Lucene search
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.FEDORA_2004-313.NASLHistorySep 24, 2004 - 12:00 a.m.
Fedora Core 2 : httpd-2.0.51-2.7 (2004-313)
2004-09-2400:00:00
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.
www.tenable.com
18
-
Tue Sep 21 2004 Joe Orton <jorton at redhat.com> 2.0.51-2.7
-
ap_rgetline_core fix from Rici Lake
-
Tue Sep 21 2004 Joe Orton <jorton at redhat.com> 2.0.51-2.6
-
fix 2.0.51 regression in Satisfy merging (CVE-2004-0811)
-
Thu Sep 16 2004 Joe Orton <jorton at redhat.com> 2.0.51-2.5
-
mod_ssl: prevent SIGHUP-triggers-SIGSEGV after upgrade from 2.0.50
- revert mod_ldap/mod_auth_ldap changes likewise
-
Wed Sep 15 2004 Joe Orton <jorton at redhat.com> 2.0.51-2.1
-
update to 2.0.51, including security fixes for :
-
core: CVE-2004-0747
-
mod_dav_fs: CVE-2004-0809
-
mod_ssl: CVE-2004-0751, CVE-2004-0748
-
-
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2004-313.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(14807);
script_version("1.15");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2004-0811");
script_xref(name:"FEDORA", value:"2004-313");
script_name(english:"Fedora Core 2 : httpd-2.0.51-2.7 (2004-313)");
script_summary(english:"Checks rpm output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora Core host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
" - Tue Sep 21 2004 Joe Orton <jorton at redhat.com>
2.0.51-2.7
- ap_rgetline_core fix from Rici Lake
- Tue Sep 21 2004 Joe Orton <jorton at redhat.com>
2.0.51-2.6
- fix 2.0.51 regression in Satisfy merging (CVE-2004-0811)
- Thu Sep 16 2004 Joe Orton <jorton at redhat.com>
2.0.51-2.5
- mod_ssl: prevent SIGHUP-triggers-SIGSEGV after upgrade
from 2.0.50
- revert mod_ldap/mod_auth_ldap changes likewise
- Wed Sep 15 2004 Joe Orton <jorton at redhat.com>
2.0.51-2.1
- update to 2.0.51, including security fixes for :
- core: CVE-2004-0747
- mod_dav_fs: CVE-2004-0809
- mod_ssl: CVE-2004-0751, CVE-2004-0748
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
# https://lists.fedoraproject.org/pipermail/announce/2004-September/000303.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?eabde590"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:httpd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:httpd-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:httpd-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:httpd-manual");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mod_ssl");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora_core:2");
script_set_attribute(attribute:"patch_publication_date", value:"2004/09/23");
script_set_attribute(attribute:"plugin_publication_date", value:"2004/09/24");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^2([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 2.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC2", reference:"httpd-2.0.51-2.7")) flag++;
if (rpm_check(release:"FC2", reference:"httpd-debuginfo-2.0.51-2.7")) flag++;
if (rpm_check(release:"FC2", reference:"httpd-devel-2.0.51-2.7")) flag++;
if (rpm_check(release:"FC2", reference:"httpd-manual-2.0.51-2.7")) flag++;
if (rpm_check(release:"FC2", reference:"mod_ssl-2.0.51-2.7")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "httpd / httpd-debuginfo / httpd-devel / httpd-manual / mod_ssl");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fedoraproject | fedora | httpd | p-cpe:/a:fedoraproject:fedora:httpd |
| fedoraproject | fedora | httpd-debuginfo | p-cpe:/a:fedoraproject:fedora:httpd-debuginfo |
| fedoraproject | fedora | httpd-devel | p-cpe:/a:fedoraproject:fedora:httpd-devel |
| fedoraproject | fedora | httpd-manual | p-cpe:/a:fedoraproject:fedora:httpd-manual |
| fedoraproject | fedora | mod_ssl | p-cpe:/a:fedoraproject:fedora:mod_ssl |
| fedoraproject | fedora_core | 2 | cpe:/o:fedoraproject:fedora_core:2 |
Related
openvas
openvas
HP-UX Update for Apache with PHP HPSBUX01090
2009-05-05 00:00:00
HP-UX Update for Apache with PHP HPSBUX01090
2009-05-05 00:00:00
Gentoo Security Advisory GLSA 200409-21 (apache)
2008-09-24 00:00:00
gentoo
gentoo
Apache 2, mod_dav: Multiple vulnerabilities
2004-09-16 00:00:00
Apache: Exposure of protected directories
2004-09-24 00:00:00
securityvulns
securityvulns
[ANNOUNCE] Apache HTTP Server 2.0.51 Released
2004-09-16 00:00:00
MDKSA-2004:096 - Updated apache2 packages fix multiple vulnerabilities
2004-09-16 00:00:00
nessus
nessus
Apache 2.0.x < 2.0.51 Multiple Vulnerabilities (OF, DoS)
2004-09-16 00:00:00
GLSA-200409-21 : Apache 2, mod_dav: Multiple vulnerabilities
2004-09-17 00:00:00
Mandrake Linux Security Advisory : apache2 (MDKSA-2004:096)
2004-09-16 00:00:00
redhat
redhat
(RHSA-2004:463) httpd security update
2004-09-15 00:00:00
(RHSA-2004:349) httpd security update
2004-09-01 00:00:00
freebsd
freebsd
apache2 -- SSL remote DoS
2004-07-07 00:00:00
mod_dav -- lock related denial-of-service
2004-09-15 00:00:00
apache -- ap_resolve_env buffer overflow
2004-09-15 00:00:00
cve
cve
seebug
seebug
Apache Satisfy命令访问控制绕过漏洞
2008-10-05 00:00:00
cvelist
cvelist
httpd
httpd
Apache Httpd < 2.0.52 : Basic authentication bypass
2004-09-18 00:00:00
Apache Httpd < 2.0.51 : WebDAV remote crash
2004-09-12 00:00:00
Apache Httpd < 2.0.51 : SSL connection infinite loop
2004-07-07 00:00:00
ubuntucve
ubuntucve
redhatcve
redhatcve
CVE-2004-0811
2015-10-30 10:08:55
debiancve
debiancve
debian
debian
osv
osv
libapache-mod-dav - null pointer dereference
2004-10-06 00:00:00
checkpoint_advisories
checkpoint_advisories
cert
cert
Apache vulnerable to buffer overflow when expanding environment variables
2004-09-17 00:00:00
suse
suse
remote DoS condition in apache2
2004-09-06 13:51:41
remote denial-of-service in apache2
2004-09-15 15:46:39
Related for FEDORA_2004-313.NASL