Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2004-2021 Tenable Network Security, Inc.MANDRAKE_MDKSA-2004-096.NASL
HistorySep 16, 2004 - 12:00 a.m.

Mandrake Linux Security Advisory : apache2 (MDKSA-2004:096)

2004-09-1600:00:00
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.
www.tenable.com
16
JSON

Two Denial of Service conditions were discovered in the input filter of mod_ssl, the module that enables apache to handle HTTPS requests.

Another vulnerability was discovered by the ASF security team using the Codenomicon HTTP Test Tool. This vulnerability, in the apr-util library, can possibly lead to arbitrary code execution if certain non-default conditions are met (enabling the AP_ENABLE_EXCEPTION_HOOK define).

As well, the SITIC have discovered a buffer overflow when Apache expands environment variables in configuration files such as .htaccess and httpd.conf, which can lead to possible privilege escalation. This can only be done, however, if an attacker is able to place malicious configuration files on the server.

Finally, a crash condition was discovered in the mod_dav module by Julian Reschke, where sending a LOCK refresh request to an indirectly locked resource could crash the server.

The updated packages have been patched to protect against these vulnerabilities.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandrake Linux Security Advisory MDKSA-2004:096. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(14752);
  script_version("1.20");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2004-0747", "CVE-2004-0748", "CVE-2004-0751", "CVE-2004-0783", "CVE-2004-0786", "CVE-2004-0809");
  script_xref(name:"MDKSA", value:"2004:096");

  script_name(english:"Mandrake Linux Security Advisory : apache2 (MDKSA-2004:096)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandrake Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Two Denial of Service conditions were discovered in the input filter
of mod_ssl, the module that enables apache to handle HTTPS requests.

Another vulnerability was discovered by the ASF security team using
the Codenomicon HTTP Test Tool. This vulnerability, in the apr-util
library, can possibly lead to arbitrary code execution if certain
non-default conditions are met (enabling the AP_ENABLE_EXCEPTION_HOOK
define).

As well, the SITIC have discovered a buffer overflow when Apache
expands environment variables in configuration files such as .htaccess
and httpd.conf, which can lead to possible privilege escalation. This
can only be done, however, if an attacker is able to place malicious
configuration files on the server.

Finally, a crash condition was discovered in the mod_dav module by
Julian Reschke, where sending a LOCK refresh request to an indirectly
locked resource could crash the server.

The updated packages have been patched to protect against these
vulnerabilities."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.uniras.gov.uk/vuls/2004/403518/index.htm"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-manual");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-mod_cache");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-mod_dav");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-mod_deflate");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-mod_disk_cache");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-mod_file_cache");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-mod_ldap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-mod_mem_cache");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-mod_proxy");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-mod_ssl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-modules");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-source");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64apr0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libapr0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:10.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.2");

  script_set_attribute(attribute:"patch_publication_date", value:"2004/09/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2004/09/16");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK10.0", reference:"apache2-2.0.48-6.6.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-common-2.0.48-6.6.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-devel-2.0.48-6.6.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-manual-2.0.48-6.6.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-mod_cache-2.0.48-6.6.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-mod_dav-2.0.48-6.6.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-mod_deflate-2.0.48-6.6.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-mod_disk_cache-2.0.48-6.6.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-mod_file_cache-2.0.48-6.6.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-mod_ldap-2.0.48-6.6.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-mod_mem_cache-2.0.48-6.6.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-mod_proxy-2.0.48-6.6.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-mod_ssl-2.0.48-6.6.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-modules-2.0.48-6.6.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-source-2.0.48-6.6.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64apr0-2.0.48-6.6.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"libapr0-2.0.48-6.6.100mdk", yank:"mdk")) flag++;

if (rpm_check(release:"MDK9.2", reference:"apache2-2.0.47-6.9.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"apache2-common-2.0.47-6.9.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"apache2-devel-2.0.47-6.9.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"apache2-manual-2.0.47-6.9.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"apache2-mod_cache-2.0.47-6.9.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"apache2-mod_dav-2.0.47-6.9.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"apache2-mod_deflate-2.0.47-6.9.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"apache2-mod_disk_cache-2.0.47-6.9.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"apache2-mod_file_cache-2.0.47-6.9.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"apache2-mod_ldap-2.0.47-6.9.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"apache2-mod_mem_cache-2.0.47-6.9.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"apache2-mod_proxy-2.0.47-6.9.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"apache2-mod_ssl-2.0.47-6.9.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"apache2-modules-2.0.47-6.9.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"apache2-source-2.0.47-6.9.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", cpu:"amd64", reference:"lib64apr0-2.0.47-6.9.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", cpu:"i386", reference:"libapr0-2.0.47-6.9.92mdk", yank:"mdk")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
mandrivalinuxapache2p-cpe:/a:mandriva:linux:apache2
mandrivalinuxapache2-commonp-cpe:/a:mandriva:linux:apache2-common
mandrivalinuxapache2-develp-cpe:/a:mandriva:linux:apache2-devel
mandrivalinuxapache2-manualp-cpe:/a:mandriva:linux:apache2-manual
mandrivalinuxapache2-mod_cachep-cpe:/a:mandriva:linux:apache2-mod_cache
mandrivalinuxapache2-mod_davp-cpe:/a:mandriva:linux:apache2-mod_dav
mandrivalinuxapache2-mod_deflatep-cpe:/a:mandriva:linux:apache2-mod_deflate
mandrivalinuxapache2-mod_disk_cachep-cpe:/a:mandriva:linux:apache2-mod_disk_cache
mandrivalinuxapache2-mod_file_cachep-cpe:/a:mandriva:linux:apache2-mod_file_cache
mandrivalinuxapache2-mod_ldapp-cpe:/a:mandriva:linux:apache2-mod_ldap
Rows per page:
1-10 of 191

Related

gentoo 2
openvas 32
securityvulns 6
nessus 35
redhat 4
freebsd 5
checkpoint_advisories 2
debiancve 6
debian 4
osv 2
ubuntucve 6
cve 6
httpd 5
cert 4
suse 3
gentoo
gentoo
Apache 2, mod_dav: Multiple vulnerabilities
2004-09-16 00:00:00
GTK+ 2, gdk-pixbuf: Multiple image decoding vulnerabilities
2004-09-21 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200409-21 (apache)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200409-21 (apache)
2008-09-24 00:00:00
HP-UX Update for Apache with PHP HPSBUX01090
2009-05-05 00:00:00
securityvulns
securityvulns
[ANNOUNCE] Apache HTTP Server 2.0.51 Released
2004-09-16 00:00:00
MDKSA-2004:096 - Updated apache2 packages fix multiple vulnerabilities
2004-09-16 00:00:00
[Full-Disclosure] [SECURITY] [DSA 558-1] New libapache-mod-dav packages fix potential denial of service
2004-10-06 00:00:00
nessus
nessus
GLSA-200409-21 : Apache 2, mod_dav: Multiple vulnerabilities
2004-09-17 00:00:00
Apache 2.0.x < 2.0.51 Multiple Vulnerabilities (OF, DoS)
2004-09-16 00:00:00
RHEL 3 : httpd (RHSA-2004:463)
2004-09-15 00:00:00
redhat
redhat
(RHSA-2004:463) httpd security update
2004-09-15 00:00:00
(RHSA-2004:349) httpd security update
2004-09-01 00:00:00
(RHSA-2004:447) gdk-pixbuf security update
2004-09-15 00:00:00
freebsd
freebsd
apache2 -- SSL remote DoS
2004-07-07 00:00:00
apache -- apr_uri_parse IPv6 address handling vulnerability
2004-09-15 00:00:00
mod_dav -- lock related denial-of-service
2004-09-15 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache apr-util IPv6 URI Parsing (CVE-2004-0786)
2009-10-08 00:00:00
Apache 2 mod_ssl Connection Abort Denial of Service possible attack - Ver2 (CVE-2004-0748)
2014-12-28 00:00:00
debiancve
debiancve
CVE-2004-0748
2004-10-20 04:00:00
CVE-2004-0747
2004-10-20 04:00:00
CVE-2004-0751
2004-10-20 04:00:00
debian
debian
[SECURITY] [DSA 558-1] New libapache-mod-dav packages fix potential denial of service
2004-10-06 07:32:58
[SECURITY] [DSA 558-1] New libapache-mod-dav packages fix potential denial of service
2004-10-06 00:00:00
[SECURITY] [DSA 549-1] New gtk+2.0 packages fix several vulnerabilities
2004-09-17 00:00:00
osv
osv
libapache-mod-dav - null pointer dereference
2004-10-06 00:00:00
gtk+2.0 - multiple holes
2004-09-17 00:00:00
ubuntucve
ubuntucve
CVE-2004-0786
2004-10-20 00:00:00
CVE-2004-0747
2004-10-20 00:00:00
CVE-2004-0748
2004-10-20 00:00:00
cve
cve
CVE-2004-0751
2004-10-20 04:00:00
CVE-2004-0786
2004-10-20 04:00:00
CVE-2004-0748
2004-10-20 04:00:00
httpd
httpd
Apache Httpd < 2.0.51 : WebDAV remote crash
2004-09-12 00:00:00
Apache Httpd < 2.0.51 : IPv6 URI parsing heap overflow
2004-08-25 00:00:00
Apache Httpd < 2.0.51 : SSL connection infinite loop
2004-07-07 00:00:00
cert
cert
GdkPixbuf XPM parser contains a stack overflow vulnerability
2004-10-01 00:00:00
Apache vulnerable to buffer overflow when expanding environment variables
2004-09-17 00:00:00
GdkPixbuf BMP parser may enter an infinite loop
2004-10-01 00:00:00
suse
suse
remote DoS condition in apache2
2004-09-06 13:51:41
remote denial-of-service in apache2
2004-09-15 15:46:39
remote code execution in gtk2, gdk-pixbuf
2004-09-17 10:02:50
JSON
Related for MANDRAKE_MDKSA-2004-096.NASL
gentoo2openvas32securityvulns6nessus35redhat4freebsd5checkpoint_advisories2debiancve6debian4osv2ubuntucve6cve6httpd5cert4suse3