1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/httpd\", rpm:\"x86_64/httpd~2.2.4~2.1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mod_ssl\", rpm:\"x86_64/mod_ssl~2.2.4~2.1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/httpd-manual\", rpm:\"x86_64/httpd-manual~2.2.4~2.1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/httpd-devel\", rpm:\"x86_64/httpd-devel~2.2.4~2.1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/debug/httpd-debuginfo\", rpm:\"x86_64/debug/httpd-debuginfo~2.2.4~2.1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/debug/httpd-debuginfo\", rpm:\"i386/debug/httpd-debuginfo~2.2.4~2.1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/httpd-devel\", rpm:\"i386/httpd-devel~2.2.4~2.1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/httpd-manual\", rpm:\"i386/httpd-manual~2.2.4~2.1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mod_ssl\", rpm:\"i386/mod_ssl~2.2.4~2.1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/httpd\", rpm:\"i386/httpd~2.2.4~2.1.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-25T10:57:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3304", "CVE-2006-5752", "CVE-2007-1862", "CVE-2007-1863"], "description": "Check for the Version of httpd", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:861373", "href": "http://plugins.openvas.org/nasl.php?oid=861373", "type": "openvas", "title": "Fedora Update for httpd FEDORA-2007-0704", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for httpd FEDORA-2007-0704\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"httpd on Fedora 7\";\ntag_insight = \"The Apache HTTP Server is a powerful, efficient, and extensible\n web server.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-June/msg00553.html\");\n script_id(861373);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:31:39 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2007-0704\");\n script_cve_id(\"CVE-2007-3304\", \"CVE-2006-5752\", \"CVE-2007-1863\", \"CVE-2007-1862\");\n script_name( \"Fedora Update for httpd FEDORA-2007-0704\");\n\n script_summary(\"Check for the Version of httpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.4~4.1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.4~4.1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.4~4.1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.2.4~4.1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.4~4.1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.4~4.1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.4~4.1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.4~4.1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.4~4.1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.4~4.1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.2.4~4.1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-25T10:56:32", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3304", "CVE-2006-3747", "CVE-2006-5752", "CVE-2007-1863"], "description": "Check for the Version of httpd", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:861325", "href": "http://plugins.openvas.org/nasl.php?oid=861325", "type": "openvas", "title": "Fedora Update for httpd FEDORA-2007-617", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for httpd FEDORA-2007-617\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"httpd on Fedora Core 5\";\ntag_insight = \"The Apache HTTP Server is a powerful, efficient, and extensible\n web server.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-July/msg00042.html\");\n script_id(861325);\n script_version(\"$Revision: 6622 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 07:52:50 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:31:39 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2007-617\");\n script_cve_id(\"CVE-2007-3304\", \"CVE-2006-5752\", \"CVE-2007-1863\", \"CVE-2006-3747\");\n script_name( \"Fedora Update for httpd FEDORA-2007-617\");\n\n script_summary(\"Check for the Version of httpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora_core\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC5\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.2~1.3\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/httpd-devel\", rpm:\"x86_64/httpd-devel~2.2.2~1.3\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/debug/httpd-debuginfo\", rpm:\"x86_64/debug/httpd-debuginfo~2.2.2~1.3\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mod_ssl\", rpm:\"x86_64/mod_ssl~2.2.2~1.3\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/httpd-manual\", rpm:\"x86_64/httpd-manual~2.2.2~1.3\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/httpd\", rpm:\"x86_64/httpd~2.2.2~1.3\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/httpd-manual\", rpm:\"i386/httpd-manual~2.2.2~1.3\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/httpd\", rpm:\"i386/httpd~2.2.2~1.3\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/debug/httpd-debuginfo\", rpm:\"i386/debug/httpd-debuginfo~2.2.2~1.3\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/httpd-devel\", rpm:\"i386/httpd-devel~2.2.2~1.3\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mod_ssl\", rpm:\"i386/mod_ssl~2.2.2~1.3\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-12T11:20:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4465", "CVE-2007-3304", "CVE-2006-5752", "CVE-2007-3847", "CVE-2007-1863"], "description": "Check for the Version of apache2", "modified": "2017-12-08T00:00:00", "published": "2009-01-28T00:00:00", "id": "OPENVAS:850088", "href": "http://plugins.openvas.org/nasl.php?oid=850088", "type": "openvas", "title": "SuSE Update for apache2 SUSE-SA:2007:061", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2007_061.nasl 8050 2017-12-08 09:34:29Z santu $\n#\n# SuSE Update for apache2 SUSE-SA:2007:061\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several bugs were fixed in the Apache2 web server.\n\n The update includes fixes for the following security issues:\n\n - CVE-2006-5752: mod_status: Fix a possible XSS\n attack against a site with a public server-status page and\n ExtendedStatus enabled, for browsers which perform charset\n "detection".\n\n - CVE-2007-1863: mod_cache: Prevent a segmentation fault if attributes\n are listed in a Cache-Control header without any value.\n\n - CVE-2007-3304: prefork, worker, event MPMs:\n Ensure that the parent process cannot be forced to kill processes\n outside its process group.\n\n - CVE-2007-3847: mod_proxy: Prevent reading past the end of a buffer\n when parsing date-related headers. PR 41144.\n\n - CVE-2007-4465: mod_autoindex: Add in ContentType and Charset options\n to IndexOptions directive. This allows the admin to explicitly set\n the Content-Type and Charset of the generated page.\n\n and the following non-security issues:\n\n - get_module_list: replace loadmodule.conf atomically\n - Fixed broken SSLVerifyClient directive handling when global none\n and location required is configured\n (httpd-2.0.x-bnc-309234-ssl-renegotiation.patch)\n - Use File::Temp to create good tmpdir in logresolve.pl2\n (httpd-2.x.x-logresolve.patch)\";\n\ntag_impact = \"remote denial of service\";\ntag_affected = \"apache2 on SUSE LINUX 10.1, openSUSE 10.2, openSUSE 10.3, SUSE SLES 9, Novell Linux Desktop 9 SDK, Novell Linux Desktop 9, Open Enterprise Server, Novell Linux POS 9, SLE SDK 10 SP1, SUSE Linux Enterprise Server 10 SP1\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850088);\n script_version(\"$Revision: 8050 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 10:34:29 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-28 13:40:10 +0100 (Wed, 28 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"SUSE-SA\", value: \"2007-061\");\n script_cve_id(\"CVE-2006-5752\", \"CVE-2007-1863\", \"CVE-2007-3304\", \"CVE-2007-3847\", \"CVE-2007-4465\");\n script_name( \"SuSE Update for apache2 SUSE-SA:2007:061\");\n\n script_summary(\"Check for the Version of apache2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE10.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.4~70.2\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.4~70.2\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.4~70.2\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.4~70.2\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.4~70.2\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-utils\", rpm:\"apache2-utils~2.2.4~70.2\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.4~70.2\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"openSUSE10.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.3~22\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.3~22\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.3~22\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.3~22\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.3~22\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.3~22\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"NLDk9\")\n{\n\n if ((res = isrpmvuln(pkg:\"libapr0\", rpm:\"libapr0~2.0.59~1.4\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.0.59~1.4\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.0.59~1.4\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.0.59~1.4\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.0.59~1.4\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.0.59~1.4\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.0.59~1.4\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"OES\")\n{\n\n if ((res = isrpmvuln(pkg:\"libapr0\", rpm:\"libapr0~2.0.59~1.4\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.0.59~1.4\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.0.59~1.4\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.0.59~1.4\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.0.59~1.4\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.0.59~1.4\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.0.59~1.4\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLES9\")\n{\n\n if ((res = isrpmvuln(pkg:\"libapr0\", rpm:\"libapr0~2.0.59~1.4\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.0.59~1.4\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.0.59~1.4\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.0.59~1.4\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.0.59~1.4\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.0.59~1.4\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.0.59~1.4\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"NLDk9SDK\")\n{\n\n if ((res = isrpmvuln(pkg:\"libapr0\", rpm:\"libapr0~2.0.59~1.4\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.0.59~1.4\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.0.59~1.4\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.0.59~1.4\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.0.59~1.4\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.0.59~1.4\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.0.59~1.4\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"LES10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.3~16.15\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.3~16.15\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.3~16.15\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.3~16.15\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.3~16.15\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.3~16.15\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLESDK10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.3~16.15\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.3~16.15\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.3~16.15\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.3~16.15\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.3~16.15\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.3~16.15\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SL10.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.3~16.15\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.3~16.15\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.3~16.15\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.3~16.15\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.3~16.15\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.3~16.15\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"NLPOS9\")\n{\n\n if ((res = isrpmvuln(pkg:\"libapr0\", rpm:\"libapr0~2.0.59~1.4\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.0.59~1.4\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.0.59~1.4\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.0.59~1.4\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.0.59~1.4\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.0.59~1.4\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.0.59~1.4\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:55:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4465", "CVE-2007-3304", "CVE-2006-5752", "CVE-2007-3847", "CVE-2007-1863"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2-doc\n apache2\n apache2-prefork\n apache2-worker\n apache2-devel\n apache2-example-pages\n libapr0\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5012664 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:65113", "href": "http://plugins.openvas.org/nasl.php?oid=65113", "type": "openvas", "title": "SLES9: Security update for apache2", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5012664.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for apache2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2-doc\n apache2\n apache2-prefork\n apache2-worker\n apache2-devel\n apache2-example-pages\n libapr0\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5012664 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65113);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2006-5752\", \"CVE-2007-1863\", \"CVE-2007-3304\", \"CVE-2007-3847\", \"CVE-2007-4465\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"SLES9: Security update for apache2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.0.59~1.4\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-01T04:56:03", "description": "Updated Apache httpd packages that correct three security issues are\nnow available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nThe Apache HTTP Server did not verify that a process was an Apache\nchild process before sending it signals. A local attacker with the\nability to run scripts on the Apache HTTP Server could manipulate the\nscoreboard and cause arbitrary processes to be terminated which could\nlead to a denial of service (CVE-2007-3304). This issue is not\nexploitable on Red Hat Enterprise Linux 5 if using the default SELinux\ntargeted policy.\n\nA flaw was found in the Apache HTTP Server mod_status module. On sites\nwhere the server-status page is publicly accessible and ExtendedStatus\nis enabled this could lead to a cross-site scripting attack. On Red\nHat Enterprise Linux the server-status page is not enabled by default\nand it is best practice to not make this publicly available.\n(CVE-2006-5752)\n\nA bug was found in the Apache HTTP Server mod_cache module. On sites\nwhere caching is enabled, a remote attacker could send a carefully\ncrafted request that would cause the Apache child process handling\nthat request to crash. This could lead to a denial of service if using\na threaded Multi-Processing Module. (CVE-2007-1863)\n\nUsers of httpd should upgrade to these updated packages, which contain\nbackported patches to correct these issues. Users should restart\nApache after installing this update.", "edition": 26, "published": "2007-06-27T00:00:00", "title": "RHEL 5 : httpd (RHSA-2007:0556)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3304", "CVE-2006-5752", "CVE-2007-1863"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:mod_ssl", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:httpd", "p-cpe:/a:redhat:enterprise_linux:httpd-manual", "p-cpe:/a:redhat:enterprise_linux:httpd-devel"], "id": "REDHAT-RHSA-2007-0556.NASL", "href": "https://www.tenable.com/plugins/nessus/25610", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:0556. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(25610);\n script_version (\"1.25\");\n script_cvs_date(\"Date: 2019/10/25 13:36:12\");\n\n script_cve_id(\"CVE-2006-5752\", \"CVE-2007-1863\", \"CVE-2007-3304\");\n script_bugtraq_id(24215, 24645, 24649);\n script_xref(name:\"RHSA\", value:\"2007:0556\");\n\n script_name(english:\"RHEL 5 : httpd (RHSA-2007:0556)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated Apache httpd packages that correct three security issues are\nnow available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nThe Apache HTTP Server did not verify that a process was an Apache\nchild process before sending it signals. A local attacker with the\nability to run scripts on the Apache HTTP Server could manipulate the\nscoreboard and cause arbitrary processes to be terminated which could\nlead to a denial of service (CVE-2007-3304). This issue is not\nexploitable on Red Hat Enterprise Linux 5 if using the default SELinux\ntargeted policy.\n\nA flaw was found in the Apache HTTP Server mod_status module. On sites\nwhere the server-status page is publicly accessible and ExtendedStatus\nis enabled this could lead to a cross-site scripting attack. On Red\nHat Enterprise Linux the server-status page is not enabled by default\nand it is best practice to not make this publicly available.\n(CVE-2006-5752)\n\nA bug was found in the Apache HTTP Server mod_cache module. On sites\nwhere caching is enabled, a remote attacker could send a carefully\ncrafted request that would cause the Apache child process handling\nthat request to crash. This could lead to a denial of service if using\na threaded Multi-Processing Module. (CVE-2007-1863)\n\nUsers of httpd should upgrade to these updated packages, which contain\nbackported patches to correct these issues. Users should restart\nApache after installing this update.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-5752\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-1863\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3304\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2007:0556\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/06/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/06/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2007:0556\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"httpd-2.2.3-7.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"httpd-2.2.3-7.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"httpd-2.2.3-7.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"httpd-devel-2.2.3-7.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"httpd-manual-2.2.3-7.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"httpd-manual-2.2.3-7.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"httpd-manual-2.2.3-7.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"mod_ssl-2.2.3-7.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"mod_ssl-2.2.3-7.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"mod_ssl-2.2.3-7.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / httpd-manual / mod_ssl\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T05:32:47", "description": "The Apache HTTP Server did not verify that a process was an Apache\nchild process before sending it signals. A local attacker with the\nability to run scripts on the Apache HTTP Server could manipulate the\nscoreboard and cause arbitrary processes to be terminated which could\nlead to a denial of service (CVE-2007-3304). This issue is not\nexploitable on Scientific Linux 5 if using the default SELinux\ntargeted policy.\n\nA flaw was found in the Apache HTTP Server mod_status module. On sites\nwhere the server-status page is publicly accessible and ExtendedStatus\nis enabled this could lead to a cross-site scripting attack. On\nScientific Linux the server-status page is not enabled by default and\nit is best practice to not make this publicly available.\n(CVE-2006-5752)\n\nA bug was found in the Apache HTTP Server mod_cache module. On sites\nwhere caching is enabled, a remote attacker could send a carefully\ncrafted request that would cause the Apache child process handling\nthat request to crash. This could lead to a denial of service if using\na threaded Multi-Processing Module. (CVE-2007-1863)", "edition": 23, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : httpd on SL5.x, SL4.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3304", "CVE-2006-5752", "CVE-2007-1863"], "modified": "2021-01-02T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20070626_HTTPD_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60217", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60217);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/10/25 13:36:17\");\n\n script_cve_id(\"CVE-2006-5752\", \"CVE-2007-1863\", \"CVE-2007-3304\");\n\n script_name(english:\"Scientific Linux Security Update : httpd on SL5.x, SL4.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Apache HTTP Server did not verify that a process was an Apache\nchild process before sending it signals. A local attacker with the\nability to run scripts on the Apache HTTP Server could manipulate the\nscoreboard and cause arbitrary processes to be terminated which could\nlead to a denial of service (CVE-2007-3304). This issue is not\nexploitable on Scientific Linux 5 if using the default SELinux\ntargeted policy.\n\nA flaw was found in the Apache HTTP Server mod_status module. On sites\nwhere the server-status page is publicly accessible and ExtendedStatus\nis enabled this could lead to a cross-site scripting attack. On\nScientific Linux the server-status page is not enabled by default and\nit is best practice to not make this publicly available.\n(CVE-2006-5752)\n\nA bug was found in the Apache HTTP Server mod_cache module. On sites\nwhere caching is enabled, a remote attacker could send a carefully\ncrafted request that would cause the Apache child process handling\nthat request to crash. This could lead to a denial of service if using\na threaded Multi-Processing Module. (CVE-2007-1863)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0706&L=scientific-linux-errata&T=0&P=4157\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fad32c32\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"httpd-2.0.52-32.2.sl4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"httpd-devel-2.0.52-32.2.sl4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"httpd-manual-2.0.52-32.2.sl4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"httpd-suexec-2.0.52-32.2.sl4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"mod_ssl-2.0.52-32.2.sl4\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"httpd-2.2.3-7.sl5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"httpd-devel-2.2.3-7.sl5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"httpd-manual-2.2.3-7.sl5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"mod_ssl-2.2.3-7.sl5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T04:35:20", "description": "From Red Hat Security Advisory 2007:0556 :\n\nUpdated Apache httpd packages that correct three security issues are\nnow available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nThe Apache HTTP Server did not verify that a process was an Apache\nchild process before sending it signals. A local attacker with the\nability to run scripts on the Apache HTTP Server could manipulate the\nscoreboard and cause arbitrary processes to be terminated which could\nlead to a denial of service (CVE-2007-3304). This issue is not\nexploitable on Red Hat Enterprise Linux 5 if using the default SELinux\ntargeted policy.\n\nA flaw was found in the Apache HTTP Server mod_status module. On sites\nwhere the server-status page is publicly accessible and ExtendedStatus\nis enabled this could lead to a cross-site scripting attack. On Red\nHat Enterprise Linux the server-status page is not enabled by default\nand it is best practice to not make this publicly available.\n(CVE-2006-5752)\n\nA bug was found in the Apache HTTP Server mod_cache module. On sites\nwhere caching is enabled, a remote attacker could send a carefully\ncrafted request that would cause the Apache child process handling\nthat request to crash. This could lead to a denial of service if using\na threaded Multi-Processing Module. (CVE-2007-1863)\n\nUsers of httpd should upgrade to these updated packages, which contain\nbackported patches to correct these issues. Users should restart\nApache after installing this update.", "edition": 23, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 : httpd (ELSA-2007-0556)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3304", "CVE-2006-5752", "CVE-2007-1863"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:httpd-devel", "p-cpe:/a:oracle:linux:httpd", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:mod_ssl", "p-cpe:/a:oracle:linux:httpd-manual"], "id": "ORACLELINUX_ELSA-2007-0556.NASL", "href": "https://www.tenable.com/plugins/nessus/67533", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2007:0556 and \n# Oracle Linux Security Advisory ELSA-2007-0556 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67533);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/10/25 13:36:07\");\n\n script_cve_id(\"CVE-2006-5752\", \"CVE-2007-1863\", \"CVE-2007-3304\");\n script_bugtraq_id(24215, 24645, 24649);\n script_xref(name:\"RHSA\", value:\"2007:0556\");\n\n script_name(english:\"Oracle Linux 5 : httpd (ELSA-2007-0556)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2007:0556 :\n\nUpdated Apache httpd packages that correct three security issues are\nnow available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nThe Apache HTTP Server did not verify that a process was an Apache\nchild process before sending it signals. A local attacker with the\nability to run scripts on the Apache HTTP Server could manipulate the\nscoreboard and cause arbitrary processes to be terminated which could\nlead to a denial of service (CVE-2007-3304). This issue is not\nexploitable on Red Hat Enterprise Linux 5 if using the default SELinux\ntargeted policy.\n\nA flaw was found in the Apache HTTP Server mod_status module. On sites\nwhere the server-status page is publicly accessible and ExtendedStatus\nis enabled this could lead to a cross-site scripting attack. On Red\nHat Enterprise Linux the server-status page is not enabled by default\nand it is best practice to not make this publicly available.\n(CVE-2006-5752)\n\nA bug was found in the Apache HTTP Server mod_cache module. On sites\nwhere caching is enabled, a remote attacker could send a carefully\ncrafted request that would cause the Apache child process handling\nthat request to crash. This could lead to a denial of service if using\na threaded Multi-Processing Module. (CVE-2007-1863)\n\nUsers of httpd should upgrade to these updated packages, which contain\nbackported patches to correct these issues. Users should restart\nApache after installing this update.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2007-June/000250.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected httpd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/06/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"httpd-2.2.3-7.el5.0.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"httpd-devel-2.2.3-7.el5.0.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"httpd-manual-2.2.3-7.el5.0.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"mod_ssl-2.2.3-7.el5.0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / httpd-manual / mod_ssl\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:06:15", "description": "The Apache HTTP Server did not verify that a process was an Apache\nchild process before sending it signals. A local attacker with the\nability to run scripts on the Apache HTTP Server could manipulate the\nscoreboard and cause arbitrary processes to be terminated which could\nlead to a denial of service (CVE-2007-3304). This issue is not\nexploitable on Fedora if using the default SELinux targeted policy.\n\nA flaw was found in the Apache HTTP Server mod_status module. On sites\nwhere the server-status page is publicly accessible and ExtendedStatus\nis enabled this could lead to a cross-site scripting attack. On Fedora\nthe server-status page is not enabled by default and it is best\npractice to not make this publicly available. (CVE-2006-5752)\n\nA bug was found in the Apache HTTP Server mod_cache module. On sites\nwhere caching is enabled, a remote attacker could send a carefully\ncrafted request that would cause the Apache child process handling\nthat request to crash. This could lead to a denial of service if using\na threaded Multi-Processing Module. (CVE-2007-1863)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 21, "published": "2007-07-03T00:00:00", "title": "Fedora Core 5 : httpd-2.2.2-1.3 (2007-617)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3304", "CVE-2006-5752", "CVE-2007-1863"], "modified": "2007-07-03T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:httpd", "p-cpe:/a:fedoraproject:fedora:httpd-devel", "p-cpe:/a:fedoraproject:fedora:httpd-manual", "cpe:/o:fedoraproject:fedora_core:5", "p-cpe:/a:fedoraproject:fedora:httpd-debuginfo", "p-cpe:/a:fedoraproject:fedora:mod_ssl"], "id": "FEDORA_2007-617.NASL", "href": "https://www.tenable.com/plugins/nessus/25659", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2007-617.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25659);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_xref(name:\"FEDORA\", value:\"2007-617\");\n\n script_name(english:\"Fedora Core 5 : httpd-2.2.2-1.3 (2007-617)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Apache HTTP Server did not verify that a process was an Apache\nchild process before sending it signals. A local attacker with the\nability to run scripts on the Apache HTTP Server could manipulate the\nscoreboard and cause arbitrary processes to be terminated which could\nlead to a denial of service (CVE-2007-3304). This issue is not\nexploitable on Fedora if using the default SELinux targeted policy.\n\nA flaw was found in the Apache HTTP Server mod_status module. On sites\nwhere the server-status page is publicly accessible and ExtendedStatus\nis enabled this could lead to a cross-site scripting attack. On Fedora\nthe server-status page is not enabled by default and it is best\npractice to not make this publicly available. (CVE-2006-5752)\n\nA bug was found in the Apache HTTP Server mod_cache module. On sites\nwhere caching is enabled, a remote attacker could send a carefully\ncrafted request that would cause the Apache child process handling\nthat request to crash. This could lead to a denial of service if using\na threaded Multi-Processing Module. (CVE-2007-1863)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-July/002498.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a50b800f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/07/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 5.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC5\", reference:\"httpd-2.2.2-1.3\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"httpd-debuginfo-2.2.2-1.3\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"httpd-devel-2.2.2-1.3\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"httpd-manual-2.2.2-1.3\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"mod_ssl-2.2.2-1.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-debuginfo / httpd-devel / httpd-manual / mod_ssl\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T06:56:29", "description": "Stefan Esser discovered that mod_status did not force a character set,\nwhich could result in browsers becoming vulnerable to XSS attacks when\nprocessing the output. If a user were tricked into viewing server\nstatus output during a crafted server request, a remote attacker could\nexploit this to modify the contents, or steal confidential data (such\nas passwords), within the same domain. By default, mod_status is\ndisabled in Ubuntu. (CVE-2006-5752)\n\nNiklas Edmundsson discovered that the mod_cache module could be made\nto crash using a specially crafted request. A remote user could use\nthis to cause a denial of service if Apache was configured to use a\nthreaded worker. By default, mod_cache is disabled in Ubuntu.\n(CVE-2007-1863)\n\nA flaw was discovered in the signal handling of Apache. A local\nattacker could trick Apache into sending SIGUSR1 to other processes.\nThe vulnerable code was only present in Ubuntu Feisty. (CVE-2007-3304).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2007-11-10T00:00:00", "title": "Ubuntu 6.06 LTS / 6.10 / 7.04 : apache2 vulnerabilities (USN-499-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3303", "CVE-2007-3304", "CVE-2006-5752", "CVE-2007-1863"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:apache2-src", "p-cpe:/a:canonical:ubuntu_linux:apache2-prefork-dev", "p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-event", "p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-perchild", "cpe:/o:canonical:ubuntu_linux:6.10", "p-cpe:/a:canonical:ubuntu_linux:libapr0", "p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-prefork", "p-cpe:/a:canonical:ubuntu_linux:libapr0-dev", "p-cpe:/a:canonical:ubuntu_linux:apache2", "p-cpe:/a:canonical:ubuntu_linux:apache2.2-common", "p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-worker", "p-cpe:/a:canonical:ubuntu_linux:apache2-threaded-dev", "p-cpe:/a:canonical:ubuntu_linux:apache2-doc", "p-cpe:/a:canonical:ubuntu_linux:apache2-common", "p-cpe:/a:canonical:ubuntu_linux:apache2-utils", "cpe:/o:canonical:ubuntu_linux:7.04", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-499-1.NASL", "href": "https://www.tenable.com/plugins/nessus/28102", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-499-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(28102);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2019/08/02 13:33:01\");\n\n script_cve_id(\"CVE-2006-5752\", \"CVE-2007-1863\", \"CVE-2007-3303\", \"CVE-2007-3304\");\n script_xref(name:\"USN\", value:\"499-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 6.10 / 7.04 : apache2 vulnerabilities (USN-499-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Stefan Esser discovered that mod_status did not force a character set,\nwhich could result in browsers becoming vulnerable to XSS attacks when\nprocessing the output. If a user were tricked into viewing server\nstatus output during a crafted server request, a remote attacker could\nexploit this to modify the contents, or steal confidential data (such\nas passwords), within the same domain. By default, mod_status is\ndisabled in Ubuntu. (CVE-2006-5752)\n\nNiklas Edmundsson discovered that the mod_cache module could be made\nto crash using a specially crafted request. A remote user could use\nthis to cause a denial of service if Apache was configured to use a\nthreaded worker. By default, mod_cache is disabled in Ubuntu.\n(CVE-2007-1863)\n\nA flaw was discovered in the signal handling of Apache. A local\nattacker could trick Apache into sending SIGUSR1 to other processes.\nThe vulnerable code was only present in Ubuntu Feisty. (CVE-2007-3304).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/499-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-event\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-perchild\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-prefork-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-threaded-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2.2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapr0-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|6\\.10|7\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 6.10 / 7.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2\", pkgver:\"2.0.55-4ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-common\", pkgver:\"2.0.55-4ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-doc\", pkgver:\"2.0.55-4ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-mpm-perchild\", pkgver:\"2.0.55-4ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-mpm-prefork\", pkgver:\"2.0.55-4ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-mpm-worker\", pkgver:\"2.0.55-4ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-prefork-dev\", pkgver:\"2.0.55-4ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-threaded-dev\", pkgver:\"2.0.55-4ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-utils\", pkgver:\"2.0.55-4ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libapr0\", pkgver:\"2.0.55-4ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libapr0-dev\", pkgver:\"2.0.55-4ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"apache2\", pkgver:\"2.0.55-4ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"apache2-common\", pkgver:\"2.0.55-4ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"apache2-doc\", pkgver:\"2.0.55-4ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"apache2-mpm-perchild\", pkgver:\"2.0.55-4ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"apache2-mpm-prefork\", pkgver:\"2.0.55-4ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"apache2-mpm-worker\", pkgver:\"2.0.55-4ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"apache2-prefork-dev\", pkgver:\"2.0.55-4ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"apache2-threaded-dev\", pkgver:\"2.0.55-4ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"apache2-utils\", pkgver:\"2.0.55-4ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libapr0\", pkgver:\"2.0.55-4ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libapr0-dev\", pkgver:\"2.0.55-4ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"apache2\", pkgver:\"2.2.3-3.2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"apache2-doc\", pkgver:\"2.2.3-3.2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"apache2-mpm-event\", pkgver:\"2.2.3-3.2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"apache2-mpm-perchild\", pkgver:\"2.2.3-3.2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"apache2-mpm-prefork\", pkgver:\"2.2.3-3.2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"apache2-mpm-worker\", pkgver:\"2.2.3-3.2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"apache2-prefork-dev\", pkgver:\"2.2.3-3.2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"apache2-src\", pkgver:\"2.2.3-3.2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"apache2-threaded-dev\", pkgver:\"2.2.3-3.2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"apache2-utils\", pkgver:\"2.2.3-3.2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"apache2.2-common\", pkgver:\"2.2.3-3.2ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2 / apache2-common / apache2-doc / apache2-mpm-event / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T11:51:44", "description": "A vulnerability was discovered in the the Apache mod_status module\nthat could lead to a cross-site scripting attack on sites where the\nserver-status page was publically accessible and ExtendedStatus was\nenabled (CVE-2006-5752).\n\nA vulnerability was found in the Apache mod_cache module that could\ncause the httpd server child process to crash if it was sent a\ncarefully crafted request. This could lead to a denial of service if\nusing a threaded MPM (CVE-2007-1863).\n\nThe Apache server also did not verify that a process was an Apache\nchild process before sending it signals. A local attacker with the\nability to run scripts on the server could manipulate the scoreboard\nand cause arbitrary processes to be terminated (CVE-2007-3304).\n\nUpdated packages have been patched to prevent the above issues.", "edition": 24, "published": "2007-07-05T00:00:00", "title": "Mandrake Linux Security Advisory : apache (MDKSA-2007:140)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3303", "CVE-2007-3304", "CVE-2006-5752", "CVE-2007-1863"], "modified": "2007-07-05T00:00:00", "cpe": ["cpe:/o:mandriva:linux:2007", "p-cpe:/a:mandriva:linux:apache-mpm-worker", "p-cpe:/a:mandriva:linux:apache-mod_ssl", "p-cpe:/a:mandriva:linux:apache-mod_ldap", "p-cpe:/a:mandriva:linux:apache-mpm-event", "p-cpe:/a:mandriva:linux:apache-modules", "cpe:/o:mandriva:linux:2007.1", "p-cpe:/a:mandriva:linux:apache-htcacheclean", "p-cpe:/a:mandriva:linux:apache-devel", "p-cpe:/a:mandriva:linux:apache-mod_dav", "p-cpe:/a:mandriva:linux:apache-mod_dbd", "p-cpe:/a:mandriva:linux:apache-mod_mem_cache", "p-cpe:/a:mandriva:linux:apache-mod_proxy", "p-cpe:/a:mandriva:linux:apache-mod_file_cache", "p-cpe:/a:mandriva:linux:apache-mod_authn_dbd", "p-cpe:/a:mandriva:linux:apache-source", "p-cpe:/a:mandriva:linux:apache-base", "p-cpe:/a:mandriva:linux:apache-mod_deflate", "p-cpe:/a:mandriva:linux:apache-mod_proxy_ajp", "p-cpe:/a:mandriva:linux:apache-mod_disk_cache", "p-cpe:/a:mandriva:linux:apache-mpm-itk", "p-cpe:/a:mandriva:linux:apache-mpm-prefork", "p-cpe:/a:mandriva:linux:apache-mod_cache", "p-cpe:/a:mandriva:linux:apache-mod_userdir"], "id": "MANDRAKE_MDKSA-2007-140.NASL", "href": "https://www.tenable.com/plugins/nessus/25670", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2007:140. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25670);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-5752\", \"CVE-2007-1863\", \"CVE-2007-3303\", \"CVE-2007-3304\");\n script_bugtraq_id(24215, 24645, 24649);\n script_xref(name:\"MDKSA\", value:\"2007:140\");\n\n script_name(english:\"Mandrake Linux Security Advisory : apache (MDKSA-2007:140)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was discovered in the the Apache mod_status module\nthat could lead to a cross-site scripting attack on sites where the\nserver-status page was publically accessible and ExtendedStatus was\nenabled (CVE-2006-5752).\n\nA vulnerability was found in the Apache mod_cache module that could\ncause the httpd server child process to crash if it was sent a\ncarefully crafted request. This could lead to a denial of service if\nusing a threaded MPM (CVE-2007-1863).\n\nThe Apache server also did not verify that a process was an Apache\nchild process before sending it signals. A local attacker with the\nability to run scripts on the server could manipulate the scoreboard\nand cause arbitrary processes to be terminated (CVE-2007-3304).\n\nUpdated packages have been patched to prevent the above issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-htcacheclean\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_authn_dbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_dav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_dbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_deflate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_disk_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_file_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_mem_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_proxy_ajp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_userdir\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-event\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-itk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/07/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-base-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-devel-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-htcacheclean-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_authn_dbd-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_cache-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_dav-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_dbd-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_deflate-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_disk_cache-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_file_cache-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_ldap-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_mem_cache-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_proxy-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_ssl-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_userdir-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-modules-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mpm-prefork-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mpm-worker-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-source-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-base-2.2.4-6.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-devel-2.2.4-6.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-htcacheclean-2.2.4-6.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_authn_dbd-2.2.4-6.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_cache-2.2.4-6.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_dav-2.2.4-6.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_dbd-2.2.4-6.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_deflate-2.2.4-6.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_disk_cache-2.2.4-6.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_file_cache-2.2.4-6.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_ldap-2.2.4-6.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_mem_cache-2.2.4-6.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_proxy-2.2.4-6.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_ssl-2.2.4-6.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_userdir-2.2.4-6.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-modules-2.2.4-6.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mpm-event-2.2.4-6.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mpm-itk-2.2.4-6.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mpm-prefork-2.2.4-6.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mpm-worker-2.2.4-6.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-source-2.2.4-6.2mdv2007.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:06:15", "description": "The Apache HTTP Server did not verify that a process was an Apache\nchild process before sending it signals. A local attacker with the\nability to run scripts on the Apache HTTP Server could manipulate the\nscoreboard and cause arbitrary processes to be terminated which could\nlead to a denial of service (CVE-2007-3304). This issue is not\nexploitable on Fedora if using the default SELinux targeted policy.\n\nA flaw was found in the Apache HTTP Server mod_status module. On sites\nwhere the server-status page is publicly accessible and ExtendedStatus\nis enabled this could lead to a cross-site scripting attack. On Fedora\nthe server-status page is not enabled by default and it is best\npractice to not make this publicly available. (CVE-2006-5752)\n\nA bug was found in the Apache HTTP Server mod_cache module. On sites\nwhere caching is enabled, a remote attacker could send a carefully\ncrafted request that would cause the Apache child process handling\nthat request to crash. This could lead to a denial of service if using\na threaded Multi-Processing Module. (CVE-2007-1863)\n\nA bug was found in the mod_mem_cache module. On sites where caching is\nenabled using this module, an information leak could occur which\nrevealed portions of sensitive memory to remote users. (CVE-2007-1862)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 21, "published": "2007-07-18T00:00:00", "title": "Fedora Core 6 : httpd-2.2.4-2.1.fc6 (2007-615)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3304", "CVE-2006-5752", "CVE-2007-1862", "CVE-2007-1863"], "modified": "2007-07-18T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:httpd", "p-cpe:/a:fedoraproject:fedora:httpd-devel", "cpe:/o:fedoraproject:fedora_core:6", "p-cpe:/a:fedoraproject:fedora:httpd-manual", "p-cpe:/a:fedoraproject:fedora:httpd-debuginfo", "p-cpe:/a:fedoraproject:fedora:mod_ssl"], "id": "FEDORA_2007-615.NASL", "href": "https://www.tenable.com/plugins/nessus/25716", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2007-615.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25716);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_xref(name:\"FEDORA\", value:\"2007-615\");\n\n script_name(english:\"Fedora Core 6 : httpd-2.2.4-2.1.fc6 (2007-615)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Apache HTTP Server did not verify that a process was an Apache\nchild process before sending it signals. A local attacker with the\nability to run scripts on the Apache HTTP Server could manipulate the\nscoreboard and cause arbitrary processes to be terminated which could\nlead to a denial of service (CVE-2007-3304). This issue is not\nexploitable on Fedora if using the default SELinux targeted policy.\n\nA flaw was found in the Apache HTTP Server mod_status module. On sites\nwhere the server-status page is publicly accessible and ExtendedStatus\nis enabled this could lead to a cross-site scripting attack. On Fedora\nthe server-status page is not enabled by default and it is best\npractice to not make this publicly available. (CVE-2006-5752)\n\nA bug was found in the Apache HTTP Server mod_cache module. On sites\nwhere caching is enabled, a remote attacker could send a carefully\ncrafted request that would cause the Apache child process handling\nthat request to crash. This could lead to a denial of service if using\na threaded Multi-Processing Module. (CVE-2007-1863)\n\nA bug was found in the mod_mem_cache module. On sites where caching is\nenabled using this module, an information leak could occur which\nrevealed portions of sensitive memory to remote users. (CVE-2007-1862)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-July/002710.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ee493dcc\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/07/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 6.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC6\", reference:\"httpd-2.2.4-2.1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"httpd-debuginfo-2.2.4-2.1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"httpd-devel-2.2.4-2.1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"httpd-manual-2.2.4-2.1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"mod_ssl-2.2.4-2.1.fc6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-debuginfo / httpd-devel / httpd-manual / mod_ssl\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-12T10:06:02", "description": "The Apache HTTP Server did not verify that a process was an Apache\nchild process before sending it signals. A local attacker with the\nability to run scripts on the Apache HTTP Server could manipulate the\nscoreboard and cause arbitrary processes to be terminated which could\nlead to a denial of service (CVE-2007-3304). This issue is not\nexploitable on Fedora if using the default SELinux targeted policy.\n\nA flaw was found in the Apache HTTP Server mod_status module. On sites\nwhere the server-status page is publicly accessible and ExtendedStatus\nis enabled this could lead to a cross-site scripting attack. On Fedora\nthe server-status page is not enabled by default and it is best\npractice to not make this publicly available. (CVE-2006-5752)\n\nA bug was found in the Apache HTTP Server mod_cache module. On sites\nwhere caching is enabled, a remote attacker could send a carefully\ncrafted request that would cause the Apache child process handling\nthat request to crash. This could lead to a denial of service if using\na threaded Multi-Processing Module. (CVE-2007-1863)\n\nA bug was found in the mod_mem_cache module. On sites where caching is\nenabled using this module, an information leak could occur which\nrevealed portions of sensitive memory to remote users. (CVE-2007-1862)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2007-11-06T00:00:00", "title": "Fedora 7 : httpd-2.2.4-4.1.fc7 (2007-0704)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3304", "CVE-2006-5752", "CVE-2007-1862", "CVE-2007-1863"], "modified": "2007-11-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:httpd", "p-cpe:/a:fedoraproject:fedora:httpd-devel", "cpe:/o:fedoraproject:fedora:7", "p-cpe:/a:fedoraproject:fedora:httpd-manual", "p-cpe:/a:fedoraproject:fedora:httpd-debuginfo", "p-cpe:/a:fedoraproject:fedora:mod_ssl"], "id": "FEDORA_2007-0704.NASL", "href": "https://www.tenable.com/plugins/nessus/27675", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2007-0704.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27675);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2006-5752\", \"CVE-2007-1862\", \"CVE-2007-1863\", \"CVE-2007-3304\");\n script_xref(name:\"FEDORA\", value:\"2007-0704\");\n\n script_name(english:\"Fedora 7 : httpd-2.2.4-4.1.fc7 (2007-0704)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Apache HTTP Server did not verify that a process was an Apache\nchild process before sending it signals. A local attacker with the\nability to run scripts on the Apache HTTP Server could manipulate the\nscoreboard and cause arbitrary processes to be terminated which could\nlead to a denial of service (CVE-2007-3304). This issue is not\nexploitable on Fedora if using the default SELinux targeted policy.\n\nA flaw was found in the Apache HTTP Server mod_status module. On sites\nwhere the server-status page is publicly accessible and ExtendedStatus\nis enabled this could lead to a cross-site scripting attack. On Fedora\nthe server-status page is not enabled by default and it is best\npractice to not make this publicly available. (CVE-2006-5752)\n\nA bug was found in the Apache HTTP Server mod_cache module. On sites\nwhere caching is enabled, a remote attacker could send a carefully\ncrafted request that would cause the Apache child process handling\nthat request to crash. This could lead to a denial of service if using\na threaded Multi-Processing Module. (CVE-2007-1863)\n\nA bug was found in the mod_mem_cache module. On sites where caching is\nenabled using this module, an information leak could occur which\nrevealed portions of sensitive memory to remote users. (CVE-2007-1862)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-June/002337.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5c9b1211\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 7.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC7\", reference:\"httpd-2.2.4-4.1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"httpd-debuginfo-2.2.4-4.1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"httpd-devel-2.2.4-4.1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"httpd-manual-2.2.4-4.1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"mod_ssl-2.2.4-4.1.fc7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-debuginfo / httpd-devel / httpd-manual / mod_ssl\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-07T10:49:42", "description": "Apache HTTP server project reports :\n\nThe following potential security flaws are addressed :\n\n- CVE-2007-3847: mod_proxy: Prevent reading past the end of a buffer\nwhen parsing date-related headers.\n\n- CVE-2007-1863: mod_cache: Prevent a segmentation fault if attributes\nare listed in a Cache-Control header without any value.\n\n- CVE-2007-3304: prefork, worker, event MPMs: Ensure that the parent\nprocess cannot be forced to kill processes outside its process group.\n\n- CVE-2006-5752: mod_status: Fix a possible XSS attack against a site\nwith a public server-status page and ExtendedStatus enabled, for\nbrowsers which perform charset 'detection'. Reported by Stefan Esser.\n\n- CVE-2006-1862: mod_mem_cache: Copy headers into longer lived\nstorage; header names and values could previously point to cleaned up\nstorage.", "edition": 25, "published": "2007-09-14T00:00:00", "title": "FreeBSD : apache -- multiple vulnerabilities (c115271d-602b-11dc-898c-001921ab2fa4)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-1862", "CVE-2007-3304", "CVE-2006-5752", "CVE-2007-3847", "CVE-2007-1863"], "modified": "2007-09-14T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:apache"], "id": "FREEBSD_PKG_C115271D602B11DC898C001921AB2FA4.NASL", "href": "https://www.tenable.com/plugins/nessus/26039", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26039);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-5752\", \"CVE-2007-1863\", \"CVE-2007-3304\", \"CVE-2007-3847\");\n\n script_name(english:\"FreeBSD : apache -- multiple vulnerabilities (c115271d-602b-11dc-898c-001921ab2fa4)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Apache HTTP server project reports :\n\nThe following potential security flaws are addressed :\n\n- CVE-2007-3847: mod_proxy: Prevent reading past the end of a buffer\nwhen parsing date-related headers.\n\n- CVE-2007-1863: mod_cache: Prevent a segmentation fault if attributes\nare listed in a Cache-Control header without any value.\n\n- CVE-2007-3304: prefork, worker, event MPMs: Ensure that the parent\nprocess cannot be forced to kill processes outside its process group.\n\n- CVE-2006-5752: mod_status: Fix a possible XSS attack against a site\nwith a public server-status page and ExtendedStatus enabled, for\nbrowsers which perform charset 'detection'. Reported by Stefan Esser.\n\n- CVE-2006-1862: mod_mem_cache: Copy headers into longer lived\nstorage; header names and values could previously point to cleaned up\nstorage.\"\n );\n # https://vuxml.freebsd.org/freebsd/c115271d-602b-11dc-898c-001921ab2fa4.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a5a4a8e5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:apache\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"apache>2.2.0<2.2.6\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"apache>2.0.0<2.0.61\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T06:29:25", "description": "Several bugs were fixed in the Apache2 webserver :\n\nThese include the following security issues :\n\n - mod_status: Fix a possible XSS attack against a site\n with a public server-status page and ExtendedStatus\n enabled, for browsers which perform charset 'detection'.\n (CVE-2006-5752)\n\n - mod_cache: Prevent a segmentation fault if attributes\n are listed in a Cache-Control header without any value.\n (CVE-2007-1863)\n\n - prefork, worker, event MPMs: Ensure that the parent\n process cannot be forced to kill processes outside its\n process group. (CVE-2007-3304)\n\n - mod_proxy: Prevent reading past the end of a buffer when\n parsing date-related headers. PR 41144. (CVE-2007-3847)\n\n - mod_autoindex: Add in ContentType and Charset options to\n IndexOptions directive. This allows the admin to\n explicitly set the content-type and charset of the\n generated page. (CVE-2007-4465)\n\nand the following non-security issues :\n\n - get_module_list: replace loadmodule.conf atomically\n\n - Use File::Temp to create good tmpdir in logresolve.pl2\n (httpd-2.x.x-logresolve.patchs)", "edition": 23, "published": "2007-12-13T00:00:00", "title": "SuSE 10 Security Update : apache2 (ZYPP Patch Number 4669)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4465", "CVE-2007-3304", "CVE-2006-5752", "CVE-2007-3847", "CVE-2007-1863"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_APACHE2-4669.NASL", "href": "https://www.tenable.com/plugins/nessus/29373", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(29373);\n script_version (\"1.15\");\n script_cvs_date(\"Date: 2019/10/25 13:36:29\");\n\n script_cve_id(\"CVE-2006-5752\", \"CVE-2007-1863\", \"CVE-2007-3304\", \"CVE-2007-3847\", \"CVE-2007-4465\");\n\n script_name(english:\"SuSE 10 Security Update : apache2 (ZYPP Patch Number 4669)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several bugs were fixed in the Apache2 webserver :\n\nThese include the following security issues :\n\n - mod_status: Fix a possible XSS attack against a site\n with a public server-status page and ExtendedStatus\n enabled, for browsers which perform charset 'detection'.\n (CVE-2006-5752)\n\n - mod_cache: Prevent a segmentation fault if attributes\n are listed in a Cache-Control header without any value.\n (CVE-2007-1863)\n\n - prefork, worker, event MPMs: Ensure that the parent\n process cannot be forced to kill processes outside its\n process group. (CVE-2007-3304)\n\n - mod_proxy: Prevent reading past the end of a buffer when\n parsing date-related headers. PR 41144. (CVE-2007-3847)\n\n - mod_autoindex: Add in ContentType and Charset options to\n IndexOptions directive. This allows the admin to\n explicitly set the content-type and charset of the\n generated page. (CVE-2007-4465)\n\nand the following non-security issues :\n\n - get_module_list: replace loadmodule.conf atomically\n\n - Use File::Temp to create good tmpdir in logresolve.pl2\n (httpd-2.x.x-logresolve.patchs)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-5752.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-1863.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3304.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3847.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-4465.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 4669.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(79);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"apache2-2.2.3-16.15\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"apache2-devel-2.2.3-16.15\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"apache2-doc-2.2.3-16.15\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"apache2-example-pages-2.2.3-16.15\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"apache2-prefork-2.2.3-16.15\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"apache2-worker-2.2.3-16.15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:23", "bulletinFamily": "software", "cvelist": ["CVE-2007-3304", "CVE-2006-5752", "CVE-2007-3847", "CVE-2007-1863"], "description": "rPath Security Advisory: 2007-0182-1\r\nPublished: 2007-09-14\r\nProducts: rPath Linux 1\r\nRating: Severe\r\nExposure Level Classification:\r\n Remote System User Deterministic Denial of Service\r\nUpdated Versions:\r\n httpd=/conary.rpath.com@rpl:devel//1-devel/2.0.61-0.1-1\r\n mod_ssl=/conary.rpath.com@rpl:devel//1-devel/2.0.61-0.1-1\r\n\r\nReferences:\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\r\n https://issues.rpath.com/browse/RPL-1710\r\n\r\nDescription:\r\n Previous versions of the httpd package are vulnerable to multiple\r\n Denial of Service attacks, one of which allows a remote attacker\r\n to crash mod_proxy using a maliciously crafted HTTP request.\r\n \r\n In its default configuration, rPath Linux 1 is not vulnerable to\r\n these attacks.\r\n \r\n Note that two additional vulnerabilities fixed in httpd 2.0.61,\r\n CVE-2007-1863 and CVE-2006-5752, were already fixed in a previous\r\n update to rPath Linux.\r\n\r\nCopyright 2007 rPath, Inc.\r\nThis file is distributed under the terms of the MIT License.\r\nA copy is available at http://www.rpath.com/permanent/mit-license.html\r\n\r\n_______________________________________________\r\nFull-Disclosure - We believe in it.\r\nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\r\nHosted and sponsored by Secunia - http://secunia.com/", "edition": 1, "modified": "2007-09-14T00:00:00", "published": "2007-09-14T00:00:00", "id": "SECURITYVULNS:DOC:18002", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:18002", "title": "[Full-disclosure] rPSA-2007-0182-1 httpd mod_ssl", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:26", "bulletinFamily": "software", "cvelist": ["CVE-2007-3304"], "description": "It's possible to manipalte main worker process causing it to send SIGUSR signal from root to any process, process halt, resources exhaustions.", "edition": 1, "modified": "2007-06-20T00:00:00", "published": "2007-06-20T00:00:00", "id": "SECURITYVULNS:VULN:7757", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:7757", "title": "Apache httpd multiple local DoS conditions", "type": "securityvulns", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2006-5752", "CVE-2007-1862", "CVE-2007-1863", "CVE-2007-3304"], "description": "The Apache HTTP Server is a powerful, efficient, and extensible web server. ", "modified": "2007-06-27T03:52:42", "published": "2007-06-27T03:52:42", "id": "FEDORA:L5R3QDPY011231", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: httpd-2.2.4-4.1.fc7", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2006-3747", "CVE-2006-5752", "CVE-2007-1863", "CVE-2007-3304"], "description": "The Apache HTTP Server is a powerful, efficient, and extensible web server. ", "modified": "2007-07-02T15:01:38", "published": "2007-07-02T15:01:38", "id": "FEDORA:L62F1CGQ016053", "href": "", "type": "fedora", "title": "[SECURITY] Fedora Core 5 Update: httpd-2.2.2-1.3", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2006-5752", "CVE-2007-1862", "CVE-2007-1863", "CVE-2007-3304"], "description": "The Apache HTTP Server is a powerful, efficient, and extensible web server. ", "modified": "2007-07-12T22:53:51", "published": "2007-07-12T22:53:51", "id": "FEDORA:L6CMRP6R013550", "href": "", "type": "fedora", "title": "[SECURITY] Fedora Core 6 Update: httpd-2.2.4-2.1.fc6", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2006-5752", "CVE-2007-1862", "CVE-2007-1863", "CVE-2007-3304", "CVE-2007-3847", "CVE-2007-4465"], "description": "The Apache HTTP Server is a powerful, efficient, and extensible web server. ", "modified": "2007-09-19T02:53:28", "published": "2007-09-19T02:53:28", "id": "FEDORA:L8J2ROS5020550", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: httpd-2.2.6-1.fc7", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2006-5752", "CVE-2007-1862", "CVE-2007-1863", "CVE-2007-3304", "CVE-2007-5000", "CVE-2007-6388", "CVE-2007-6421", "CVE-2007-6422", "CVE-2008-0005"], "description": "The Apache HTTP Server is a powerful, efficient, and extensible web server. ", "modified": "2008-02-16T02:08:32", "published": "2008-02-16T02:08:32", "id": "FEDORA:M1G27PL9027710", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: httpd-2.2.8-1.fc7", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "freebsd": [{"lastseen": "2019-05-29T18:34:33", "bulletinFamily": "unix", "cvelist": ["CVE-2007-3304", "CVE-2006-5752", "CVE-2007-3847", "CVE-2007-1863"], "description": "\nApache HTTP server project reports:\n\nThe following potential security flaws are addressed:\n\nCVE-2007-3847: mod_proxy: Prevent reading past the end of a\n\t buffer when parsing date-related headers.\nCVE-2007-1863: mod_cache: Prevent a segmentation fault if\n\t attributes are listed in a Cache-Control header without any\n\t value.\nCVE-2007-3304: prefork, worker, event MPMs: Ensure that the\n\t parent process cannot be forced to kill processes outside its\n\t process group.\nCVE-2006-5752: mod_status: Fix a possible XSS attack against\n\t a site with a public server-status page and ExtendedStatus\n\t enabled, for browsers which perform charset \"detection\".\n\t Reported by Stefan Esser.\nCVE-2006-1862: mod_mem_cache: Copy headers into longer lived\n\t storage; header names and values could previously point to\n\t cleaned up storage.\n\n\n", "edition": 4, "modified": "2007-09-07T00:00:00", "published": "2007-09-07T00:00:00", "id": "C115271D-602B-11DC-898C-001921AB2FA4", "href": "https://vuxml.freebsd.org/freebsd/c115271d-602b-11dc-898c-001921ab2fa4.html", "title": "apache -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2016-09-04T11:46:33", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4465", "CVE-2007-3304", "CVE-2006-5752", "CVE-2007-3847", "CVE-2007-1863"], "description": "Several bugs were fixed in the Apache2 web server.\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2007-11-19T15:20:20", "published": "2007-11-19T15:20:20", "id": "SUSE-SA:2007:061", "href": "http://lists.opensuse.org/opensuse-security-announce/2007-11/msg00002.html", "title": "remote denial of service in apache2", "type": "suse", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:54", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4465", "CVE-2007-3304", "CVE-2006-5752", "CVE-2007-3847", "CVE-2007-1862", "CVE-2007-1863"], "description": "### Background\n\nThe Apache HTTP server is one of the most popular web servers on the Internet. \n\n### Description\n\nMultiple cross-site scripting vulnerabilities have been discovered in mod_status and mod_autoindex (CVE-2006-5752, CVE-2007-4465). An error has been discovered in the recall_headers() function in mod_mem_cache (CVE-2007-1862). The mod_cache module does not properly sanitize requests before processing them (CVE-2007-1863). The Prefork module does not properly check PID values before sending signals (CVE-2007-3304). The mod_proxy module does not correctly check headers before processing them (CVE-2007-3847). \n\n### Impact\n\nA remote attacker could exploit one of these vulnerabilities to inject arbitrary script or HTML content, obtain sensitive information or cause a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Apache users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-servers/apache-2.0.59-r5\"", "edition": 1, "modified": "2007-11-07T00:00:00", "published": "2007-11-07T00:00:00", "id": "GLSA-200711-06", "href": "https://security.gentoo.org/glsa/200711-06", "type": "gentoo", "title": "Apache: Multiple vulnerabilities", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "vmware": [{"lastseen": "2019-11-06T16:05:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0040", "CVE-2008-0005", "CVE-2007-3304", "CVE-2006-5752", "CVE-2007-3847", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-1863"], "description": "a. Third Party Library libpng Updated to 1.2.35 \n \nSeveral flaws were discovered in the way third party library libpng \nhandled uninitialized pointers. An attacker could create a PNG image \nfile in such a way, that when loaded by an application linked to \nlibpng, it could cause the application to crash or execute arbitrary \ncode at the privilege level of the user that runs the application. \nThe Common Vulnerabilities and Exposures project (cve.mitre.org) \nhas assigned the name CVE-2009-0040 to this issue. \nThe following table lists what action remediates the vulnerability \n(column 4) if a solution is available. \n\n", "edition": 4, "modified": "2010-11-08T00:00:00", "published": "2009-08-20T00:00:00", "id": "VMSA-2009-0010", "href": "https://www.vmware.com/security/advisories/VMSA-2009-0010.html", "title": "VMware Hosted products update libpng and Apache HTTP Server", "type": "vmware", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:34", "bulletinFamily": "software", "cvelist": ["CVE-2006-5752"], "description": "# No description provided by the source\n\n## References:\nSecurity Tracker: 1018302\n[Secunia Advisory ID:27732](https://secuniaresearch.flexerasoftware.com/advisories/27732/)\n[Secunia Advisory ID:26458](https://secuniaresearch.flexerasoftware.com/advisories/26458/)\nOther Advisory URL: http://www-1.ibm.com/support/docview.wss?uid=swg1PK49295\nOther Advisory URL: http://lists.opensuse.org/opensuse-security-announce/2007-11/msg00002.html\n[CVE-2006-5752](https://vulners.com/cve/CVE-2006-5752)\n", "edition": 1, "modified": "2007-08-17T11:21:33", "published": "2007-08-17T11:21:33", "href": "https://vulners.com/osvdb/OSVDB:38630", "id": "OSVDB:38630", "title": "IBM HTTP Server mod_status mod_status.c Unspecified XSS", "type": "osvdb", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-04-28T13:20:33", "bulletinFamily": "software", "cvelist": ["CVE-2006-5752"], "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: https://issues.rpath.com/browse/RPL-1500\nVendor Specific News/Changelog Entry: http://httpd.apache.org/security/vulnerabilities_20.html\nVendor Specific News/Changelog Entry: http://httpd.apache.org/security/vulnerabilities_22.html\nVendor Specific News/Changelog Entry: http://svn.apache.org/viewvc?view=rev&revision=549159\nVendor Specific News/Changelog Entry: http://httpd.apache.org/security/vulnerabilities_13.html\nSecurity Tracker: 1018302\n[Secunia Advisory ID:25873](https://secuniaresearch.flexerasoftware.com/advisories/25873/)\n[Secunia Advisory ID:26273](https://secuniaresearch.flexerasoftware.com/advisories/26273/)\n[Secunia Advisory ID:27037](https://secuniaresearch.flexerasoftware.com/advisories/27037/)\n[Secunia Advisory ID:25830](https://secuniaresearch.flexerasoftware.com/advisories/25830/)\n[Secunia Advisory ID:26443](https://secuniaresearch.flexerasoftware.com/advisories/26443/)\n[Secunia Advisory ID:26211](https://secuniaresearch.flexerasoftware.com/advisories/26211/)\n[Secunia Advisory ID:27563](https://secuniaresearch.flexerasoftware.com/advisories/27563/)\n[Secunia Advisory ID:27732](https://secuniaresearch.flexerasoftware.com/advisories/27732/)\n[Secunia Advisory ID:25827](https://secuniaresearch.flexerasoftware.com/advisories/25827/)\n[Secunia Advisory ID:25920](https://secuniaresearch.flexerasoftware.com/advisories/25920/)\n[Secunia Advisory ID:26508](https://secuniaresearch.flexerasoftware.com/advisories/26508/)\n[Secunia Advisory ID:26822](https://secuniaresearch.flexerasoftware.com/advisories/26822/)\n[Secunia Advisory ID:26458](https://secuniaresearch.flexerasoftware.com/advisories/26458/)\n[Secunia Advisory ID:28224](https://secuniaresearch.flexerasoftware.com/advisories/28224/)\nRedHat RHSA: RHSA-2007:0532\nRedHat RHSA: RHSA-2007:0534\nRedHat RHSA: RHSA-2007:0557\nRedHat RHSA: RHSA-2007:0533\nRedHat RHSA: RHSA-2007:0556\nOther Advisory URL: http://support.avaya.com/elmodocs2/security/ASA-2007-351.htm\nOther Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc\nOther Advisory URL: HPSBUX02262 SSRT071447:\nOther Advisory URL: http://www.ubuntu.com/usn/usn-499-1\nOther Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1\nOther Advisory URL: http://frontal2.mandriva.com/security/advisories?name=MDKSA-2007:140\nOther Advisory URL: http://frontal2.mandriva.com/security/advisories?name=MDKSA-2007:142\nOther Advisory URL: http://www.trustix.org/errata/2007/0026/\nOther Advisory URL: http://lists.rpath.com/pipermail/security-announce/2007-June/000207.html\nOther Advisory URL: http://frontal2.mandriva.com/security/advisories?name=MDKSA-2007:141\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200711-06.xml\nOther Advisory URL: http://www-1.ibm.com/support/docview.wss?uid=swg1PK49295\nOther Advisory URL: http://lists.opensuse.org/opensuse-security-announce/2007-11/msg00002.html\nFrSIRT Advisory: ADV-2007-2727\n[CVE-2006-5752](https://vulners.com/cve/CVE-2006-5752)\nBugtraq ID: 24645\n", "edition": 1, "modified": "2007-06-21T14:05:34", "published": "2007-06-21T14:05:34", "href": "https://vulners.com/osvdb/OSVDB:37052", "id": "OSVDB:37052", "title": "Apache HTTP Server mod_status mod_status.c Unspecified XSS", "type": "osvdb", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-04-28T13:20:34", "bulletinFamily": "software", "cvelist": ["CVE-2007-3304"], "description": "# No description provided by the source\n\n## References:\nVendor Specific Solution URL: ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc\nVendor Specific News/Changelog Entry: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245111\nVendor Specific News/Changelog Entry: http://svn.apache.org/viewvc?view=rev&revision=547987\nVendor Specific News/Changelog Entry: http://httpd.apache.org/security/vulnerabilities_20.html\nVendor Specific News/Changelog Entry: http://httpd.apache.org/security/vulnerabilities_22.html\nVendor Specific News/Changelog Entry: http://httpd.apache.org/security/vulnerabilities_13.html\nSecurity Tracker: 1018304\n[Secunia Advisory ID:26273](https://secuniaresearch.flexerasoftware.com/advisories/26273/)\n[Secunia Advisory ID:26790](https://secuniaresearch.flexerasoftware.com/advisories/26790/)\n[Secunia Advisory ID:27209](https://secuniaresearch.flexerasoftware.com/advisories/27209/)\n[Secunia Advisory ID:25830](https://secuniaresearch.flexerasoftware.com/advisories/25830/)\n[Secunia Advisory ID:26211](https://secuniaresearch.flexerasoftware.com/advisories/26211/)\n[Secunia Advisory ID:26443](https://secuniaresearch.flexerasoftware.com/advisories/26443/)\n[Secunia Advisory ID:26611](https://secuniaresearch.flexerasoftware.com/advisories/26611/)\n[Secunia Advisory ID:27563](https://secuniaresearch.flexerasoftware.com/advisories/27563/)\n[Secunia Advisory ID:27732](https://secuniaresearch.flexerasoftware.com/advisories/27732/)\n[Secunia Advisory ID:25827](https://secuniaresearch.flexerasoftware.com/advisories/25827/)\n[Secunia Advisory ID:25920](https://secuniaresearch.flexerasoftware.com/advisories/25920/)\n[Secunia Advisory ID:26508](https://secuniaresearch.flexerasoftware.com/advisories/26508/)\n[Secunia Advisory ID:26759](https://secuniaresearch.flexerasoftware.com/advisories/26759/)\n[Secunia Advisory ID:26822](https://secuniaresearch.flexerasoftware.com/advisories/26822/)\n[Secunia Advisory ID:28224](https://secuniaresearch.flexerasoftware.com/advisories/28224/)\n[Related OSVDB ID: 37050](https://vulners.com/osvdb/OSVDB:37050)\nRedHat RHSA: RHSA-2007:0532\nRedHat RHSA: RHSA-2007:0557\nRedHat RHSA: RHSA-2007:0662\nRedHat RHSA: RHSA-2007:0556\nOther Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc\nOther Advisory URL: http://lists.rpath.com/pipermail/security-announce/2007-September/000241.html\nOther Advisory URL: http://support.avaya.com/elmodocs2/security/ASA-2007-351.htm\nOther Advisory URL: http://www.redhat.com/support/errata/RHSA-2007-0662.html\nOther Advisory URL: HPSBUX02273 SSRT071476:\nOther Advisory URL: http://support.avaya.com/elmodocs2/security/ASA-2007-363.htm\nOther Advisory URL: http://www.ubuntu.com/usn/usn-499-1\nOther Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1\nOther Advisory URL: http://frontal2.mandriva.com/security/advisories?name=MDKSA-2007:140\nOther Advisory URL: http://frontal2.mandriva.com/security/advisories?name=MDKSA-2007:142\nOther Advisory URL: http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm\nOther Advisory URL: http://www-1.ibm.com/support/docview.wss?uid=swg1PK50467\nOther Advisory URL: http://www.trustix.org/errata/2007/0026/\nOther Advisory URL: http://lists.opensuse.org/opensuse-security-announce/2007-11/msg00002.html\nOther Advisory URL: http://security.psnc.pl/files/apache_report.pdf\nOther Advisory URL: http://securityreason.com/securityalert/2814\nOther Advisory URL: http://www-1.ibm.com/support/search.wss?rs=0&q=PK50467&apar=only\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200711-06.xml\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:140\nOther Advisory URL: http://www.redhat.com/errata/RHSA-2007-0532.html\nOther Advisory URL: http://www.redhat.com/support/errata/RHSA-2007-0557.html\nMail List Post: http://mail-archives.apache.org/mod_mbox/httpd-dev/200706.mbox/%3c20070629141032.GA15192@redhat.com%3e\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-05/0415.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-06/0251.html\nMail List Post: http://marc.info/?l=apache-httpd-dev&m=118252946632447&w=2\nKeyword: aka \"SIGUSR1 killer.\"\nKeyword: SSRT071476\nKeyword: HPSBUX02273\nFrSIRT Advisory: ADV-2007-2727\nFrSIRT Advisory: ADV-2007-3100\n[CVE-2007-3304](https://vulners.com/cve/CVE-2007-3304)\nBugtraq ID: 24215\n", "edition": 1, "modified": "2007-05-29T05:55:13", "published": "2007-05-29T05:55:13", "href": "https://vulners.com/osvdb/OSVDB:38939", "id": "OSVDB:38939", "title": "Apache HTTP Server Prefork MPM Module Array Modification Local DoS", "type": "osvdb", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-04-28T13:20:33", "bulletinFamily": "software", "cvelist": ["CVE-2007-1863"], "description": "# No description provided by the source\n\n## References:\n[Secunia Advisory ID:26273](https://secuniaresearch.flexerasoftware.com/advisories/26273/)\n[Secunia Advisory ID:25873](https://secuniaresearch.flexerasoftware.com/advisories/25873/)\n[Secunia Advisory ID:27037](https://secuniaresearch.flexerasoftware.com/advisories/27037/)\n[Secunia Advisory ID:26842](https://secuniaresearch.flexerasoftware.com/advisories/26842/)\n[Secunia Advisory ID:26443](https://secuniaresearch.flexerasoftware.com/advisories/26443/)\n[Secunia Advisory ID:26211](https://secuniaresearch.flexerasoftware.com/advisories/26211/)\n[Secunia Advisory ID:27563](https://secuniaresearch.flexerasoftware.com/advisories/27563/)\n[Secunia Advisory ID:27732](https://secuniaresearch.flexerasoftware.com/advisories/27732/)\n[Secunia Advisory ID:25920](https://secuniaresearch.flexerasoftware.com/advisories/25920/)\n[Secunia Advisory ID:26508](https://secuniaresearch.flexerasoftware.com/advisories/26508/)\n[Secunia Advisory ID:26822](https://secuniaresearch.flexerasoftware.com/advisories/26822/)\nOther Advisory URL: http://support.avaya.com/elmodocs2/security/ASA-2007-351.htm\nOther Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc\nOther Advisory URL: HPSBUX02262 SSRT071447:\nOther Advisory URL: http://www.ubuntu.com/usn/usn-499-1\nOther Advisory URL: https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html\nOther Advisory URL: http://www.trustix.org/errata/2007/0026/\nOther Advisory URL: http://lists.rpath.com/pipermail/security-announce/2007-June/000207.html\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:140\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200711-06.xml\nOther Advisory URL: http://lists.opensuse.org/opensuse-security-announce/2007-11/msg00002.html\n[CVE-2007-1863](https://vulners.com/cve/CVE-2007-1863)\n", "edition": 1, "modified": "2007-06-18T05:55:04", "published": "2007-06-18T05:55:04", "href": "https://vulners.com/osvdb/OSVDB:37079", "id": "OSVDB:37079", "title": "Apache HTTP Server mod_cache cache_util.c Malformed Cache-Control Header DoS", "type": "osvdb", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "httpd": [{"lastseen": "2016-09-26T21:39:37", "bulletinFamily": "software", "cvelist": ["CVE-2006-5752"], "description": "\nA flaw was found in the mod_status module. On sites where the\nserver-status page is publicly accessible and ExtendedStatus is\nenabled this could lead to a cross-site scripting attack.\nNote that the server-status\npage is not enabled by default and it is best practice to not make\nthis publicly available.", "edition": 1, "modified": "2007-09-07T00:00:00", "published": "2006-10-19T00:00:00", "id": "HTTPD:EB702124981FF0A598C6ED98A2E069D9", "href": "https://httpd.apache.org/security_report.html", "type": "httpd", "title": "Apache Httpd < 2.0.61: mod_status cross-site scripting", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2016-09-26T21:39:37", "bulletinFamily": "software", "cvelist": ["CVE-2006-5752"], "description": "\nA flaw was found in the mod_status module. On sites where the\nserver-status page is publicly accessible and ExtendedStatus is\nenabled this could lead to a cross-site scripting attack.\nNote that the server-status\npage is not enabled by default and it is best practice to not make\nthis publicly available.", "edition": 1, "modified": "2007-09-07T00:00:00", "published": "2006-10-19T00:00:00", "id": "HTTPD:EA81A7FD4BED06F6CEF71C3521A44027", "href": "https://httpd.apache.org/security_report.html", "type": "httpd", "title": "Apache Httpd < 2.2.6: mod_status cross-site scripting", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2016-09-26T21:39:37", "bulletinFamily": "software", "cvelist": ["CVE-2006-5752"], "description": "\nA flaw was found in the mod_status module. On sites where the\nserver-status page is publicly accessible and ExtendedStatus is\nenabled this could lead to a cross-site scripting attack.\nNote that the server-status\npage is not enabled by default and it is best practice to not make\nthis publicly available.", "edition": 1, "modified": "2007-09-07T00:00:00", "published": "2006-10-19T00:00:00", "id": "HTTPD:54F2521BC13F2D35EB25F335F6F906BB", "href": "https://httpd.apache.org/security_report.html", "type": "httpd", "title": "Apache Httpd < 1.3.39: mod_status cross-site scripting", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2020-12-24T14:26:51", "bulletinFamily": "software", "cvelist": ["CVE-2006-5752"], "description": "\nA flaw was found in the mod_status module. On sites where the\nserver-status page is publicly accessible and ExtendedStatus is\nenabled this could lead to a cross-site scripting attack.\nNote that the server-status\npage is not enabled by default and it is best practice to not make\nthis publicly available.", "edition": 5, "modified": "2007-06-20T00:00:00", "published": "2006-10-19T00:00:00", "id": "HTTPD:DBD6B4CFAA46D62C4F04EB981A23089E", "href": "https://httpd.apache.org/security_report.html", "title": "Apache Httpd < None: mod_status cross-site scripting", "type": "httpd", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2016-09-26T21:39:37", "bulletinFamily": "software", "cvelist": ["CVE-2007-3304"], "description": "The Apache HTTP server did not verify that a process\nwas an Apache child process before sending it signals. A local\nattacker with the ability to run scripts on the HTTP server could\nmanipulate the scoreboard and cause arbitrary processes to be\nterminated which could lead to a denial of service.", "edition": 1, "modified": "2007-09-07T00:00:00", "published": "2006-05-15T00:00:00", "id": "HTTPD:DE2DCBB7F497C546416A82A8C580176E", "href": "https://httpd.apache.org/security_report.html", "type": "httpd", "title": "Apache Httpd < 2.0.61: Signals to arbitrary processes", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-26T21:39:37", "bulletinFamily": "software", "cvelist": ["CVE-2007-3304"], "description": "The Apache HTTP server did not verify that a process\nwas an Apache child process before sending it signals. A local\nattacker with the ability to run scripts on the HTTP server could\nmanipulate the scoreboard and cause arbitrary processes to be\nterminated which could lead to a denial of service.", "edition": 1, "modified": "2007-09-07T00:00:00", "published": "2006-05-15T00:00:00", "id": "HTTPD:E64DD2992869E3B570507A803F6B61DC", "href": "https://httpd.apache.org/security_report.html", "type": "httpd", "title": "Apache Httpd < 2.2.6: Signals to arbitrary processes", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2020-12-24T14:26:51", "bulletinFamily": "software", "cvelist": ["CVE-2007-3304"], "description": "The Apache HTTP server did not verify that a process\nwas an Apache child process before sending it signals. A local\nattacker with the ability to run scripts on the HTTP server could\nmanipulate the scoreboard and cause arbitrary processes to be\nterminated which could lead to a denial of service.", "edition": 5, "modified": "2007-06-19T00:00:00", "published": "2006-05-15T00:00:00", "id": "HTTPD:40D3FE87B71DE5DE61C248550CCA14BC", "href": "https://httpd.apache.org/security_report.html", "title": "Apache Httpd < None: Signals to arbitrary processes", "type": "httpd", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2016-09-26T21:39:37", "bulletinFamily": "software", "cvelist": ["CVE-2007-3304"], "description": "The Apache HTTP server did not verify that a process\nwas an Apache child process before sending it signals. A local\nattacker with the ability to run scripts on the HTTP server could\nmanipulate the scoreboard and cause arbitrary processes to be\nterminated which could lead to a denial of service.", "edition": 1, "modified": "2007-09-07T00:00:00", "published": "2006-05-15T00:00:00", "id": "HTTPD:F530D75F8856ACC4F8157FC2A041822A", "href": "https://httpd.apache.org/security_report.html", "type": "httpd", "title": "Apache Httpd < 1.3.39: Signals to arbitrary processes", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-26T21:39:37", "bulletinFamily": "software", "cvelist": ["CVE-2007-1863"], "description": "\nA bug was found in the mod_cache module. On sites where\ncaching is enabled, a remote attacker could send a carefully crafted\nrequest that would cause the Apache child process handling that request to\ncrash. This could lead to a denial of service if using a threaded\nMulti-Processing Module.", "edition": 1, "modified": "2007-09-07T00:00:00", "published": "2007-05-02T00:00:00", "id": "HTTPD:F40257664526C38245830101DCB03B41", "href": "https://httpd.apache.org/security_report.html", "type": "httpd", "title": "Apache Httpd < 2.2.6: mod_cache proxy DoS", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2020-12-24T14:26:51", "bulletinFamily": "software", "cvelist": ["CVE-2007-1863"], "description": "\nA bug was found in the mod_cache module. On sites where\ncaching is enabled, a remote attacker could send a carefully crafted\nrequest that would cause the Apache child process handling that request to\ncrash. This could lead to a denial of service if using a threaded\nMulti-Processing Module.", "edition": 5, "modified": "2007-06-18T00:00:00", "published": "2007-05-02T00:00:00", "id": "HTTPD:37C9FB4717E55404648E661334891D18", "href": "https://httpd.apache.org/security_report.html", "title": "Apache Httpd < None: mod_cache proxy DoS", "type": "httpd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "seebug": [{"lastseen": "2017-11-19T21:57:59", "description": "BUGTRAQ ID: 24215\r\nCVE(CAN) ID: CVE-2007-3304\r\n\r\nApache HTTP Server\u662f\u4e00\u6b3e\u6d41\u884c\u7684Web\u670d\u52a1\u5668\u3002\r\n\r\nApache HTTP Server Worker\u8fdb\u7a0b\u5b9e\u73b0\u4e0a\u5b58\u5728\u591a\u4e2a\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u80fd\u5229\u7528\u8fd9\u4e9b\u6f0f\u6d1e\u5bfc\u81f4\u670d\u52a1\u4e0d\u53ef\u7528\u3002\r\n\r\n\u5728\u53d1\u9001\u4fe1\u53f7\u4e4b\u524dApache HTTP Server\u6ca1\u6709\u9a8c\u8bc1\u8fdb\u7a0b\u4e3aApache\u5b50\u8fdb\u7a0b\u3002\u80fd\u591f\u5728Apache HTTP Server\u4e0a\u8fd0\u884c\u811a\u672c\u7684\u672c\u5730\u653b\u51fb\u8005\u53ef\u4ee5\u63a7\u5236\u8bb0\u5206\u677f\u5e76\u7ec8\u6b62\u4efb\u610f\u8fdb\u7a0b\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\r\n\r\n\u5982\u679cApache httpd\u5b89\u88c5\u4e86Prefork MPM\u6a21\u5757\u7684\u8bdd\uff0c\u672c\u5730\u653b\u51fb\u8005\u5c31\u53ef\u4ee5\u4fee\u6539worker_score\u548cprocess_score\u6570\u7ec4\u4f7f\u5176\u5f15\u7528\u4efb\u610f\u8fdb\u7a0bID\uff0c\u4e3b\u8fdb\u7a0b\u5411\u5176\u53d1\u9001\u4e86SIGUSR1\u4fe1\u53f7\u7684\u8bdd\u5c31\u4f1a\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\r\n\n\nApache Group Apache 2.2.4\r\nApache Group Apache 2.0.59\r\nApache Group Apache 1.3.37\n \u5382\u5546\u8865\u4e01\uff1a\r\n\r\nApache Group\r\n------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=\"http://svn.apache.org/viewvc?view=rev&revision=547987\" target=\"_blank\">http://svn.apache.org/viewvc?view=rev&revision=547987</a>\r\n\r\nRedHat\r\n------\r\nRedHat\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08RHSA-2007:0662-01\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nRHSA-2007:0662-01\uff1aModerate: httpd security update\r\n\u94fe\u63a5\uff1a<a href=\"https://www.redhat.com/support/errata/RHSA-2007-0662.html\" target=\"_blank\">https://www.redhat.com/support/errata/RHSA-2007-0662.html</a>\r\n\r\nSGI\r\n---\r\nSGI\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff0820070701-01-P\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\n20070701-01-P\uff1aSGI Advanced Linux Environment 3 Security Update #78\r\n\u94fe\u63a5\uff1a<a href=\"ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc\" target=\"_blank\">ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc</a>", "published": "2007-08-29T00:00:00", "title": "Apache HTTP Server Worker\u8fdb\u7a0b\u591a\u4e2a\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2007-3304"], "modified": "2007-08-29T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-2174", "id": "SSV:2174", "sourceData": "", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "sourceHref": ""}]}