Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2004-2021 Tenable Network Security, Inc.GENTOO_GLSA-200405-22.NASL
HistoryAug 30, 2004 - 12:00 a.m.

GLSA-200405-22 : Apache 1.3: Multiple vulnerabilities

2004-08-3000:00:00
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.
www.tenable.com
31
JSON

The remote host is affected by the vulnerability described in GLSA-200405-22 (Apache 1.3: Multiple vulnerabilities)

On 64-bit big-endian platforms, mod_access does not properly parse     Allow/Deny rules using IP addresses without a netmask which could result in     failure to match certain IP addresses.
Terminal escape sequences are not filtered from error logs. This could be     used by an attacker to insert escape sequences into a terminal emulator     vulnerable to escape sequences.
mod_digest does not properly verify the nonce of a client response by using     a AuthNonce secret. This could permit an attacker to replay the response of     another website. This does not affect mod_auth_digest.
On certain platforms there is a starvation issue where listening sockets     fails to handle short-lived connection on a rarely-accessed listening     socket. This causes the child to hold the accept mutex and block out new     connections until another connection arrives on the same rarely-accessed     listening socket thus leading to a denial of service.

Impact :

These vulnerabilities could lead to attackers bypassing intended access     restrictions, denial of service, and possibly execution of arbitrary code.

Workaround :

There is no known workaround at this time.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 200405-22.
#
# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(14508);
  script_version("1.18");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2003-0020", "CVE-2003-0987", "CVE-2003-0993", "CVE-2004-0174");
  script_xref(name:"GLSA", value:"200405-22");

  script_name(english:"GLSA-200405-22 : Apache 1.3: Multiple vulnerabilities");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-200405-22
(Apache 1.3: Multiple vulnerabilities)

    On 64-bit big-endian platforms, mod_access does not properly parse
    Allow/Deny rules using IP addresses without a netmask which could result in
    failure to match certain IP addresses.
    Terminal escape sequences are not filtered from error logs. This could be
    used by an attacker to insert escape sequences into a terminal emulator
    vulnerable to escape sequences.
    mod_digest does not properly verify the nonce of a client response by using
    a AuthNonce secret. This could permit an attacker to replay the response of
    another website. This does not affect mod_auth_digest.
    On certain platforms there is a starvation issue where listening sockets
    fails to handle short-lived connection on a rarely-accessed listening
    socket. This causes the child to hold the accept mutex and block out new
    connections until another connection arrives on the same rarely-accessed
    listening socket thus leading to a denial of service.
  
Impact :

    These vulnerabilities could lead to attackers bypassing intended access
    restrictions, denial of service, and possibly execution of arbitrary code.
  
Workaround :

    There is no known workaround at this time."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/200405-22"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"All users should upgrade to the latest stable version of Apache 1.3.
    # emerge sync
    # emerge -pv '>=www-servers/apache-1.3.31'
    # emerge '>=www-servers/apache-1.3.31'"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:apache");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2004/05/26");
  script_set_attribute(attribute:"plugin_publication_date", value:"2004/08/30");
  script_set_attribute(attribute:"vuln_publication_date", value:"2004/12/02");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"www-servers/apache", unaffected:make_list("ge 1.3.31"), vulnerable:make_list("lt 1.3.31"))) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Apache 1.3");
}
VendorProductVersionCPE
gentoolinuxapachep-cpe:/a:gentoo:linux:apache
gentoolinuxcpe:/o:gentoo:linux

Related

openvas 16
slackware 1
gentoo 1
nessus 31
suse 5
altlinux 3
f5 2
freebsd 1
cve 5
ubuntucve 4
cvelist 5
httpd 6
debiancve 2
cert 2
seebug 3
securityvulns 4
exploitpack 1
redhat 2
packetstorm 2
exploitdb 1
openvas
openvas
Gentoo Security Advisory GLSA 200405-22 (Apache)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200405-22 (Apache)
2008-09-24 00:00:00
Slackware: Security Advisory (SSA:2004-133-01)
2012-09-10 00:00:00
slackware
slackware
apache
2004-05-12 16:54:58
gentoo
gentoo
Apache 1.3: Multiple vulnerabilities
2004-05-26 00:00:00
nessus
nessus
Slackware 8.1 / 9.0 / 9.1 / current : apache (SSA:2004-133-01)
2005-07-13 00:00:00
Mandrake Linux Security Advisory : apache-mod_perl (MDKSA-2004:046-1)
2004-07-31 00:00:00
Solaris 9 (x86) : 114145-12
2004-07-12 00:00:00
suse
suse
remote file creation in kdelibs/kdelibs3
2004-05-26 11:35:37
remote command execution in cvs
2004-06-09 13:52:11
remote code execution in cvs
2004-04-14 15:54:44
altlinux
altlinux
Security fix for the ALT Linux 10 package apache2 version 2.0.40-21
2003-02-24 00:00:00
Security fix for the ALT Linux 9 package apache2 version 2.0.40-21
2003-02-24 00:00:00
Security fix for the ALT Linux 8 package apache2 version 2.0.40-21
2003-02-24 00:00:00
f5
f5
K5576 : Authentication vulnerability in Apache mod_digest - CAN-2003-0987
2013-03-28 00:00:00
SOL5576 - Authentication vulnerability in Apache mod_digest - CAN-2003-0987
2007-05-16 00:00:00
freebsd
freebsd
Apache 1.3 IP address access control failure on some 64-bit platforms
2004-03-07 00:00:00
cve
cve
CVE-2003-0987
2004-03-03 05:00:00
CVE-2003-0993
2004-03-29 05:00:00
CVE-2003-0020
2003-03-18 05:00:00
ubuntucve
ubuntucve
CVE-2003-0020
2003-03-18 00:00:00
CVE-2003-0993
2004-03-29 00:00:00
CVE-2003-0987
2004-03-03 00:00:00
cvelist
cvelist
CVE-2003-0020
2004-09-01 04:00:00
CVE-2003-0993
2004-09-01 04:00:00
CVE-2003-0987
2004-02-03 05:00:00
httpd
httpd
Apache Httpd < 1.3.31 : mod_digest nonce checking
2003-12-18 00:00:00
Apache Httpd < 1.3.31 : Error log escape filtering
2003-02-24 00:00:00
Apache Httpd < 2.0.49 : Error log escape filtering
2003-02-24 00:00:00
debiancve
debiancve
CVE-2003-0020
2003-03-18 05:00:00
CVE-2003-0083
2003-04-02 05:00:00
cert
cert
Apache HTTP Server vulnerable to DoS race condition in the handling of short-lived connections
2004-03-24 00:00:00
Apache vulnerable to DoS
2003-04-08 00:00:00
seebug
seebug
jetty 6.x - 7.x xss, information disclosure, injection
2014-07-01 00:00:00
jetty 6.x - 7.x xss information disclosure injection
2009-10-26 00:00:00
jetty 6.x - 7.x xss information disclosure injection
2009-10-26 00:00:00
securityvulns
securityvulns
Jetty 6.x and 7.x Multiple Vulnerabilities
2009-10-26 00:00:00
SUSE Security Announcement: cvs &#40;SuSE-SA:2004:008&#41;
2004-04-15 00:00:00
Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection
2010-01-12 00:00:00
exploitpack
exploitpack
jetty 6.x 7.x - Cross-Site Scripting Information Disclosure Injection
2009-10-26 00:00:00
redhat
redhat
(RHSA-2003:244) apache security update
2003-09-22 00:00:00
(RHSA-2004:600) apache, mod_ssl security update
2004-12-13 00:00:00
packetstorm
packetstorm
Jetty 6.x / 7.x Information Disclosure / XSS
2009-10-26 00:00:00
Nginx, Varnish, Cherokee, etc Log Injection
2010-01-11 00:00:00
exploitdb
exploitdb
jetty 6.x &lt; 7.x - Cross-Site Scripting / Information Disclosure / Injection
2009-10-26 00:00:00
JSON
Related for GENTOO_GLSA-200405-22.NASL
openvas16slackware1gentoo1nessus31suse5altlinux3f52freebsd1cve5ubuntucve4cvelist5httpd6debiancve2cert2seebug3securityvulns4exploitpack1redhat2packetstorm2exploitdb1