Search...

GLSA-201903-21 : Apache: Multiple vulnerabilities

2019-03-28T00:00:00

ID GENTOO_GLSA-201903-21.NASL
Type nessus
Reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2020-04-02T00:00:00

Description

The remote host is affected by the vulnerability described in GLSA-201903-21 (Apache: Multiple vulnerabilities)

Multiple vulnerabilities have been discovered in Apache. Please review
  the CVE identifiers referenced below for details.

Impact :

A remote attacker can possibly cause a Denial of Service condition or
  could bypass mod_session_cookie expiration time.

Workaround :

There is no known workaround at this time.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 201903-21.
#
# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include("compat.inc");

if (description)
{
  script_id(123427);
  script_version("1.2");
  script_cvs_date("Date: 2020/01/27");

  script_cve_id("CVE-2018-17189", "CVE-2018-17190", "CVE-2018-17199", "CVE-2019-0190");
  script_xref(name:"GLSA", value:"201903-21");

  script_name(english:"GLSA-201903-21 : Apache: Multiple vulnerabilities");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-201903-21
(Apache: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Apache. Please review
      the CVE identifiers referenced below for details.
  
Impact :

    A remote attacker can possibly cause a Denial of Service condition or
      could bypass mod_session_cookie expiration time.
  
Workaround :

    There is no known workaround at this time."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/201903-21"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"All Apache users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '&gt;=www-servers/apache-2.4.38-r1'"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:apache");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/11/19");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/03/28");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/03/28");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"www-servers/apache", unaffected:make_list("ge 2.4.38-r1"), vulnerable:make_list("lt 2.4.38-r1"))) flag++;

if (flag)
{
  if (report_verbosity &gt; 0) security_hole(port:0, extra:qpkg_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Apache");
}

JSON Vulners Source

Initial Source

{"id": "GENTOO_GLSA-201903-21.NASL", "bulletinFamily": "scanner", "title": "GLSA-201903-21 : Apache: Multiple vulnerabilities", "description": "The remote host is affected by the vulnerability described in GLSA-201903-21\n(Apache: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Apache. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker can possibly cause a Denial of Service condition or\n could bypass mod_session_cookie expiration time.\n \nWorkaround :\n\n There is no known workaround at this time.", "published": "2019-03-28T00:00:00", "modified": "2020-04-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/123427", "reporter": "This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://security.gentoo.org/glsa/201903-21"], "cvelist": ["CVE-2019-0190", "CVE-2018-17190", "CVE-2018-17199", "CVE-2018-17189"], "type": "nessus", "lastseen": "2020-04-01T00:23:09", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:apache"], "cvelist": ["CVE-2019-0190", "CVE-2018-17190", "CVE-2018-17199", "CVE-2018-17189"], "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "description": "The remote host is affected by the vulnerability described in GLSA-201903-21\n(Apache: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Apache. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker can possibly cause a Denial of Service condition or\n could bypass mod_session_cookie expiration time.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 3, "enchantments": {"dependencies": {"modified": "2019-12-13T07:38:40", "references": [{"idList": ["OPENSUSE-SU-2019:0296-1", "OPENSUSE-SU-2019:0305-1"], "type": "suse"}, {"idList": ["APACHE_2_4_38.NASL", "PHOTONOS_PHSA-2019-1_0-0230_HTTPD.NASL", "PHOTONOS_PHSA-2019-2_0-0157_HTTPD.NASL", "ALA_ALAS-2019-1166.NASL", "SUSE_SU-2019-0498-1.NASL", "SLACKWARE_SSA_2019-022-01.NASL", "SUSE_SU-2019-0504-1.NASL", "OPENSUSE-2019-305.NASL", "FREEBSD_PKG_EB888CE51F1911E9BE054C72B94353B5.NASL", "OPENSUSE-2019-296.NASL"], "type": "nessus"}, {"idList": ["GHSA-PHG2-9C5G-M4Q7"], "type": "github"}, {"idList": ["ORACLE:CPUJUL2019-5072835", "ORACLE:CPUAPR2019-5072813"], "type": "oracle"}, {"idList": ["RHSA-2019:4126", "RHSA-2019:3933", "RHSA-2019:3935", "RHSA-2019:3932"], "type": "redhat"}, {"idList": ["ALAS-2019-1166"], "type": "amazon"}, {"idList": ["GLSA-201903-21"], "type": "gentoo"}, {"idList": ["OPENVAS:1361412562310704422", "OPENVAS:1361412562310891647", "OPENVAS:1361412562310843965", "OPENVAS:1361412562310141964", "OPENVAS:1361412562310852334", "OPENVAS:1361412562310141962", "OPENVAS:1361412562310141963", "OPENVAS:1361412562310141965", "OPENVAS:1361412562310141966", "OPENVAS:1361412562310852336"], "type": "openvas"}, {"idList": ["F5:K54296221", "F5:K86612211", "F5:K22893952"], "type": "f5"}, {"idList": ["CVE-2019-0190", "CVE-2018-17190", "CVE-2018-17199", "CVE-2018-17189"], "type": "cve"}, {"idList": ["SSA-2019-022-01"], "type": "slackware"}, {"idList": ["USN-3937-1"], "type": "ubuntu"}, {"idList": ["MYHACK58:62201992743"], "type": "myhack58"}, {"idList": ["HTTPD:E72230CF9BB006F96B51EF7B53B20FA0", "HTTPD:B2B68FFCE0FB45D09BE91EE9ECBA07F6", "HTTPD:4EC9662496A151DDE6D030D9127572E7"], "type": "httpd"}, {"idList": ["EB888CE5-1F19-11E9-BE05-4C72B94353B5"], "type": "freebsd"}, {"idList": ["DEBIAN:DSA-4422-1:16F13", "DEBIAN:DLA-1647-1:786B3"], "type": "debian"}]}, "score": {"modified": "2019-12-13T07:38:40", "value": 5.6, "vector": "NONE"}}, "hash": "99ecdebfdb3f5163b0bec239af95457dba9bf60130c27277cfb1b0452ce20884", "hashmap": [{"hash": "15b51f2b7f55c906725fa9b3f7c08dff", "key": "cvelist"}, {"hash": "7c7bd99fc71463284e3a19b2ff353534", "key": "cpe"}, {"hash": "b8dcb0bced358725eb067bb81663476d", "key": "published"}, {"hash": "cc32ee054408acd30fefb318704802c6", "key": "sourceData"}, {"hash": "11426d38796b01509eda4b19dc12a01e", "key": "reporter"}, {"hash": "5cd62a7c81a1b77266c85de917d471e6", "key": "title"}, {"hash": "a06b34abc8f9f4da3ddfa73f8b002d75", "key": "references"}, {"hash": "912a281158725651aa970351722acbae", "key": "description"}, {"hash": "60d3b40a96dbe3faf1fe7ff6994e5981", "key": "pluginID"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "de48d12f064497374e21d00f735352b8", "key": "href"}, {"hash": "0b053db5674b87efff89989a8a720df3", "key": "cvss"}, {"hash": "cf18d881f0f76f23f322ed3f861d3616", "key": "naslFamily"}, {"hash": "5a7504dfe859a7ccbaf560628f6442ad", "key": "modified"}], "history": [], "href": "https://www.tenable.com/plugins/nessus/123427", "id": "GENTOO_GLSA-201903-21.NASL", "lastseen": "2019-12-13T07:38:40", "modified": "2019-12-02T00:00:00", "naslFamily": "Gentoo Local Security Checks", "objectVersion": "1.3", "pluginID": "123427", "published": "2019-03-28T00:00:00", "references": ["https://security.gentoo.org/glsa/201903-21"], "reporter": "This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201903-21.\n#\n# The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123427);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2019/03/28 10:07:14\");\n\n script_cve_id(\"CVE-2018-17189\", \"CVE-2018-17190\", \"CVE-2018-17199\", \"CVE-2019-0190\");\n script_xref(name:\"GLSA\", value:\"201903-21\");\n\n script_name(english:\"GLSA-201903-21 : Apache: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201903-21\n(Apache: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Apache. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker can possibly cause a Denial of Service condition or\n could bypass mod_session_cookie expiration time.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201903-21\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Apache users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/apache-2.4.38-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:apache\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-servers/apache\", unaffected:make_list(\"ge 2.4.38-r1\"), vulnerable:make_list(\"lt 2.4.38-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Apache\");\n}\n", "title": "GLSA-201903-21 : Apache: Multiple vulnerabilities", "type": "nessus", "viewCount": 2}, "differentElements": ["modified"], "edition": 3, "lastseen": "2019-12-13T07:38:40"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:apache"], "cvelist": ["CVE-2019-0190", "CVE-2018-17190", "CVE-2018-17199", "CVE-2018-17189"], "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "description": "The remote host is affected by the vulnerability described in GLSA-201903-21\n(Apache: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Apache. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker can possibly cause a Denial of Service condition or\n could bypass mod_session_cookie expiration time.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 2, "enchantments": {"dependencies": {"modified": "2019-11-01T02:42:51", "references": [{"idList": ["OPENSUSE-SU-2019:0296-1", "OPENSUSE-SU-2019:0305-1"], "type": "suse"}, {"idList": ["APACHE_2_4_38.NASL", "PHOTONOS_PHSA-2019-1_0-0230_HTTPD.NASL", "PHOTONOS_PHSA-2019-2_0-0157_HTTPD.NASL", "ALA_ALAS-2019-1166.NASL", "SUSE_SU-2019-0498-1.NASL", "SLACKWARE_SSA_2019-022-01.NASL", "SUSE_SU-2019-0504-1.NASL", "OPENSUSE-2019-305.NASL", "FREEBSD_PKG_EB888CE51F1911E9BE054C72B94353B5.NASL", "OPENSUSE-2019-296.NASL"], "type": "nessus"}, {"idList": ["ORACLE:CPUJUL2019-5072835", "ORACLE:CPUAPR2019-5072813"], "type": "oracle"}, {"idList": ["ALAS-2019-1166"], "type": "amazon"}, {"idList": ["GLSA-201903-21"], "type": "gentoo"}, {"idList": ["OPENVAS:1361412562310704422", "OPENVAS:1361412562310891647", "OPENVAS:1361412562310843965", "OPENVAS:1361412562310141964", "OPENVAS:1361412562310852334", "OPENVAS:1361412562310141962", "OPENVAS:1361412562310141963", "OPENVAS:1361412562310141965", "OPENVAS:1361412562310141966", "OPENVAS:1361412562310852336"], "type": "openvas"}, {"idList": ["F5:K54296221", "F5:K86612211", "F5:K22893952"], "type": "f5"}, {"idList": ["CVE-2019-0190", "CVE-2018-17190", "CVE-2018-17199", "CVE-2018-17189"], "type": "cve"}, {"idList": ["SSA-2019-022-01"], "type": "slackware"}, {"idList": ["USN-3937-1"], "type": "ubuntu"}, {"idList": ["MYHACK58:62201992743"], "type": "myhack58"}, {"idList": ["HTTPD:E72230CF9BB006F96B51EF7B53B20FA0", "HTTPD:B2B68FFCE0FB45D09BE91EE9ECBA07F6", "HTTPD:4EC9662496A151DDE6D030D9127572E7"], "type": "httpd"}, {"idList": ["EB888CE5-1F19-11E9-BE05-4C72B94353B5"], "type": "freebsd"}, {"idList": ["DEBIAN:DSA-4422-1:16F13", "DEBIAN:DLA-1647-1:786B3"], "type": "debian"}]}, "score": {"modified": "2019-11-01T02:42:51", "value": 5.6, "vector": "NONE"}}, "hash": "ab986f8c69c0336678de21b26ff96203a7b68911cd26389cb16e51d25001f99b", "hashmap": [{"hash": "15b51f2b7f55c906725fa9b3f7c08dff", "key": "cvelist"}, {"hash": "7c7bd99fc71463284e3a19b2ff353534", "key": "cpe"}, {"hash": "abcf9266f425f12dda38f529cd4a94bc", "key": "modified"}, {"hash": "b8dcb0bced358725eb067bb81663476d", "key": "published"}, {"hash": "cc32ee054408acd30fefb318704802c6", "key": "sourceData"}, {"hash": "11426d38796b01509eda4b19dc12a01e", "key": "reporter"}, {"hash": "5cd62a7c81a1b77266c85de917d471e6", "key": "title"}, {"hash": "a06b34abc8f9f4da3ddfa73f8b002d75", "key": "references"}, {"hash": "912a281158725651aa970351722acbae", "key": "description"}, {"hash": "60d3b40a96dbe3faf1fe7ff6994e5981", "key": "pluginID"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "de48d12f064497374e21d00f735352b8", "key": "href"}, {"hash": "0b053db5674b87efff89989a8a720df3", "key": "cvss"}, {"hash": "cf18d881f0f76f23f322ed3f861d3616", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/nessus/123427", "id": "GENTOO_GLSA-201903-21.NASL", "lastseen": "2019-11-01T02:42:51", "modified": "2019-11-02T00:00:00", "naslFamily": "Gentoo Local Security Checks", "objectVersion": "1.3", "pluginID": "123427", "published": "2019-03-28T00:00:00", "references": ["https://security.gentoo.org/glsa/201903-21"], "reporter": "This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201903-21.\n#\n# The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123427);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2019/03/28 10:07:14\");\n\n script_cve_id(\"CVE-2018-17189\", \"CVE-2018-17190\", \"CVE-2018-17199\", \"CVE-2019-0190\");\n script_xref(name:\"GLSA\", value:\"201903-21\");\n\n script_name(english:\"GLSA-201903-21 : Apache: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201903-21\n(Apache: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Apache. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker can possibly cause a Denial of Service condition or\n could bypass mod_session_cookie expiration time.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201903-21\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Apache users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/apache-2.4.38-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:apache\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-servers/apache\", unaffected:make_list(\"ge 2.4.38-r1\"), vulnerable:make_list(\"lt 2.4.38-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Apache\");\n}\n", "title": "GLSA-201903-21 : Apache: Multiple vulnerabilities", "type": "nessus", "viewCount": 1}, "differentElements": ["modified"], "edition": 2, "lastseen": "2019-11-01T02:42:51"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:apache"], "cvelist": ["CVE-2019-0190", "CVE-2018-17190", "CVE-2018-17199", "CVE-2018-17189"], "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "description": "The remote host is affected by the vulnerability described in GLSA-201903-21\n(Apache: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Apache. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker can possibly cause a Denial of Service condition or\n could bypass mod_session_cookie expiration time.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 7, "enchantments": {"dependencies": {"modified": "2020-03-18T00:26:24", "references": [{"idList": ["OPENSUSE-SU-2019:0296-1", "OPENSUSE-SU-2019:0305-1"], "type": "suse"}, {"idList": ["OPENVAS:1361412562310704422", "OPENVAS:1361412562310852334", "OPENVAS:1361412562311220191294", "OPENVAS:1361412562311220191113", "OPENVAS:1361412562311220191271", "OPENVAS:1361412562311220191137", "OPENVAS:1361412562310141963", "OPENVAS:1361412562310141965", "OPENVAS:1361412562310141966", "OPENVAS:1361412562310852336"], "type": "openvas"}, {"idList": ["APACHE_2_4_38.NASL", "PHOTONOS_PHSA-2019-1_0-0230_HTTPD.NASL", "PHOTONOS_PHSA-2019-2_0-0157_HTTPD.NASL", "ALA_ALAS-2019-1166.NASL", "SUSE_SU-2019-0498-1.NASL", "SLACKWARE_SSA_2019-022-01.NASL", "SUSE_SU-2019-0504-1.NASL", "OPENSUSE-2019-305.NASL", "FREEBSD_PKG_EB888CE51F1911E9BE054C72B94353B5.NASL", "OPENSUSE-2019-296.NASL"], "type": "nessus"}, {"idList": ["GHSA-PHG2-9C5G-M4Q7"], "type": "github"}, {"idList": ["ORACLE:CPUJUL2019-5072835", "ORACLE:CPUAPR2019-5072813"], "type": "oracle"}, {"idList": ["RHSA-2019:4126", "RHSA-2019:3933", "RHSA-2019:3935", "RHSA-2019:3932"], "type": "redhat"}, {"idList": ["ALAS-2019-1166"], "type": "amazon"}, {"idList": ["GLSA-201903-21"], "type": "gentoo"}, {"idList": ["F5:K54296221", "F5:K86612211", "F5:K22893952"], "type": "f5"}, {"idList": ["CVE-2019-0190", "CVE-2018-17190", "CVE-2018-17199", "CVE-2018-17189"], "type": "cve"}, {"idList": ["SSA-2019-022-01"], "type": "slackware"}, {"idList": ["USN-3937-1"], "type": "ubuntu"}, {"idList": ["MYHACK58:62201992743"], "type": "myhack58"}, {"idList": ["HTTPD:E72230CF9BB006F96B51EF7B53B20FA0", "HTTPD:B2B68FFCE0FB45D09BE91EE9ECBA07F6", "HTTPD:4EC9662496A151DDE6D030D9127572E7"], "type": "httpd"}, {"idList": ["EB888CE5-1F19-11E9-BE05-4C72B94353B5"], "type": "freebsd"}, {"idList": ["DEBIAN:DSA-4422-1:16F13", "DEBIAN:DLA-1647-1:786B3"], "type": "debian"}]}, "score": {"modified": "2020-03-18T00:26:24", "value": 6.2, "vector": "NONE"}}, "hash": "564905f0645f472c2264edef18cffc76e04c74b3ce2a42482d5d73c46a05d087", "hashmap": [{"hash": "5a9cdaa8e5d71cddd7f051f33c585af7", "key": "cvss3"}, {"hash": "af24fd3fdacb4d500ae9d1e724743016", "key": "modified"}, {"hash": "15b51f2b7f55c906725fa9b3f7c08dff", "key": "cvelist"}, {"hash": "7c7bd99fc71463284e3a19b2ff353534", "key": "cpe"}, {"hash": "b8dcb0bced358725eb067bb81663476d", "key": "published"}, {"hash": "fadbf83c8a70456e4bc89c88a27964cc", "key": "sourceData"}, {"hash": "5cd62a7c81a1b77266c85de917d471e6", "key": "title"}, {"hash": "a06b34abc8f9f4da3ddfa73f8b002d75", "key": "references"}, {"hash": "912a281158725651aa970351722acbae", "key": "description"}, {"hash": "60d3b40a96dbe3faf1fe7ff6994e5981", "key": "pluginID"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "de48d12f064497374e21d00f735352b8", "key": "href"}, {"hash": "0b053db5674b87efff89989a8a720df3", "key": "cvss"}, {"hash": "cf18d881f0f76f23f322ed3f861d3616", "key": "naslFamily"}, {"hash": "fb990daaf8c857a86bab9781b4ab4b5e", "key": "reporter"}], "history": [], "href": "https://www.tenable.com/plugins/nessus/123427", "id": "GENTOO_GLSA-201903-21.NASL", "lastseen": "2020-03-18T00:26:24", "modified": "2020-03-02T00:00:00", "naslFamily": "Gentoo Local Security Checks", "objectVersion": "1.3", "pluginID": "123427", "published": "2019-03-28T00:00:00", "references": ["https://security.gentoo.org/glsa/201903-21"], "reporter": "This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201903-21.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123427);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/27\");\n\n script_cve_id(\"CVE-2018-17189\", \"CVE-2018-17190\", \"CVE-2018-17199\", \"CVE-2019-0190\");\n script_xref(name:\"GLSA\", value:\"201903-21\");\n\n script_name(english:\"GLSA-201903-21 : Apache: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201903-21\n(Apache: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Apache. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker can possibly cause a Denial of Service condition or\n could bypass mod_session_cookie expiration time.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201903-21\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Apache users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/apache-2.4.38-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:apache\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-servers/apache\", unaffected:make_list(\"ge 2.4.38-r1\"), vulnerable:make_list(\"lt 2.4.38-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Apache\");\n}\n", "title": "GLSA-201903-21 : Apache: Multiple vulnerabilities", "type": "nessus", "viewCount": 5}, "differentElements": ["modified"], "edition": 7, "lastseen": "2020-03-18T00:26:24"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:apache"], "cvelist": ["CVE-2019-0190", "CVE-2018-17190", "CVE-2018-17199", "CVE-2018-17189"], "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "description": "The remote host is affected by the vulnerability described in GLSA-201903-21\n(Apache: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Apache. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker can possibly cause a Denial of Service condition or\n could bypass mod_session_cookie expiration time.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 4, "enchantments": {"dependencies": {"modified": "2020-01-01T07:54:32", "references": [{"idList": ["OPENSUSE-SU-2019:0296-1", "OPENSUSE-SU-2019:0305-1"], "type": "suse"}, {"idList": ["APACHE_2_4_38.NASL", "PHOTONOS_PHSA-2019-1_0-0230_HTTPD.NASL", "PHOTONOS_PHSA-2019-2_0-0157_HTTPD.NASL", "ALA_ALAS-2019-1166.NASL", "SUSE_SU-2019-0498-1.NASL", "SLACKWARE_SSA_2019-022-01.NASL", "SUSE_SU-2019-0504-1.NASL", "OPENSUSE-2019-305.NASL", "FREEBSD_PKG_EB888CE51F1911E9BE054C72B94353B5.NASL", "OPENSUSE-2019-296.NASL"], "type": "nessus"}, {"idList": ["GHSA-PHG2-9C5G-M4Q7"], "type": "github"}, {"idList": ["ORACLE:CPUJUL2019-5072835", "ORACLE:CPUAPR2019-5072813"], "type": "oracle"}, {"idList": ["RHSA-2019:4126", "RHSA-2019:3933", "RHSA-2019:3935", "RHSA-2019:3932"], "type": "redhat"}, {"idList": ["ALAS-2019-1166"], "type": "amazon"}, {"idList": ["OPENVAS:1361412562310704422", "OPENVAS:1361412562310891647", "OPENVAS:1361412562310843965", "OPENVAS:1361412562310141961", "OPENVAS:1361412562310141964", "OPENVAS:1361412562310852334", "OPENVAS:1361412562310141963", "OPENVAS:1361412562310141965", "OPENVAS:1361412562310141966", "OPENVAS:1361412562310852336"], "type": "openvas"}, {"idList": ["GLSA-201903-21"], "type": "gentoo"}, {"idList": ["F5:K54296221", "F5:K86612211", "F5:K22893952"], "type": "f5"}, {"idList": ["CVE-2019-0190", "CVE-2018-17190", "CVE-2018-17199", "CVE-2018-17189"], "type": "cve"}, {"idList": ["SSA-2019-022-01"], "type": "slackware"}, {"idList": ["USN-3937-1"], "type": "ubuntu"}, {"idList": ["MYHACK58:62201992743"], "type": "myhack58"}, {"idList": ["HTTPD:E72230CF9BB006F96B51EF7B53B20FA0", "HTTPD:B2B68FFCE0FB45D09BE91EE9ECBA07F6", "HTTPD:4EC9662496A151DDE6D030D9127572E7"], "type": "httpd"}, {"idList": ["EB888CE5-1F19-11E9-BE05-4C72B94353B5"], "type": "freebsd"}, {"idList": ["DEBIAN:DSA-4422-1:16F13", "DEBIAN:DLA-1647-1:786B3"], "type": "debian"}]}, "score": {"modified": "2020-01-01T07:54:32", "value": 5.6, "vector": "NONE"}}, "hash": "43093b9012c15342c42a7addbc2db2cfb7d0ce72a260218b9efe58bb02e00d6f", "hashmap": [{"hash": "15b51f2b7f55c906725fa9b3f7c08dff", "key": "cvelist"}, {"hash": "7c7bd99fc71463284e3a19b2ff353534", "key": "cpe"}, {"hash": "b8dcb0bced358725eb067bb81663476d", "key": "published"}, {"hash": "cc32ee054408acd30fefb318704802c6", "key": "sourceData"}, {"hash": "11426d38796b01509eda4b19dc12a01e", "key": "reporter"}, {"hash": "2249940a684898a70237266de5d6dd6c", "key": "modified"}, {"hash": "5cd62a7c81a1b77266c85de917d471e6", "key": "title"}, {"hash": "a06b34abc8f9f4da3ddfa73f8b002d75", "key": "references"}, {"hash": "912a281158725651aa970351722acbae", "key": "description"}, {"hash": "60d3b40a96dbe3faf1fe7ff6994e5981", "key": "pluginID"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "de48d12f064497374e21d00f735352b8", "key": "href"}, {"hash": "0b053db5674b87efff89989a8a720df3", "key": "cvss"}, {"hash": "cf18d881f0f76f23f322ed3f861d3616", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/nessus/123427", "id": "GENTOO_GLSA-201903-21.NASL", "lastseen": "2020-01-01T07:54:32", "modified": "2020-01-02T00:00:00", "naslFamily": "Gentoo Local Security Checks", "objectVersion": "1.3", "pluginID": "123427", "published": "2019-03-28T00:00:00", "references": ["https://security.gentoo.org/glsa/201903-21"], "reporter": "This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201903-21.\n#\n# The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123427);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2019/03/28 10:07:14\");\n\n script_cve_id(\"CVE-2018-17189\", \"CVE-2018-17190\", \"CVE-2018-17199\", \"CVE-2019-0190\");\n script_xref(name:\"GLSA\", value:\"201903-21\");\n\n script_name(english:\"GLSA-201903-21 : Apache: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201903-21\n(Apache: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Apache. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker can possibly cause a Denial of Service condition or\n could bypass mod_session_cookie expiration time.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201903-21\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Apache users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/apache-2.4.38-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:apache\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-servers/apache\", unaffected:make_list(\"ge 2.4.38-r1\"), vulnerable:make_list(\"lt 2.4.38-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Apache\");\n}\n", "title": "GLSA-201903-21 : Apache: Multiple vulnerabilities", "type": "nessus", "viewCount": 3}, "differentElements": ["reporter", "sourceData"], "edition": 4, "lastseen": "2020-01-01T07:54:32"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:apache"], "cvelist": ["CVE-2019-0190", "CVE-2018-17190", "CVE-2018-17199", "CVE-2018-17189"], "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss3": {}, "description": "The remote host is affected by the vulnerability described in GLSA-201903-21\n(Apache: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Apache. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker can possibly cause a Denial of Service condition or\n could bypass mod_session_cookie expiration time.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 6, "enchantments": {"dependencies": {"modified": "2020-02-01T00:06:01", "references": [{"idList": ["OPENSUSE-SU-2019:0296-1", "OPENSUSE-SU-2019:0305-1"], "type": "suse"}, {"idList": ["APACHE_2_4_38.NASL", "PHOTONOS_PHSA-2019-1_0-0230_HTTPD.NASL", "PHOTONOS_PHSA-2019-2_0-0157_HTTPD.NASL", "ALA_ALAS-2019-1166.NASL", "SUSE_SU-2019-0498-1.NASL", "SLACKWARE_SSA_2019-022-01.NASL", "SUSE_SU-2019-0504-1.NASL", "OPENSUSE-2019-305.NASL", "FREEBSD_PKG_EB888CE51F1911E9BE054C72B94353B5.NASL", "OPENSUSE-2019-296.NASL"], "type": "nessus"}, {"idList": ["GHSA-PHG2-9C5G-M4Q7"], "type": "github"}, {"idList": ["ORACLE:CPUJUL2019-5072835", "ORACLE:CPUAPR2019-5072813"], "type": "oracle"}, {"idList": ["RHSA-2019:4126", "RHSA-2019:3933", "RHSA-2019:3935", "RHSA-2019:3932"], "type": "redhat"}, {"idList": ["ALAS-2019-1166"], "type": "amazon"}, {"idList": ["GLSA-201903-21"], "type": "gentoo"}, {"idList": ["F5:K54296221", "F5:K86612211", "F5:K22893952"], "type": "f5"}, {"idList": ["CVE-2019-0190", "CVE-2018-17190", "CVE-2018-17199", "CVE-2018-17189"], "type": "cve"}, {"idList": ["SSA-2019-022-01"], "type": "slackware"}, {"idList": ["USN-3937-1"], "type": "ubuntu"}, {"idList": ["MYHACK58:62201992743"], "type": "myhack58"}, {"idList": ["OPENVAS:1361412562310704422", "OPENVAS:1361412562310891647", "OPENVAS:1361412562310843965", "OPENVAS:1361412562310852334", "OPENVAS:1361412562311220191294", "OPENVAS:1361412562311220191137", "OPENVAS:1361412562310141963", "OPENVAS:1361412562310141965", "OPENVAS:1361412562310141966", "OPENVAS:1361412562310852336"], "type": "openvas"}, {"idList": ["HTTPD:E72230CF9BB006F96B51EF7B53B20FA0", "HTTPD:B2B68FFCE0FB45D09BE91EE9ECBA07F6", "HTTPD:4EC9662496A151DDE6D030D9127572E7"], "type": "httpd"}, {"idList": ["EB888CE5-1F19-11E9-BE05-4C72B94353B5"], "type": "freebsd"}, {"idList": ["DEBIAN:DSA-4422-1:16F13", "DEBIAN:DLA-1647-1:786B3"], "type": "debian"}]}, "score": {"modified": "2020-02-01T00:06:01", "value": 6.2, "vector": "NONE"}}, "hash": "25c297ee37e4254f8fb07f7381fdcf807f9c971ddd2a725bf76c2fb1d14facd6", "hashmap": [{"hash": "15b51f2b7f55c906725fa9b3f7c08dff", "key": "cvelist"}, {"hash": "7c7bd99fc71463284e3a19b2ff353534", "key": "cpe"}, {"hash": "b8dcb0bced358725eb067bb81663476d", "key": "published"}, {"hash": "fadbf83c8a70456e4bc89c88a27964cc", "key": "sourceData"}, {"hash": "5cd62a7c81a1b77266c85de917d471e6", "key": "title"}, {"hash": "a06b34abc8f9f4da3ddfa73f8b002d75", "key": "references"}, {"hash": "912a281158725651aa970351722acbae", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "248ddfee5cc8aa2c1a4fce14baf1e1b1", "key": "modified"}, {"hash": "60d3b40a96dbe3faf1fe7ff6994e5981", "key": "pluginID"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "de48d12f064497374e21d00f735352b8", "key": "href"}, {"hash": "0b053db5674b87efff89989a8a720df3", "key": "cvss"}, {"hash": "cf18d881f0f76f23f322ed3f861d3616", "key": "naslFamily"}, {"hash": "fb990daaf8c857a86bab9781b4ab4b5e", "key": "reporter"}], "history": [], "href": "https://www.tenable.com/plugins/nessus/123427", "id": "GENTOO_GLSA-201903-21.NASL", "lastseen": "2020-02-01T00:06:01", "modified": "2020-02-02T00:00:00", "naslFamily": "Gentoo Local Security Checks", "objectVersion": "1.3", "pluginID": "123427", "published": "2019-03-28T00:00:00", "references": ["https://security.gentoo.org/glsa/201903-21"], "reporter": "This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201903-21.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123427);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/27\");\n\n script_cve_id(\"CVE-2018-17189\", \"CVE-2018-17190\", \"CVE-2018-17199\", \"CVE-2019-0190\");\n script_xref(name:\"GLSA\", value:\"201903-21\");\n\n script_name(english:\"GLSA-201903-21 : Apache: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201903-21\n(Apache: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Apache. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker can possibly cause a Denial of Service condition or\n could bypass mod_session_cookie expiration time.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201903-21\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Apache users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/apache-2.4.38-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:apache\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-servers/apache\", unaffected:make_list(\"ge 2.4.38-r1\"), vulnerable:make_list(\"lt 2.4.38-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Apache\");\n}\n", "title": "GLSA-201903-21 : Apache: Multiple vulnerabilities", "type": "nessus", "viewCount": 5}, "differentElements": ["cvss3", "modified"], "edition": 6, "lastseen": "2020-02-01T00:06:01"}], "edition": 8, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "7c7bd99fc71463284e3a19b2ff353534"}, {"key": "cvelist", "hash": "15b51f2b7f55c906725fa9b3f7c08dff"}, {"key": "cvss", "hash": "0b053db5674b87efff89989a8a720df3"}, {"key": "cvss3", "hash": "5a9cdaa8e5d71cddd7f051f33c585af7"}, {"key": "description", "hash": "912a281158725651aa970351722acbae"}, {"key": "href", "hash": "de48d12f064497374e21d00f735352b8"}, {"key": "modified", "hash": "0658bb008399a687b703257886c78457"}, {"key": "naslFamily", "hash": "cf18d881f0f76f23f322ed3f861d3616"}, {"key": "pluginID", "hash": "60d3b40a96dbe3faf1fe7ff6994e5981"}, {"key": "published", "hash": "b8dcb0bced358725eb067bb81663476d"}, {"key": "references", "hash": "a06b34abc8f9f4da3ddfa73f8b002d75"}, {"key": "reporter", "hash": "fb990daaf8c857a86bab9781b4ab4b5e"}, {"key": "sourceData", "hash": "fadbf83c8a70456e4bc89c88a27964cc"}, {"key": "title", "hash": "5cd62a7c81a1b77266c85de917d471e6"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "6ef776c2bd8f10816f2962c5eeb99cef2597413a2f13b9dded50c5375c354587", "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2018-17190", "CVE-2018-17189", "CVE-2018-17199", "CVE-2019-0190"]}, {"type": "gentoo", "idList": ["GLSA-201903-21"]}, {"type": "f5", "idList": ["F5:K86612211", "F5:K54296221", "F5:K22893952"]}, {"type": "slackware", "idList": ["SSA-2019-022-01"]}, {"type": "freebsd", "idList": ["EB888CE5-1F19-11E9-BE05-4C72B94353B5"]}, {"type": "amazon", "idList": ["ALAS-2019-1166"]}, {"type": "nessus", "idList": ["SLACKWARE_SSA_2019-022-01.NASL", "ALA_ALAS-2019-1166.NASL", "FREEBSD_PKG_EB888CE51F1911E9BE054C72B94353B5.NASL", "APACHE_2_4_38.NASL", "SUSE_SU-2019-0504-1.NASL", "OPENSUSE-2019-296.NASL", "OPENSUSE-2019-305.NASL", "SUSE_SU-2019-0498-1.NASL", "PHOTONOS_PHSA-2019-2_0-0157_HTTPD.NASL", "PHOTONOS_PHSA-2019-1_0-0230_HTTPD.NASL"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:0296-1", "OPENSUSE-SU-2019:0305-1"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310852334", "OPENVAS:1361412562310852336", "OPENVAS:1361412562310141963", "OPENVAS:1361412562310141966", "OPENVAS:1361412562310141965", "OPENVAS:1361412562310704422", "OPENVAS:1361412562311220191137", "OPENVAS:1361412562311220191294", "OPENVAS:1361412562310891647", "OPENVAS:1361412562310141964"]}, {"type": "myhack58", "idList": ["MYHACK58:62201992743"]}, {"type": "github", "idList": ["GHSA-PHG2-9C5G-M4Q7"]}, {"type": "httpd", "idList": ["HTTPD:4EC9662496A151DDE6D030D9127572E7", "HTTPD:B2B68FFCE0FB45D09BE91EE9ECBA07F6", "HTTPD:E72230CF9BB006F96B51EF7B53B20FA0"]}, {"type": "redhat", "idList": ["RHSA-2019:4126", "RHSA-2019:3933", "RHSA-2019:3932", "RHSA-2019:3935"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1647-1:786B3", "DEBIAN:DSA-4422-1:16F13"]}, {"type": "ubuntu", "idList": ["USN-3937-1"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2019-5072813", "ORACLE:CPUJUL2019-5072835"]}], "modified": "2020-04-01T00:23:09"}, "score": {"value": 6.2, "vector": "NONE", "modified": "2020-04-01T00:23:09"}, "vulnersScore": 6.2}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201903-21.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123427);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/27\");\n\n script_cve_id(\"CVE-2018-17189\", \"CVE-2018-17190\", \"CVE-2018-17199\", \"CVE-2019-0190\");\n script_xref(name:\"GLSA\", value:\"201903-21\");\n\n script_name(english:\"GLSA-201903-21 : Apache: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201903-21\n(Apache: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Apache. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker can possibly cause a Denial of Service condition or\n could bypass mod_session_cookie expiration time.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201903-21\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Apache users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/apache-2.4.38-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:apache\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-servers/apache\", unaffected:make_list(\"ge 2.4.38-r1\"), vulnerable:make_list(\"lt 2.4.38-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Apache\");\n}\n", "naslFamily": "Gentoo Local Security Checks", "pluginID": "123427", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:apache"], "scheme": null, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}

{"cve": [{"lastseen": "2019-10-04T12:26:04", "bulletinFamily": "NVD", "description": "In all versions of Apache Spark, its standalone resource manager accepts code to execute on a 'master' host, that then runs that code on 'worker' hosts. The master itself does not, by design, execute user code. A specially-crafted request to the master can, however, cause the master to execute code too. Note that this does not affect standalone clusters with authentication enabled. While the master host typically has less outbound access to other resources than a worker, the execution of code on the master is nevertheless unexpected.", "modified": "2019-10-03T00:03:00", "id": "CVE-2018-17190", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17190", "published": "2018-11-19T14:29:00", "title": "CVE-2018-17190", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-16T13:34:27", "bulletinFamily": "NVD", "description": "In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections.", "modified": "2019-07-23T23:15:00", "id": "CVE-2018-17189", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17189", "published": "2019-01-30T22:29:00", "title": "CVE-2018-17189", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-12-31T13:25:28", "bulletinFamily": "NVD", "description": "In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.", "modified": "2019-07-23T23:15:00", "id": "CVE-2018-17199", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17199", "published": "2019-01-30T22:29:00", "title": "CVE-2018-17199", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-12-17T12:59:01", "bulletinFamily": "NVD", "description": "A bug exists in the way mod_ssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause mod_ssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSSL version 1.1.1 or later, due to an interaction in changes to handling of renegotiation attempts.", "modified": "2019-07-23T23:15:00", "id": "CVE-2019-0190", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0190", "published": "2019-01-30T22:29:00", "title": "CVE-2019-0190", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "gentoo": [{"lastseen": "2019-03-28T06:33:59", "bulletinFamily": "unix", "description": "### Background\n\nThe Apache HTTP server is one of the most popular web servers on the Internet. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Apache. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker can possibly cause a Denial of Service condition or could bypass mod_session_cookie expiration time. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Apache users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-servers/apache-2.4.38-r1\"", "modified": "2019-03-28T00:00:00", "published": "2019-03-28T00:00:00", "id": "GLSA-201903-21", "href": "https://security.gentoo.org/glsa/201903-21", "title": "Apache: Multiple vulnerabilities", "type": "gentoo", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "f5": [{"lastseen": "2020-04-01T10:39:37", "bulletinFamily": "software", "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability, and no F5 products were found to be vulnerable.\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of AskF5 Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "modified": "2019-02-04T19:08:00", "published": "2019-02-04T19:08:00", "id": "F5:K86612211", "href": "https://support.f5.com/csp/article/K86612211", "title": "Apache vulnerability CVE-2018-17189 ", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-04-01T10:39:06", "bulletinFamily": "software", "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability, and no F5 products were found to be vulnerable.\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of AskF5 Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "modified": "2019-02-05T19:30:00", "published": "2019-02-05T19:30:00", "id": "F5:K54296221", "href": "https://support.f5.com/csp/article/K54296221", "title": "Apache httpd vulnerability CVE-2018-17199", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-04-01T10:38:47", "bulletinFamily": "software", "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability, and no F5 products were found to be vulnerable.\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of AskF5 Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "modified": "2019-02-04T19:02:00", "published": "2019-02-04T19:02:00", "id": "F5:K22893952", "href": "https://support.f5.com/csp/article/K22893952", "title": "Apache vulnerability CVE-2019-0190 ", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "slackware": [{"lastseen": "2019-05-30T07:36:58", "bulletinFamily": "unix", "description": "New httpd packages are available for Slackware 14.0, 14.1, 14.2, and -current to\nfix security issues.\n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n\npatches/packages/httpd-2.4.38-i586-1_slack14.2.txz: Upgraded.\n This release contains security fixes and improvements.\n mod_session: mod_session_cookie does not respect expiry time allowing\n sessions to be reused. [Hank Ibell]\n mod_http2: fixes a DoS attack vector. By sending slow request bodies\n to resources not consuming them, httpd cleanup code occupies a server\n thread unnecessarily. This was changed to an immediate stream reset\n which discards all stream state and incoming data. [Stefan Eissing]\n mod_ssl: Fix infinite loop triggered by a client-initiated\n renegotiation in TLSv1.2 (or earlier) with OpenSSL 1.1.1 and\n later. PR 63052. [Joe Orton]\n For more information, see:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0190\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/httpd-2.4.38-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/httpd-2.4.38-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/httpd-2.4.38-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/httpd-2.4.38-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/httpd-2.4.38-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/httpd-2.4.38-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/httpd-2.4.38-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/httpd-2.4.38-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.0 package:\n0adec00319bf7b7cdc6fed26e4309233 httpd-2.4.38-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n4f1cf21ed7894aa45705fb0ece40d48f httpd-2.4.38-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\neb5d175119448650625b3cb4815f0dbc httpd-2.4.38-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\nd48c93611cc57a80f3cb8b719feda7a4 httpd-2.4.38-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\ne0c60fa30ab8676f935e6a5aed719c59 httpd-2.4.38-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\nc4efb726bf6fab65ed2340ac1e6c9731 httpd-2.4.38-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28055e1d52dd60e0d53681ac85b9d093 n/httpd-2.4.38-i586-1.txz\n\nSlackware x86_64 -current package:\n5d0f9e0ca0bb8add0ec6b4938497e465 n/httpd-2.4.38-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg httpd-2.4.38-i586-1_slack14.2.txz\n\nThen, restart Apache httpd:\n\n > /etc/rc.d/rc.httpd stop\n > /etc/rc.d/rc.httpd start", "modified": "2019-01-22T20:41:31", "published": "2019-01-22T20:41:31", "id": "SSA-2019-022-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2019&m=slackware-security.478594", "title": "httpd", "type": "slackware", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:31:47", "bulletinFamily": "unix", "description": "\nThe Apache httpd Project reports:\n\nSECURITY: CVE-2018-17199\n\t mod_session: mod_session_cookie does not respect expiry time allowing\n\t sessions to be reused.\nSECURITY: CVE-2019-0190\n\t mod_ssl: Fix infinite loop triggered by a client-initiated\n\t renegotiation in TLSv1.2 (or earlier) with OpenSSL 1.1.1 and\n\t later. PR 63052.\nSECURITY: CVE-2018-17189\n\t mod_http2: fixes a DoS attack vector. By sending slow request bodies\n\t to resources not consuming them, httpd cleanup code occupies a server\n\t thread unnecessarily. This was changed to an immediate stream reset\n\t which discards all stream state and incoming data.\n\n", "modified": "2019-01-22T00:00:00", "published": "2019-01-22T00:00:00", "id": "EB888CE5-1F19-11E9-BE05-4C72B94353B5", "href": "https://vuxml.freebsd.org/freebsd/eb888ce5-1f19-11e9-be05-4c72b94353b5.html", "title": "Apache -- vulnerability", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "amazon": [{"lastseen": "2019-05-29T19:20:39", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nIn Apache HTTP server by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections. ([CVE-2018-17189 __](<https://access.redhat.com/security/cve/CVE-2018-17189>))\n\nA bug exists in the way mod_ssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause mod_ssl to enter a loop leading to a denial of service. ([CVE-2019-0190 __](<https://access.redhat.com/security/cve/CVE-2019-0190>))\n\nIn Apache HTTP Server mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded. ([CVE-2018-17199 __](<https://access.redhat.com/security/cve/CVE-2018-17199>))\n\n \n**Affected Packages:** \n\n\nhttpd24\n\n \n**Issue Correction:** \nRun _yum update httpd24_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n mod24_md-2.4.38-1.86.amzn1.i686 \n mod24_session-2.4.38-1.86.amzn1.i686 \n httpd24-debuginfo-2.4.38-1.86.amzn1.i686 \n mod24_ssl-2.4.38-1.86.amzn1.i686 \n httpd24-2.4.38-1.86.amzn1.i686 \n mod24_ldap-2.4.38-1.86.amzn1.i686 \n httpd24-tools-2.4.38-1.86.amzn1.i686 \n httpd24-devel-2.4.38-1.86.amzn1.i686 \n mod24_proxy_html-2.4.38-1.86.amzn1.i686 \n \n noarch: \n httpd24-manual-2.4.38-1.86.amzn1.noarch \n \n src: \n httpd24-2.4.38-1.86.amzn1.src \n \n x86_64: \n httpd24-debuginfo-2.4.38-1.86.amzn1.x86_64 \n mod24_proxy_html-2.4.38-1.86.amzn1.x86_64 \n httpd24-2.4.38-1.86.amzn1.x86_64 \n mod24_ssl-2.4.38-1.86.amzn1.x86_64 \n mod24_md-2.4.38-1.86.amzn1.x86_64 \n mod24_session-2.4.38-1.86.amzn1.x86_64 \n httpd24-devel-2.4.38-1.86.amzn1.x86_64 \n mod24_ldap-2.4.38-1.86.amzn1.x86_64 \n httpd24-tools-2.4.38-1.86.amzn1.x86_64 \n \n \n", "modified": "2019-03-25T23:20:00", "published": "2019-03-25T23:20:00", "id": "ALAS-2019-1166", "href": "https://alas.aws.amazon.com/ALAS-2019-1166.html", "title": "Important: httpd24", "type": "amazon", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2020-03-17T22:48:05", "bulletinFamily": "scanner", "description": "According to its banner, the version of Apache running on the remote\nhost is 2.4.x prior to 2.4.38. It is, therefore, affected by multiple\nvulnerabilities:\n\n - A denial of service (DoS) vulnerability exists in HTTP/2 steam\n handling. An unauthenticated, remote attacker can exploit this\n issue, via sending request bodies in a slow loris way to plain\n resources, to occupy a server thread. (CVE-2018-17189)\n\n - A vulnerability exists in mod_sesion_cookie, as it does not\n properly check the expiry time of cookies. (CVE-2018-17199) \n\n - A denial of service (DoS) vulnerability exists in mod_ssl when\n used with OpenSSL 1.1.1 due to an interaction in changes to\n handling of renegotiation attempts. An unauthenticated, remote\n attacker can exploit this issue to cause mod_ssl to stop\n responding. (CVE-2019-0190)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application", "modified": "2020-03-02T00:00:00", "id": "APACHE_2_4_38.NASL", "href": "https://www.tenable.com/plugins/nessus/121355", "published": "2019-01-24T00:00:00", "title": "Apache 2.4.x < 2.4.38 Multiple Vulnerabilities", "type": "nessus", "sourceData": "\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121355);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/10/31 15:18:51\");\n\n script_cve_id(\"CVE-2018-17189\", \"CVE-2018-17199\", \"CVE-2019-0190\");\n\n script_name(english:\"Apache 2.4.x < 2.4.38 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version in Server response header.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Apache running on the remote\nhost is 2.4.x prior to 2.4.38. It is, therefore, affected by multiple\nvulnerabilities:\n\n - A denial of service (DoS) vulnerability exists in HTTP/2 steam\n handling. An unauthenticated, remote attacker can exploit this\n issue, via sending request bodies in a slow loris way to plain\n resources, to occupy a server thread. (CVE-2018-17189)\n\n - A vulnerability exists in mod_sesion_cookie, as it does not\n properly check the expiry time of cookies. (CVE-2018-17199) \n\n - A denial of service (DoS) vulnerability exists in mod_ssl when\n used with OpenSSL 1.1.1 due to an interaction in changes to\n handling of renegotiation attempts. An unauthenticated, remote\n attacker can exploit this issue to cause mod_ssl to stop\n responding. (CVE-2019-0190)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://archive.apache.org/dist/httpd/CHANGES_2.4.38\");\n script_set_attribute(attribute:\"see_also\", value:\"https://httpd.apache.org/security/vulnerabilities_24.html#2.4.38\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache version 2.4.38 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-17199\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:http_server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:httpd\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"apache_http_version.nasl\");\n script_require_keys(\"installed_sw/Apache\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:80);\nkb_base = \"www/apache/\"+port+\"/\";\nkb_ver = NULL;\nkb_backport = NULL;\nkb_source = NULL;\n\nif (get_kb_item(kb_base+\"version\")) kb_ver = kb_base+\"version\";\nif (get_kb_item(kb_base+\"backported\")) kb_backport = kb_base+\"backported\";\nif (get_kb_item(kb_base+\"source\")) kb_source = kb_base+\"source\";\n\napp_info = vcf::get_app_info(\n app:\"Apache\",\n port:port,\n kb_ver:kb_ver,\n kb_backport:kb_backport,\n kb_source:kb_source,\n service:TRUE\n);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\n# 2.4.38\nconstraints = [\n { \"min_version\":\"2.4\", \"fixed_version\":\"2.4.38\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-03-18T00:16:58", "bulletinFamily": "scanner", "description": "The Apache httpd Project reports :\n\nSECURITY: CVE-2018-17199 mod_session: mod_session_cookie does not\nrespect expiry time allowing sessions to be reused.\n\nSECURITY: CVE-2019-0190 mod_ssl: Fix infinite loop triggered by a\nclient-initiated renegotiation in TLSv1.2 (or earlier) with OpenSSL\n1.1.1 and later. PR 63052.\n\nSECURITY: CVE-2018-17189 mod_http2: fixes a DoS attack vector. By\nsending slow request bodies to resources not consuming them, httpd\ncleanup code occupies a server thread unnecessarily. This was changed\nto an immediate stream reset which discards all stream state and\nincoming data.", "modified": "2019-01-24T00:00:00", "id": "FREEBSD_PKG_EB888CE51F1911E9BE054C72B94353B5.NASL", "href": "https://www.tenable.com/plugins/nessus/121336", "published": "2019-01-24T00:00:00", "title": "FreeBSD : Apache -- vulnerability (eb888ce5-1f19-11e9-be05-4c72b94353b5)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121336);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2018-17189\", \"CVE-2018-17199\", \"CVE-2019-0190\");\n\n script_name(english:\"FreeBSD : Apache -- vulnerability (eb888ce5-1f19-11e9-be05-4c72b94353b5)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Apache httpd Project reports :\n\nSECURITY: CVE-2018-17199 mod_session: mod_session_cookie does not\nrespect expiry time allowing sessions to be reused.\n\nSECURITY: CVE-2019-0190 mod_ssl: Fix infinite loop triggered by a\nclient-initiated renegotiation in TLSv1.2 (or earlier) with OpenSSL\n1.1.1 and later. PR 63052.\n\nSECURITY: CVE-2018-17189 mod_http2: fixes a DoS attack vector. By\nsending slow request bodies to resources not consuming them, httpd\ncleanup code occupies a server thread unnecessarily. This was changed\nto an immediate stream reset which discards all stream state and\nincoming data.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.apache.org/dist/httpd/CHANGES_2.4.38\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://httpd.apache.org/security/vulnerabilities_24.html\"\n );\n # https://vuxml.freebsd.org/freebsd/eb888ce5-1f19-11e9-be05-4c72b94353b5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7ade32ea\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-17199\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:apache24\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"apache24<2.4.38\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-03-17T22:42:02", "bulletinFamily": "scanner", "description": "New httpd packages are available for Slackware 14.0, 14.1, 14.2, and\n-current to fix security issues.", "modified": "2019-01-23T00:00:00", "id": "SLACKWARE_SSA_2019-022-01.NASL", "href": "https://www.tenable.com/plugins/nessus/121327", "published": "2019-01-23T00:00:00", "title": "Slackware 14.0 / 14.1 / 14.2 / current : httpd (SSA:2019-022-01)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2019-022-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121327);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2018-17189\", \"CVE-2018-17199\", \"CVE-2019-0190\");\n script_xref(name:\"SSA\", value:\"2019-022-01\");\n\n script_name(english:\"Slackware 14.0 / 14.1 / 14.2 / current : httpd (SSA:2019-022-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New httpd packages are available for Slackware 14.0, 14.1, 14.2, and\n-current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2019&m=slackware-security.478594\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c8302654\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected httpd package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-17199\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.0\", pkgname:\"httpd\", pkgver:\"2.4.38\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"httpd\", pkgver:\"2.4.38\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"httpd\", pkgver:\"2.4.38\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"httpd\", pkgver:\"2.4.38\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"14.2\", pkgname:\"httpd\", pkgver:\"2.4.38\", pkgarch:\"i586\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"httpd\", pkgver:\"2.4.38\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"httpd\", pkgver:\"2.4.38\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"httpd\", pkgver:\"2.4.38\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-03-17T22:47:37", "bulletinFamily": "scanner", "description": "In Apache HTTP server by sending request bodies in a slow loris way to\nplain resources, the h2 stream for that request unnecessarily occupied\na server thread cleaning up that incoming data. This affects only\nHTTP/2 (mod_http2) connections. (CVE-2018-17189)\n\nA bug exists in the way mod_ssl handled client renegotiations. A\nremote attacker could send a carefully crafted request that would\ncause mod_ssl to enter a loop leading to a denial of service.\n(CVE-2019-0190)\n\nIn Apache HTTP Server mod_session checks the session expiry time\nbefore decoding the session. This causes session expiry time to be\nignored for mod_session_cookie sessions since the expiry time is\nloaded when the session is decoded. (CVE-2018-17199)", "modified": "2020-03-02T00:00:00", "id": "ALA_ALAS-2019-1166.NASL", "href": "https://www.tenable.com/plugins/nessus/122758", "published": "2019-03-12T00:00:00", "title": "Amazon Linux AMI : httpd24 (ALAS-2019-1166)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1166.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122758);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/02/05\");\n\n script_cve_id(\"CVE-2018-17189\", \"CVE-2018-17199\", \"CVE-2019-0190\");\n script_xref(name:\"ALAS\", value:\"2019-1166\");\n\n script_name(english:\"Amazon Linux AMI : httpd24 (ALAS-2019-1166)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"In Apache HTTP server by sending request bodies in a slow loris way to\nplain resources, the h2 stream for that request unnecessarily occupied\na server thread cleaning up that incoming data. This affects only\nHTTP/2 (mod_http2) connections. (CVE-2018-17189)\n\nA bug exists in the way mod_ssl handled client renegotiations. A\nremote attacker could send a carefully crafted request that would\ncause mod_ssl to enter a loop leading to a denial of service.\n(CVE-2019-0190)\n\nIn Apache HTTP Server mod_session checks the session expiry time\nbefore decoding the session. This causes session expiry time to be\nignored for mod_session_cookie sessions since the expiry time is\nloaded when the session is decoded. (CVE-2018-17199)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2019-1166.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update httpd24' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-17199\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd24-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd24-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd24-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd24-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_md\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_proxy_html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"httpd24-2.4.38-1.86.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"httpd24-debuginfo-2.4.38-1.86.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"httpd24-devel-2.4.38-1.86.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"httpd24-manual-2.4.38-1.86.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"httpd24-tools-2.4.38-1.86.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod24_ldap-2.4.38-1.86.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod24_md-2.4.38-1.86.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod24_proxy_html-2.4.38-1.86.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod24_session-2.4.38-1.86.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod24_ssl-2.4.38-1.86.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd24 / httpd24-debuginfo / httpd24-devel / httpd24-manual / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-04-01T02:55:02", "bulletinFamily": "scanner", "description": "This update for apache2 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-17189: Fixed a denial of service in mod_http2, via slow and\nunneeded request bodies (bsc#1122838)\n\nCVE-2018-17199: Fixed that mod_session_cookie did not respect expiry\ntime (bsc#1122839)\n\nNon-security issue fixed: sysconfig.d is not created anymore if it\nalready exists (bsc#1121086)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-04-02T00:00:00", "id": "SUSE_SU-2019-0504-1.NASL", "href": "https://www.tenable.com/plugins/nessus/122477", "published": "2019-02-27T00:00:00", "title": "SUSE SLED15 / SLES15 Security Update : apache2 (SUSE-SU-2019:0504-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0504-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122477);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/02/07\");\n\n script_cve_id(\"CVE-2018-17189\", \"CVE-2018-17199\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : apache2 (SUSE-SU-2019:0504-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for apache2 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-17189: Fixed a denial of service in mod_http2, via slow and\nunneeded request bodies (bsc#1122838)\n\nCVE-2018-17199: Fixed that mod_session_cookie did not respect expiry\ntime (bsc#1122839)\n\nNon-security issue fixed: sysconfig.d is not created anymore if it\nalready exists (bsc#1121086)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1122838\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1122839\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-17189/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-17199/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190504-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?29e83375\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Server Applications 15:zypper in -t\npatch SUSE-SLE-Module-Server-Applications-15-2019-504=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-504=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-17199\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-event\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-event-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-example-pages\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-prefork-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-worker-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"apache2-2.4.33-3.9.7\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"apache2-debuginfo-2.4.33-3.9.7\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"apache2-debugsource-2.4.33-3.9.7\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"apache2-devel-2.4.33-3.9.7\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"apache2-prefork-2.4.33-3.9.7\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"apache2-prefork-debuginfo-2.4.33-3.9.7\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"apache2-utils-2.4.33-3.9.7\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"apache2-utils-debuginfo-2.4.33-3.9.7\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"apache2-worker-2.4.33-3.9.7\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"apache2-worker-debuginfo-2.4.33-3.9.7\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"apache2-debuginfo-2.4.33-3.9.7\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"apache2-debugsource-2.4.33-3.9.7\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"apache2-event-2.4.33-3.9.7\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"apache2-event-debuginfo-2.4.33-3.9.7\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"apache2-example-pages-2.4.33-3.9.7\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"apache2-debuginfo-2.4.33-3.9.7\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"apache2-debugsource-2.4.33-3.9.7\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"apache2-event-2.4.33-3.9.7\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"apache2-event-debuginfo-2.4.33-3.9.7\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"apache2-example-pages-2.4.33-3.9.7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-04-01T02:55:02", "bulletinFamily": "scanner", "description": "This update for apache2 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-17189: Fixed a denial of service in mod_http2, via slow and\nunneeded request bodies (bsc#1122838)\n\nCVE-2018-17199: Fixed that mod_session_cookie did not respect expiry\ntime (bsc#1122839)\n\nNon-security issue fixed: sysconfig.d is not created anymore if it\nalready exists (bsc#1121086)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-04-02T00:00:00", "id": "SUSE_SU-2019-0498-1.NASL", "href": "https://www.tenable.com/plugins/nessus/122475", "published": "2019-02-27T00:00:00", "title": "SUSE SLES12 Security Update : apache2 (SUSE-SU-2019:0498-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0498-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122475);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/02/07\");\n\n script_cve_id(\"CVE-2018-17189\", \"CVE-2018-17199\");\n\n script_name(english:\"SUSE SLES12 Security Update : apache2 (SUSE-SU-2019:0498-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for apache2 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-17189: Fixed a denial of service in mod_http2, via slow and\nunneeded request bodies (bsc#1122838)\n\nCVE-2018-17199: Fixed that mod_session_cookie did not respect expiry\ntime (bsc#1122839)\n\nNon-security issue fixed: sysconfig.d is not created anymore if it\nalready exists (bsc#1121086)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1122838\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1122839\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-17189/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-17199/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190498-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a5e9e3a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-498=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2019-498=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-498=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2019-498=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-17199\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-example-pages\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-prefork-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-worker-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"apache2-2.4.23-29.34.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"apache2-debuginfo-2.4.23-29.34.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"apache2-debugsource-2.4.23-29.34.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"apache2-example-pages-2.4.23-29.34.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"apache2-prefork-2.4.23-29.34.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"apache2-prefork-debuginfo-2.4.23-29.34.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"apache2-utils-2.4.23-29.34.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"apache2-utils-debuginfo-2.4.23-29.34.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"apache2-worker-2.4.23-29.34.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"apache2-worker-debuginfo-2.4.23-29.34.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"apache2-2.4.23-29.34.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"apache2-debuginfo-2.4.23-29.34.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"apache2-debugsource-2.4.23-29.34.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"apache2-example-pages-2.4.23-29.34.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"apache2-prefork-2.4.23-29.34.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"apache2-prefork-debuginfo-2.4.23-29.34.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"apache2-utils-2.4.23-29.34.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"apache2-utils-debuginfo-2.4.23-29.34.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"apache2-worker-2.4.23-29.34.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"apache2-worker-debuginfo-2.4.23-29.34.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-04-01T01:52:15", "bulletinFamily": "scanner", "description": "This update for apache2 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-17189: Fixed a denial of service in mod_http2,\n via slow and unneeded request bodies (bsc#1122838)\n\n - CVE-2018-17199: Fixed that mod_session_cookie did not\n respect expiry time (bsc#1122839)\n\nNon-security issue fixed :\n\n - sysconfig.d is not created anymore if it already exists\n (bsc#1121086)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "modified": "2020-04-02T00:00:00", "id": "OPENSUSE-2019-296.NASL", "href": "https://www.tenable.com/plugins/nessus/122661", "published": "2019-03-07T00:00:00", "title": "openSUSE Security Update : apache2 (openSUSE-2019-296)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-296.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122661);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/02/06\");\n\n script_cve_id(\"CVE-2018-17189\", \"CVE-2018-17199\");\n\n script_name(english:\"openSUSE Security Update : apache2 (openSUSE-2019-296)\");\n script_summary(english:\"Check for the openSUSE-2019-296 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for apache2 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-17189: Fixed a denial of service in mod_http2,\n via slow and unneeded request bodies (bsc#1122838)\n\n - CVE-2018-17199: Fixed that mod_session_cookie did not\n respect expiry time (bsc#1122839)\n\nNon-security issue fixed :\n\n - sysconfig.d is not created anymore if it already exists\n (bsc#1121086)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1122838\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1122839\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-17199\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-event\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-event-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-example-pages\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-prefork-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-worker-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"apache2-2.4.33-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"apache2-debuginfo-2.4.33-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"apache2-debugsource-2.4.33-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"apache2-devel-2.4.33-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"apache2-event-2.4.33-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"apache2-event-debuginfo-2.4.33-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"apache2-example-pages-2.4.33-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"apache2-prefork-2.4.33-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"apache2-prefork-debuginfo-2.4.33-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"apache2-utils-2.4.33-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"apache2-utils-debuginfo-2.4.33-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"apache2-worker-2.4.33-lp150.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"apache2-worker-debuginfo-2.4.33-lp150.2.9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2 / apache2-debuginfo / apache2-debugsource / apache2-devel / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-04-01T01:52:16", "bulletinFamily": "scanner", "description": "This update for apache2 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-17189: Fixed a denial of service in mod_http2,\n via slow and unneeded request bodies (bsc#1122838)\n\n - CVE-2018-17199: Fixed that mod_session_cookie did not\n respect expiry time (bsc#1122839)\n\nNon-security issue fixed :\n\n - sysconfig.d is not created anymore if it already exists\n (bsc#1121086)\n\nThis update was imported from the SUSE:SLE-12-SP2:Update update\nproject.", "modified": "2020-04-02T00:00:00", "id": "OPENSUSE-2019-305.NASL", "href": "https://www.tenable.com/plugins/nessus/122741", "published": "2019-03-11T00:00:00", "title": "openSUSE Security Update : apache2 (openSUSE-2019-305)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-305.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122741);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/02/05\");\n\n script_cve_id(\"CVE-2018-17189\", \"CVE-2018-17199\");\n\n script_name(english:\"openSUSE Security Update : apache2 (openSUSE-2019-305)\");\n script_summary(english:\"Check for the openSUSE-2019-305 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for apache2 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-17189: Fixed a denial of service in mod_http2,\n via slow and unneeded request bodies (bsc#1122838)\n\n - CVE-2018-17199: Fixed that mod_session_cookie did not\n respect expiry time (bsc#1122839)\n\nNon-security issue fixed :\n\n - sysconfig.d is not created anymore if it already exists\n (bsc#1121086)\n\nThis update was imported from the SUSE:SLE-12-SP2:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1122838\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1122839\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-17199\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-event\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-event-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-example-pages\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-prefork-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-worker-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-2.4.23-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-debuginfo-2.4.23-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-debugsource-2.4.23-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-devel-2.4.23-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-event-2.4.23-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-event-debuginfo-2.4.23-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-example-pages-2.4.23-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-prefork-2.4.23-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-prefork-debuginfo-2.4.23-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-utils-2.4.23-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-utils-debuginfo-2.4.23-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-worker-2.4.23-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-worker-debuginfo-2.4.23-37.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2 / apache2-debuginfo / apache2-debugsource / apache2-devel / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-03-17T22:40:49", "bulletinFamily": "scanner", "description": "An update of the httpd package has been released.", "modified": "2020-03-02T00:00:00", "id": "PHOTONOS_PHSA-2019-2_0-0157_HTTPD.NASL", "href": "https://www.tenable.com/plugins/nessus/124680", "published": "2019-05-08T00:00:00", "title": "Photon OS 2.0: Httpd PHSA-2019-2.0-0157", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-2.0-0157. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124680);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/05/17 9:44:17\");\n\n script_cve_id(\n \"CVE-2018-17189\",\n \"CVE-2018-17199\",\n \"CVE-2019-0190\",\n \"CVE-2019-0211\",\n \"CVE-2019-0215\",\n \"CVE-2019-0217\"\n );\n\n script_name(english:\"Photon OS 2.0: Httpd PHSA-2019-2.0-0157\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the httpd package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-157.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0211\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"httpd-2.4.39-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"httpd-debuginfo-2.4.39-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"httpd-devel-2.4.39-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"httpd-docs-2.4.39-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"httpd-tools-2.4.39-1.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-17T22:39:58", "bulletinFamily": "scanner", "description": "An update of the httpd package has been released.", "modified": "2020-03-02T00:00:00", "id": "PHOTONOS_PHSA-2019-1_0-0230_HTTPD.NASL", "href": "https://www.tenable.com/plugins/nessus/124870", "published": "2019-05-14T00:00:00", "title": "Photon OS 1.0: Httpd PHSA-2019-1.0-0230", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0230. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124870);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/05/17 9:44:17\");\n\n script_cve_id(\n \"CVE-2018-17189\",\n \"CVE-2018-17199\",\n \"CVE-2019-0190\",\n \"CVE-2019-0211\",\n \"CVE-2019-0215\",\n \"CVE-2019-0217\"\n );\n\n script_name(english:\"Photon OS 1.0: Httpd PHSA-2019-1.0-0230\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the httpd package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-230.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-0211\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"httpd-2.4.39-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"httpd-debuginfo-2.4.39-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"httpd-devel-2.4.39-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"httpd-docs-2.4.39-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"httpd-tools-2.4.39-1.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2019-03-08T17:55:55", "bulletinFamily": "unix", "description": "This update for apache2 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-17189: Fixed a denial of service in mod_http2, via slow and\n unneeded request bodies (bsc#1122838)\n - CVE-2018-17199: Fixed that mod_session_cookie did not respect expiry\n time (bsc#1122839)\n\n Non-security issue fixed:\n\n - sysconfig.d is not created anymore if it already exists (bsc#1121086)\n\n This update was imported from the SUSE:SLE-12-SP2:Update update project.\n\n", "modified": "2019-03-08T15:10:48", "published": "2019-03-08T15:10:48", "id": "OPENSUSE-SU-2019:0305-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00012.html", "title": "Security update for apache2 (moderate)", "type": "suse", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-03-06T23:51:17", "bulletinFamily": "unix", "description": "This update for apache2 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-17189: Fixed a denial of service in mod_http2, via slow and\n unneeded request bodies (bsc#1122838)\n - CVE-2018-17199: Fixed that mod_session_cookie did not respect expiry\n time (bsc#1122839)\n\n Non-security issue fixed:\n\n - sysconfig.d is not created anymore if it already exists (bsc#1121086)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "modified": "2019-03-06T21:12:16", "published": "2019-03-06T21:12:16", "id": "OPENSUSE-SU-2019:0296-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00009.html", "title": "Security update for apache2 (moderate)", "type": "suse", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2020-01-31T16:49:52", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-03-09T00:00:00", "id": "OPENVAS:1361412562310852336", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852336", "title": "openSUSE: Security Advisory for apache2 (openSUSE-SU-2019:0305-1)", "type": "openvas", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852336\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-17189\", \"CVE-2018-17199\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-03-09 04:08:12 +0100 (Sat, 09 Mar 2019)\");\n script_name(\"openSUSE: Security Advisory for apache2 (openSUSE-SU-2019:0305-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:0305-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-03/msg00012.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apache2'\n package(s) announced via the openSUSE-SU-2019:0305-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for apache2 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-17189: Fixed a denial of service in mod_http2, via slow and\n unneeded request bodies (bsc#1122838)\n\n - CVE-2018-17199: Fixed that mod_session_cookie did not respect expiry\n time (bsc#1122839)\n\n Non-security issue fixed:\n\n - sysconfig.d is not created anymore if it already exists (bsc#1121086)\n\n This update was imported from the SUSE:SLE-12-SP2:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-305=1\");\n\n script_tag(name:\"affected\", value:\"apache2 on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.4.23~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-debuginfo\", rpm:\"apache2-debuginfo~2.4.23~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-debugsource\", rpm:\"apache2-debugsource~2.4.23~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.4.23~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-event\", rpm:\"apache2-event~2.4.23~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-event-debuginfo\", rpm:\"apache2-event-debuginfo~2.4.23~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.4.23~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.4.23~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-prefork-debuginfo\", rpm:\"apache2-prefork-debuginfo~2.4.23~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-utils\", rpm:\"apache2-utils~2.4.23~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-utils-debuginfo\", rpm:\"apache2-utils-debuginfo~2.4.23~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.4.23~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-worker-debuginfo\", rpm:\"apache2-worker-debuginfo~2.4.23~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.4.23~37.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T16:54:12", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-03-07T00:00:00", "id": "OPENVAS:1361412562310852334", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852334", "title": "openSUSE: Security Advisory for apache2 (openSUSE-SU-2019:0296-1)", "type": "openvas", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852334\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-17189\", \"CVE-2018-17199\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-03-07 04:12:17 +0100 (Thu, 07 Mar 2019)\");\n script_name(\"openSUSE: Security Advisory for apache2 (openSUSE-SU-2019:0296-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:0296-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-03/msg00009.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apache2'\n package(s) announced via the openSUSE-SU-2019:0296-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for apache2 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-17189: Fixed a denial of service in mod_http2, via slow and\n unneeded request bodies (bsc#1122838)\n\n - CVE-2018-17199: Fixed that mod_session_cookie did not respect expiry\n time (bsc#1122839)\n\n Non-security issue fixed:\n\n - sysconfig.d is not created anymore if it already exists (bsc#1121086)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-296=1\");\n\n script_tag(name:\"affected\", value:\"apache2 on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.4.33~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-debuginfo\", rpm:\"apache2-debuginfo~2.4.33~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-debugsource\", rpm:\"apache2-debugsource~2.4.33~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.4.33~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-event\", rpm:\"apache2-event~2.4.33~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-event-debuginfo\", rpm:\"apache2-event-debuginfo~2.4.33~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.4.33~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.4.33~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-prefork-debuginfo\", rpm:\"apache2-prefork-debuginfo~2.4.33~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-utils\", rpm:\"apache2-utils~2.4.33~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-utils-debuginfo\", rpm:\"apache2-utils-debuginfo~2.4.33~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.4.33~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-worker-debuginfo\", rpm:\"apache2-worker-debuginfo~2.4.33~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.4.33~lp150.2.9.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:25", "bulletinFamily": "scanner", "description": "In Apache HTTP Server mod_session checks the session expiry time before\ndecoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the\nexpiry time is loaded when the session is decoded.", "modified": "2019-02-19T00:00:00", "published": "2019-02-05T00:00:00", "id": "OPENVAS:1361412562310141963", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310141963", "title": "Apache HTTP Server < 2.4.38 mod_session_cookie Vulnerability (Windows)", "type": "openvas", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apache_httpd_mod_session_cookie_vuln_win.nasl 13750 2019-02-19 07:33:36Z mmartin $\n#\n# Apache HTTP Server < 2.4.38 mod_session_cookie Vulnerability (Windows)\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2019 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:http_server\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.141963\");\n script_version(\"$Revision: 13750 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-19 08:33:36 +0100 (Tue, 19 Feb 2019) $\");\n script_tag(name:\"creation_date\", value:\"2019-02-05 13:25:53 +0700 (Tue, 05 Feb 2019)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n\n script_cve_id(\"CVE-2018-17199\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Apache HTTP Server < 2.4.38 mod_session_cookie Vulnerability (Windows)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Web Servers\");\n script_dependencies(\"secpod_apache_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"apache/installed\", \"Host/runs_windows\");\n\n script_tag(name:\"summary\", value:\"In Apache HTTP Server mod_session checks the session expiry time before\ndecoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the\nexpiry time is loaded when the session is decoded.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"Apache HTTP server version 2.4.37 and prior.\");\n\n script_tag(name:\"solution\", value:\"Update to version 2.4.38 or later.\");\n\n script_xref(name:\"URL\", value:\"https://httpd.apache.org/security/vulnerabilities_24.html\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!version = get_app_version(cpe: CPE, port: port))\n exit(0);\n\naffected = make_list('2.4.37',\n '2.4.35',\n '2.4.34',\n '2.4.33',\n '2.4.30',\n '2.4.29',\n '2.4.28',\n '2.4.27',\n '2.4.26',\n '2.4.25',\n '2.4.23',\n '2.4.20',\n '2.4.18',\n '2.4.17',\n '2.4.16',\n '2.4.12',\n '2.4.10',\n '2.4.9',\n '2.4.7',\n '2.4.6',\n '2.4.4',\n '2.4.3',\n '2.4.2',\n '2.4.1',\n '2.4.0' );\n\nforeach af (affected) {\n if (version == af) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"2.4.38\");\n security_message(port: 0, data: report);\n exit(0);\n }\n}\n\nexit(99);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-06-17T12:43:38", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-06-17T00:00:00", "published": "2019-04-06T00:00:00", "id": "OPENVAS:1361412562310704422", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704422", "title": "Debian Security Advisory DSA 4422-1 (apache2 - security update)", "type": "openvas", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704422\");\n script_version(\"2019-06-17T06:50:08+0000\");\n script_cve_id(\"CVE-2018-17189\", \"CVE-2018-17199\", \"CVE-2019-0196\", \"CVE-2019-0211\", \"CVE-2019-0217\", \"CVE-2019-0220\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-06-17 06:50:08 +0000 (Mon, 17 Jun 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-04-06 02:00:17 +0000 (Sat, 06 Apr 2019)\");\n script_name(\"Debian Security Advisory DSA 4422-1 (apache2 - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4422.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4422-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apache2'\n package(s) announced via the DSA-4422-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been found in the Apache HTTP server.\n\nCVE-2018-17189\nGal Goldshtein of F5 Networks discovered a denial of service\nvulnerability in mod_http2. By sending malformed requests, the\nhttp/2 stream for that request unnecessarily occupied a server\nthread cleaning up incoming data, resulting in denial of service.\n\nCVE-2018-17199\nDiego Angulo from ImExHS discovered that mod_session_cookie does not\nrespect expiry time.\n\nCVE-2019-0196\nCraig Young discovered that the http/2 request handling in mod_http2\ncould be made to access freed memory in string comparison when\ndetermining the method of a request and thus process the request\nincorrectly.\n\nCVE-2019-0211\nCharles Fol discovered a privilege escalation from the\nless-privileged child process to the parent process running as root.\n\nCVE-2019-0217\nA race condition in mod_auth_digest when running in a threaded\nserver could allow a user with valid credentials to authenticate\nusing another username, bypassing configured access control\nrestrictions. The issue was discovered by Simon Kappel.\n\nCVE-2019-0220\nBernhard Lorenz of Alpha Strike Labs GmbH reported that URL\nnormalizations were inconsistently handled. When the path component\nof a request URL contains multiple consecutive slashes ('/'),\ndirectives such as LocationMatch and RewriteRule must account for\nduplicates in regular expressions while other aspects of the servers\nprocessing will implicitly collapse them.\");\n\n script_tag(name:\"affected\", value:\"'apache2' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 2.4.25-3+deb9u7.\n\nThis update also contains bug fixes that were scheduled for inclusion in the\nnext stable point release. This includes a fix for a regression caused by a\nsecurity fix in version 2.4.25-3+deb9u6.\n\nWe recommend that you upgrade your apache2 packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"apache2\", ver:\"2.4.25-3+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"apache2-bin\", ver:\"2.4.25-3+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"apache2-data\", ver:\"2.4.25-3+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"apache2-dbg\", ver:\"2.4.25-3+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"apache2-dev\", ver:\"2.4.25-3+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.4.25-3+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"apache2-ssl-dev\", ver:\"2.4.25-3+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"apache2-suexec-custom\", ver:\"2.4.25-3+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"apache2-suexec-pristine\", ver:\"2.4.25-3+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.4.25-3+deb9u7\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:25", "bulletinFamily": "scanner", "description": "By sending request bodies in a slow loris way to plain resources, the h2\nstream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only\nHTTP/2 connections. A possible mitigation is to not enable the h2 protocol.", "modified": "2019-02-08T00:00:00", "published": "2019-02-05T00:00:00", "id": "OPENVAS:1361412562310141966", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310141966", "title": "Apache HTTP Server < 2.4.38 HTTP/2 DoS Vulnerability (Linux)", "type": "openvas", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apache_httpd_http2_dos_vuln_lin.nasl 13547 2019-02-08 15:53:13Z cfischer $\n#\n# Apache HTTP Server < 2.4.38 HTTP/2 DoS Vulnerability (Linux)\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2019 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:http_server\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.141966\");\n script_version(\"$Revision: 13547 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-08 16:53:13 +0100 (Fri, 08 Feb 2019) $\");\n script_tag(name:\"creation_date\", value:\"2019-02-05 13:43:36 +0700 (Tue, 05 Feb 2019)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_cve_id(\"CVE-2018-17189\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Apache HTTP Server < 2.4.38 HTTP/2 DoS Vulnerability (Linux)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Web Servers\");\n script_dependencies(\"secpod_apache_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"apache/installed\", \"Host/runs_unixoide\");\n\n script_tag(name:\"summary\", value:\"By sending request bodies in a slow loris way to plain resources, the h2\nstream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only\nHTTP/2 connections. A possible mitigation is to not enable the h2 protocol.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"Apache HTTP server version 2.4.37 and prior.\");\n\n script_tag(name:\"solution\", value:\"Update to version 2.4.38 or later.\");\n\n script_xref(name:\"URL\", value:\"https://httpd.apache.org/security/vulnerabilities_24.html\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!version = get_app_version(cpe: CPE, port: port))\n exit(0);\n\naffected = make_list('2.4.37',\n '2.4.35',\n '2.4.34',\n '2.4.33',\n '2.4.30',\n '2.4.29',\n '2.4.28',\n '2.4.27',\n '2.4.26',\n '2.4.25',\n '2.4.23',\n '2.4.20',\n '2.4.18',\n '2.4.17' );\n\nforeach af (affected) {\n if (version == af) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"2.4.38\");\n security_message(port: 0, data: report);\n exit(0);\n }\n}\n\nexit(99);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:25", "bulletinFamily": "scanner", "description": "By sending request bodies in a slow loris way to plain resources, the h2\nstream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only\nHTTP/2 connections. A possible mitigation is to not enable the h2 protocol.", "modified": "2019-02-08T00:00:00", "published": "2019-02-05T00:00:00", "id": "OPENVAS:1361412562310141965", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310141965", "title": "Apache HTTP Server < 2.4.38 HTTP/2 DoS Vulnerability (Windows)", "type": "openvas", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apache_httpd_http2_dos_vuln_win.nasl 13547 2019-02-08 15:53:13Z cfischer $\n#\n# Apache HTTP Server < 2.4.38 HTTP/2 DoS Vulnerability (Windows)\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2019 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:http_server\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.141965\");\n script_version(\"$Revision: 13547 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-08 16:53:13 +0100 (Fri, 08 Feb 2019) $\");\n script_tag(name:\"creation_date\", value:\"2019-02-05 13:39:00 +0700 (Tue, 05 Feb 2019)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_cve_id(\"CVE-2018-17189\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Apache HTTP Server < 2.4.38 HTTP/2 DoS Vulnerability (Windows)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Web Servers\");\n script_dependencies(\"secpod_apache_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"apache/installed\", \"Host/runs_windows\");\n\n script_tag(name:\"summary\", value:\"By sending request bodies in a slow loris way to plain resources, the h2\nstream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only\nHTTP/2 connections. A possible mitigation is to not enable the h2 protocol.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"Apache HTTP server version 2.4.37 and prior.\");\n\n script_tag(name:\"solution\", value:\"Update to version 2.4.38 or later.\");\n\n script_xref(name:\"URL\", value:\"https://httpd.apache.org/security/vulnerabilities_24.html\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!version = get_app_version(cpe: CPE, port: port))\n exit(0);\n\naffected = make_list('2.4.37',\n '2.4.35',\n '2.4.34',\n '2.4.33',\n '2.4.30',\n '2.4.29',\n '2.4.28',\n '2.4.27',\n '2.4.26',\n '2.4.25',\n '2.4.23',\n '2.4.20',\n '2.4.18',\n '2.4.17' );\n\nforeach af (affected) {\n if (version == af) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"2.4.38\");\n security_message(port: 0, data: report);\n exit(0);\n }\n}\n\nexit(99);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:35:45", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191113", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191113", "title": "Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-1113)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1113\");\n script_version(\"2020-01-23T11:31:52+0000\");\n script_cve_id(\"CVE-2018-17199\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:31:52 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:31:52 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-1113)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1113\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1113\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'httpd' package(s) announced via the EulerOS-SA-2019-1113 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.(CVE-2018-17199)\");\n\n script_tag(name:\"affected\", value:\"'httpd' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.4.6~45.0.1.4.h10\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.4.6~45.0.1.4.h10\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.4.6~45.0.1.4.h10\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd-tools\", rpm:\"httpd-tools~2.4.6~45.0.1.4.h10\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.4.6~45.0.1.4.h10\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-27T18:36:29", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191271", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191271", "title": "Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-1271)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1271\");\n script_version(\"2020-01-23T11:37:01+0000\");\n script_cve_id(\"CVE-2018-17199\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:37:01 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:37:01 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-1271)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1271\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1271\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'httpd' package(s) announced via the EulerOS-SA-2019-1271 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.(CVE-2018-17199)\");\n\n script_tag(name:\"affected\", value:\"'httpd' package(s) on Huawei EulerOS Virtualization 2.5.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.4.6~45.0.1.4.h11\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd-tools\", rpm:\"httpd-tools~2.4.6~45.0.1.4.h11\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.4.6~45.0.1.4.h11\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-27T18:33:05", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191137", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191137", "title": "Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-1137)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1137\");\n script_version(\"2020-01-23T11:32:39+0000\");\n script_cve_id(\"CVE-2018-17199\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:32:39 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:32:39 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-1137)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1137\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1137\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'httpd' package(s) announced via the EulerOS-SA-2019-1137 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.(CVE-2018-17199)\");\n\n script_tag(name:\"affected\", value:\"'httpd' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.4.6~80.1.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.4.6~80.1.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.4.6~80.1.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd-tools\", rpm:\"httpd-tools~2.4.6~80.1.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mod_session\", rpm:\"mod_session~2.4.6~80.1.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.4.6~80.1.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-27T18:34:06", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191294", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191294", "title": "Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-1294)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1294\");\n script_version(\"2020-01-23T11:37:57+0000\");\n script_cve_id(\"CVE-2018-17199\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:37:57 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:37:57 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-1294)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1294\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1294\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'httpd' package(s) announced via the EulerOS-SA-2019-1294 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.(CVE-2018-17199)\");\n\n script_tag(name:\"affected\", value:\"'httpd' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.4.6~45.0.1.4.h11\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.4.6~45.0.1.4.h11\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.4.6~45.0.1.4.h11\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd-tools\", rpm:\"httpd-tools~2.4.6~45.0.1.4.h11\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.4.6~45.0.1.4.h11\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "myhack58": [{"lastseen": "2019-01-27T23:52:02", "bulletinFamily": "info", "description": "Front a burst of Spark official release of the title for the CVE-2018-17190: Unsecured Apache Spark standalone executes user code of the security Bulletin. \nThe announcement indicated the vulnerability affects version to full version, and does not indicate a repaired version, only the relevant mitigation measures. \nThe official mitigation measures are as follows: in any is not subjected to unnecessary access protection Spark standalone on a cluster to enable authentication, e.g., by the network level restrictions. Use the spark. authenticate and The Associated security attributes. \nQuery related to document, the spark. authenticate is RPC Protocol in a configuration attribute, this parameter controls the Spark RPC whether to use shared key authentication. \nSpark RPCS \npark the RPC is a self-defined Protocol. The bottom layer is based on netty4 development, related to the implementation of the package in the spark-network-common. jar and spark-core. jar, of which the former is the use of JAVA development of the latter using the scala language. \nProtocol the internal structure consists of two parts header and body, header of the content includes:entire frame length of 8 bytes, The message type, 1 byte, and the requestID of 8 bytes and body length 4 bytes \nbody according to Protocol-defined data type is slightly different. \n! [](https://image.3001.net/images/20190118/15477805629057.jpg! small) \nRpcRequest message type of the body is substantially composed of two part construction, the front half portion containing the communication of both address and port, and name information, the next step is the java serialized content ac ed 00 05 at the beginning. \n! [](https://image.3001.net/images/20190118/15477806059605.jpg! small) \nThe message type for the RpcResponse the body directly is java reverse sequence after the content. \n! [](https://image.3001.net/images/20190118/15477806487759.jpg! small) \nBuild Spark alone cluster server \nFrom the official website to download, and then through the-h specifies the IP address, \u8ba9\u7aef\u53e3\u76d1\u542c\u5728\u6240\u6709\u7684\u7f51\u5361\u4e0a./start-master.sh -h 0.0.0.0-p-70774. \nProof of service of the end the presence of anti-serialization process \nspark_exploit.py through the first parameter and the second parameter indicates the remote spark cluster connection information, the third argument is the JAVA deserialization vulnerability the payload is. \nBy calling build_msg a function of the payload built into a message and then sent to the service end, the process is relatively simple. \n! [](https://image.3001.net/images/20190118/15477807129171.jpg! small) \n! [](https://image.3001.net/images/20190118/15477807434893.jpg! small) \nThe reverse operation of the client \nevil_spark_server.py script by subclassing BaseRequestHandler class to complete a simple TCP service, for transmission over the data to extract the request_id, and then call build_msg, and the request_id and payload constituting a legal RPC response data packet is sent to the client. \n! [](https://image.3001.net/images/20190118/15477807838236.jpg! small) \nStart the service \n! [](https://image.3001.net/images/20190118/15477808361959.png! small) \nUse the spark client to connect \n! [](https://image.3001.net/images/20190118/15477808709894.png! small) \n! [](https://image.3001.net/images/20190118/15477809091392.jpg! small) \nSummary \nThrough the capture to see the request data and read the related code,and gradually determine the RPC Protocol to request data. The client and server are using JAVA serialization to transfer data, both sides can be utilized. \nWhen you turn around and want to use deserialization to perform a system command, find ysoserial found that in addition to using a low version of the jdk configured to use the chain, and no other suitable gadget to. \nOver time, various libraries of the vulnerabilities will be repaired and upgraded, existing gadget will no longer work. java deserialization vulnerability will eventually become history. \nReference \n1, the https://spark.apache.org/security.html \n2, the https://zhuanlan.zhihu.com/p/28893155 \n\n", "modified": "2019-01-25T00:00:00", "published": "2019-01-25T00:00:00", "id": "MYHACK58:62201992743", "href": "http://www.myhack58.com/Article/html/3/62/2019/92743.htm", "title": "Apache Spark RPC Protocol deserialization vulnerability analysis-vulnerability warning-the black bar safety net", "type": "myhack58", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "github": [{"lastseen": "2020-03-10T23:26:07", "bulletinFamily": "software", "description": "In all versions of Apache Spark, its standalone resource manager accepts code to execute on a 'master' host, that then runs that code on 'worker' hosts. The master itself does not, by design, execute user code. A specially-crafted request to the master can, however, cause the master to execute code too. Note that this does not affect standalone clusters with authentication enabled. While the master host typically has less outbound access to other resources than a worker, the execution of code on the master is nevertheless unexpected.\r\n\r\n# Mitigation\r\nEnable authentication on any Spark standalone cluster that is not otherwise secured from unwanted access, for example by network-level restrictions. Use spark.authenticate and related security properties described at https://spark.apache.org/docs/latest/security.html", "modified": "2019-07-03T21:02:05", "published": "2018-11-21T22:19:30", "id": "GHSA-PHG2-9C5G-M4Q7", "href": "https://github.com/advisories/GHSA-phg2-9c5g-m4q7", "title": "Low severity vulnerability that affects org.apache.spark:spark-core_2.10 and org.apache.spark:spark-core_2.11", "type": "github", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "httpd": [{"lastseen": "2019-05-29T19:19:10", "bulletinFamily": "software", "description": "\nBy sending request bodies in a slow loris way to plain\n resources, the h2 stream for that request unnecessarily\n occupied a server thread cleaning up that incoming data.\n This affects only HTTP/2 connections. A possible mitigation\n is to not enable the h2 protocol.\n\n", "modified": "2019-01-22T00:00:00", "published": "2018-10-16T00:00:00", "id": "HTTPD:4EC9662496A151DDE6D030D9127572E7", "href": "https://httpd.apache.org/security_report.html", "title": "Apache Httpd < None: DoS for HTTP/2 connections via slow request bodies", "type": "httpd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T19:19:10", "bulletinFamily": "software", "description": "\nIn Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session\n checks the session expiry time before decoding the session.\n This causes session expiry time to be ignored for\n mod_session_cookie sessions since the expiry time is loaded\n when the session is decoded.\n", "modified": "2019-01-22T00:00:00", "published": "2018-10-08T00:00:00", "id": "HTTPD:B2B68FFCE0FB45D09BE91EE9ECBA07F6", "href": "https://httpd.apache.org/security_report.html", "title": "Apache Httpd < None: mod_session_cookie does not respect expiry time", "type": "httpd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T19:19:10", "bulletinFamily": "software", "description": "\nA bug exists in the way mod_ssl handled client renegotiations.\n A remote attacker could send a carefully crafted request that\n would cause mod_ssl to enter a loop leading to a denial of\n service. This bug can be only triggered with Apache HTTP Server\n version 2.4.37 when using OpenSSL version 1.1.1 or later, due to\n an interaction in changes to handling of renegotiation attempts.\n \n", "modified": "2019-01-22T00:00:00", "published": "2019-01-01T00:00:00", "id": "HTTPD:E72230CF9BB006F96B51EF7B53B20FA0", "href": "https://httpd.apache.org/security_report.html", "title": "Apache Httpd < None: mod_ssl 2.4.37 remote DoS when used with OpenSSL 1.1.1", "type": "httpd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2019-12-11T13:30:57", "bulletinFamily": "unix", "description": "The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of version 2.4 of the Apache HTTP Server, along with the mod_auth_kerb module.\n\nSecurity Fix(es):\n\n* httpd: mod_session_cookie does not respect expiry time (CVE-2018-17199)\n\n* httpd: mod_auth_digest: access control bypass due to race condition (CVE-2019-0217)\n\n* httpd: null-pointer dereference in mod_remoteip (CVE-2019-10097)\n\n* httpd: mod_http2: DoS via slow, unneeded request bodies (CVE-2018-17189)\n\n* httpd: URL normalization inconsistency (CVE-2019-0220)\n\n* httpd: limited cross-site scripting in mod_proxy error page (CVE-2019-10092)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* `ExtendedStatus Off` directive when using mod_systemd causes systemctl to hang (BZ#1669213)\n\n* httpd can not be started with mod_md enabled (BZ#1673019)\n\n* Rebuild metapackage with latest scl-utils (BZ#1696527)\n\n* fix a regression introduced in r1740928 (BZ#1707636)\n\n* duplicated cookie in Apache httpd with mod_session (BZ#1725922)\n\n* Unexpected OCSP in proxy SSL connection (BZ#1744120)\n\nEnhancement(s):\n\n* RFE: updated collection for httpd 2.4 (BZ#1726706)\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Software Collections 3.4 Release Notes linked from the References section.", "modified": "2019-12-10T12:15:59", "published": "2019-12-10T11:29:23", "id": "RHSA-2019:4126", "href": "https://access.redhat.com/errata/RHSA-2019:4126", "type": "redhat", "title": "(RHSA-2019:4126) Moderate: httpd24-httpd security, bug fix, and enhancement update", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-01-06T13:26:47", "bulletinFamily": "unix", "description": "This release adds the new Apache HTTP Server 2.4.37 packages that are part of the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.29 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys (CVE-2018-0737)\n* openssl: timing side channel attack in the DSA signature algorithm (CVE-2018-0734)\n* mod_auth_digest: access control bypass due to race condition (CVE-2019-0217)\n* openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash) (CVE-2018-5407)\n* mod_session_cookie does not respect expiry time (CVE-2018-17199)\n* mod_http2: DoS via slow, unneeded request bodies (CVE-2018-17189)\n* mod_http2: possible crash on late upgrade (CVE-2019-0197)\n* mod_http2: read-after-free on a string compare (CVE-2019-0196)\n* nghttp2: HTTP/2: large amount of data request leads to denial of service (CVE-2019-9511)\n* nghttp2: HTTP/2: flood using PRIORITY frames resulting in excessive resource consumption (CVE-2019-9513)\n* mod_http2: HTTP/2: 0-length headers leads to denial of service (CVE-2019-9516)\n* mod_http2: HTTP/2: request for large response leads to denial of service (CVE-2019-9517)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-01-06T18:01:22", "published": "2019-11-20T21:05:23", "id": "RHSA-2019:3933", "href": "https://access.redhat.com/errata/RHSA-2019:3933", "type": "redhat", "title": "(RHSA-2019:3933) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Security Release on RHEL 7", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-06T13:27:00", "bulletinFamily": "unix", "description": "This release adds the new Apache HTTP Server 2.4.37 packages that are part of the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.29 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) * openssl: timing side channel attack in the DSA signature algorithm (CVE-2018-0734) * mod_auth_digest: access control bypass due to race condition (CVE-2019-0217) * openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash) (CVE-2018-5407) * mod_session_cookie does not respect expiry time (CVE-2018-17199) * mod_http2: DoS via slow, unneeded request bodies (CVE-2018-17189) * mod_http2: possible crash on late upgrade (CVE-2019-0197) * mod_http2: read-after-free on a string compare (CVE-2019-0196) * nghttp2: HTTP/2: large amount of data request leads to denial of service (CVE-2019-9511) * nghttp2: HTTP/2: flood using PRIORITY frames resulting in excessive resource consumption (CVE-2019-9513) * mod_http2: HTTP/2: 0-length headers leads to denial of service (CVE-2019-9516) * mod_http2: HTTP/2: request for large response leads to denial of service (CVE-2019-9517)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-01-06T18:01:25", "published": "2019-11-20T21:04:55", "id": "RHSA-2019:3932", "href": "https://access.redhat.com/errata/RHSA-2019:3932", "type": "redhat", "title": "(RHSA-2019:3932) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Security Release on RHEL 6", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-06T13:26:28", "bulletinFamily": "unix", "description": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release adds the new Apache HTTP Server 2.4.37 packages that are part of the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.29 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) * openssl: timing side channel attack in the DSA signature algorithm (CVE-2018-0734) * mod_auth_digest: access control bypass due to race condition (CVE-2019-0217) * openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash) (CVE-2018-5407) * mod_session_cookie does not respect expiry time (CVE-2018-17199) * mod_http2: DoS via slow, unneeded request bodies (CVE-2018-17189) * mod_http2: possible crash on late upgrade (CVE-2019-0197) * mod_http2: read-after-free on a string compare (CVE-2019-0196) * nghttp2: HTTP/2: large amount of data request leads to denial of service (CVE-2019-9511) * nghttp2: HTTP/2: flood using PRIORITY frames resulting in excessive resource consumption (CVE-2019-9513) * mod_http2: HTTP/2: 0-length headers leads to denial of service (CVE-2019-9516) * mod_http2: HTTP/2: request for large response leads to denial of service (CVE-2019-9517)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-01-06T18:00:07", "published": "2019-11-20T21:05:46", "id": "RHSA-2019:3935", "href": "https://access.redhat.com/errata/RHSA-2019:3935", "type": "redhat", "title": "(RHSA-2019:3935) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Security Release", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "ubuntu": [{"lastseen": "2019-05-29T19:21:48", "bulletinFamily": "unix", "description": "Charles Fol discovered that the Apache HTTP Server incorrectly handled the scoreboard shared memory area. A remote attacker able to upload and run scripts could possibly use this issue to execute arbitrary code with root privileges. (CVE-2019-0211)\n\nIt was discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain requests. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-17189)\n\nIt was discovered that the Apache HTTP Server incorrectly handled session expiry times. When used with mod_session_cookie, this may result in the session expiry time to be ignored, contrary to expectations. (CVE-2018-17199)\n\nCraig Young discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain requests. A remote attacker could possibly use this issue to cause the server to process requests incorrectly. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2019-0196)\n\nSimon Kappel discovered that the Apache HTTP Server mod_auth_digest module incorrectly handled threads. A remote attacker with valid credentials could possibly use this issue to authenticate using another username, bypassing access control restrictions. (CVE-2019-0217)\n\nBernhard Lorenz discovered that the Apache HTTP Server was inconsistent when processing requests containing multiple consecutive slashes. This could lead to directives such as LocationMatch and RewriteRule to perform contrary to expectations. (CVE-2019-0220)", "modified": "2019-04-04T00:00:00", "published": "2019-04-04T00:00:00", "id": "USN-3937-1", "href": "https://usn.ubuntu.com/3937-1/", "title": "Apache HTTP Server vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2020-01-18T02:33:56", "bulletinFamily": "unix", "description": "Package : apache2\nVersion : 2.4.10-10+deb8u13\nCVE ID : CVE-2018-17199\n\n\nDiego Angulo from ImExHS discovered an issue in the webserver apache2.\nThe module mod_session ignored the expiry time of sessions handled by \nmod_session_cookie, because the expiry time is available only after \ndecoding the session and the check was already done before.\n\n\n\nFor Debian 8 "Jessie", this problem has been fixed in version\n2.4.10-10+deb8u13.\n\nWe recommend that you upgrade your apache2 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n", "modified": "2019-01-29T21:30:28", "published": "2019-01-29T21:30:28", "id": "DEBIAN:DLA-1647-1:786B3", "href": "https://lists.debian.org/debian-lts-announce/2019/debian-lts-announce-201901/msg00024.html", "title": "[SECURITY] [DLA 1647-1] apache2 security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-02-10T02:41:49", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4422-1 security@debian.org\nhttps://www.debian.org/security/ Stefan Fritsch\nApril 03, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : apache2\nCVE ID : CVE-2018-17189 CVE-2018-17199 CVE-2019-0196 CVE-2019-0211 \n CVE-2019-0217 CVE-2019-0220\nDebian Bug : 920302 920303\n\nSeveral vulnerabilities have been found in the Apache HTTP server.\n\nCVE-2018-17189\n\n Gal Goldshtein of F5 Networks discovered a denial of service\n vulnerability in mod_http2. By sending malformed requests, the\n http/2 stream for that request unnecessarily occupied a server\n thread cleaning up incoming data, resulting in denial of service.\n\nCVE-2018-17199\n\n Diego Angulo from ImExHS discovered that mod_session_cookie does not\n respect expiry time.\n\nCVE-2019-0196\n\n Craig Young discovered that the http/2 request handling in mod_http2\n could be made to access freed memory in string comparison when\n determining the method of a request and thus process the request\n incorrectly.\n\nCVE-2019-0211\n\n Charles Fol discovered a privilege escalation from the\n less-privileged child process to the parent process running as root.\n\nCVE-2019-0217\n\n A race condition in mod_auth_digest when running in a threaded\n server could allow a user with valid credentials to authenticate\n using another username, bypassing configured access control\n restrictions. The issue was discovered by Simon Kappel.\n\nCVE-2019-0220\n\n Bernhard Lorenz of Alpha Strike Labs GmbH reported that URL\n normalizations were inconsistently handled. When the path component\n of a request URL contains multiple consecutive slashes ('/'),\n directives such as LocationMatch and RewriteRule must account for\n duplicates in regular expressions while other aspects of the servers\n processing will implicitly collapse them.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2.4.25-3+deb9u7.\n\nThis update also contains bug fixes that were scheduled for inclusion in the\nnext stable point release. This includes a fix for a regression caused by a\nsecurity fix in version 2.4.25-3+deb9u6.\n\nWe recommend that you upgrade your apache2 packages.\n\nFor the detailed security status of apache2 please refer to its security\ntracker page at: https://security-tracker.debian.org/tracker/apache2\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2019-04-03T09:11:16", "published": "2019-04-03T09:11:16", "id": "DEBIAN:DSA-4422-1:16F13", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2019/msg00066.html", "title": "[SECURITY] [DSA 4422-1] apache2 security update", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "oracle": [{"lastseen": "2019-05-29T18:21:11", "bulletinFamily": "software", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n \n\n * [Critical Patch Updates, Security Alerts and Bulletins](<https://www.oracle.com/securityalerts>) for information about Oracle Security Advisories.\n\n \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 297 new security fixes across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ April 2019 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2494878.1>).\n", "modified": "2019-05-28T00:00:00", "published": "2019-04-16T00:00:00", "id": "ORACLE:CPUAPR2019-5072813", "href": "", "title": "Oracle Critical Patch Update - April 2019", "type": "oracle", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-16T16:32:12", "bulletinFamily": "software", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n \n\n * [Critical Patch Updates, Security Alerts and Bulletins](<https://www.oracle.com/securityalerts>) for information about Oracle Security Advisories.\n\n \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 319 new security fixes across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ July 2019 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2559985.1>).\n\n** Please note that since the release of the April 2019 Critical Patch Update, Oracle has released two Security Alerts for Oracle WebLogic Server: [ CVE-2019-2725 (April 29, 2019)](<http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html>) and [ CVE-2019-2729 (June 18, 2019)](<http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html>). WebLogic Server customers are strongly advised to apply the fixes contained in this Critical Patch Update, which provides the fixes for the previously-released Alerts as well as additional fixes.**\n", "modified": "2019-08-16T00:00:00", "published": "2019-07-16T00:00:00", "id": "ORACLE:CPUJUL2019-5072835", "href": "", "title": "Oracle Critical Patch Update - July 2019", "type": "oracle", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}