Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2005-2021 Tenable Network Security, Inc.MANDRAKE_MDKSA-2005-161.NASL
HistoryOct 05, 2005 - 12:00 a.m.

Mandrake Linux Security Advisory : apache2 (MDKSA-2005:161)

2005-10-0500:00:00
This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.
www.tenable.com
11
JSON

A flaw was discovered in mod_ssl’s handling of the ‘SSLVerifyClient’ directive. This flaw occurs if a virtual host is configured using ‘SSLVerifyClient optional’ and a directive ‘SSLVerifyClient required’ is set for a specific location. For servers configured in this fashion, an attacker may be able to access resources that should otherwise be protected, by not supplying a client certificate when connecting. (CVE-2005-2700)

A flaw was discovered in Apache httpd where the byterange filter would buffer certain responses into memory. If a server has a dynamic resource such as a CGI script or PHP script that generates a large amount of data, an attacker could send carefully crafted requests in order to consume resources, potentially leading to a Denial of Service. (CVE-2005-2728)

The updated packages have been patched to address these issues.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandrake Linux Security Advisory MDKSA-2005:161. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(19916);
  script_version("1.18");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2005-2700", "CVE-2005-2728");
  script_xref(name:"MDKSA", value:"2005:161");

  script_name(english:"Mandrake Linux Security Advisory : apache2 (MDKSA-2005:161)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandrake Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A flaw was discovered in mod_ssl's handling of the 'SSLVerifyClient'
directive. This flaw occurs if a virtual host is configured using
'SSLVerifyClient optional' and a directive 'SSLVerifyClient required'
is set for a specific location. For servers configured in this
fashion, an attacker may be able to access resources that should
otherwise be protected, by not supplying a client certificate when
connecting. (CVE-2005-2700)

A flaw was discovered in Apache httpd where the byterange filter would
buffer certain responses into memory. If a server has a dynamic
resource such as a CGI script or PHP script that generates a large
amount of data, an attacker could send carefully crafted requests in
order to consume resources, potentially leading to a Denial of
Service. (CVE-2005-2728)

The updated packages have been patched to address these issues."
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-manual");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-mod_cache");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-mod_dav");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-mod_deflate");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-mod_disk_cache");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-mod_file_cache");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-mod_ldap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-mod_mem_cache");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-mod_proxy");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-mod_ssl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-modules");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-peruser");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-source");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache2-worker");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64apr0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libapr0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:10.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:10.1");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:mandrakesoft:mandrake_linux:le2005");

  script_set_attribute(attribute:"patch_publication_date", value:"2005/09/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2005/10/05");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK10.0", reference:"apache2-2.0.48-6.11.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-common-2.0.48-6.11.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-devel-2.0.48-6.11.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-manual-2.0.48-6.11.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-mod_cache-2.0.48-6.11.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-mod_dav-2.0.48-6.11.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-mod_deflate-2.0.48-6.11.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-mod_disk_cache-2.0.48-6.11.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-mod_file_cache-2.0.48-6.11.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-mod_ldap-2.0.48-6.11.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-mod_mem_cache-2.0.48-6.11.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-mod_proxy-2.0.48-6.11.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-mod_ssl-2.0.48-6.11.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-modules-2.0.48-6.11.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"apache2-source-2.0.48-6.11.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64apr0-2.0.48-6.11.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"libapr0-2.0.48-6.11.100mdk", yank:"mdk")) flag++;

if (rpm_check(release:"MDK10.1", reference:"apache2-2.0.50-7.4.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"apache2-common-2.0.50-7.4.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"apache2-devel-2.0.50-7.4.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"apache2-manual-2.0.50-7.4.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"apache2-mod_cache-2.0.50-7.4.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"apache2-mod_dav-2.0.50-7.4.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"apache2-mod_deflate-2.0.50-7.4.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"apache2-mod_disk_cache-2.0.50-7.4.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"apache2-mod_file_cache-2.0.50-7.4.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"apache2-mod_ldap-2.0.50-7.4.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"apache2-mod_mem_cache-2.0.50-7.4.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"apache2-mod_proxy-2.0.50-7.4.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"apache2-mod_ssl-2.0.50-4.3.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"apache2-modules-2.0.50-7.4.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"apache2-source-2.0.50-7.4.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"apache2-worker-2.0.50-7.4.101mdk", yank:"mdk")) flag++;

if (rpm_check(release:"MDK10.2", reference:"apache2-2.0.53-9.2.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", reference:"apache2-common-2.0.53-9.2.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", reference:"apache2-devel-2.0.53-9.2.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", reference:"apache2-manual-2.0.53-9.2.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", reference:"apache2-mod_cache-2.0.53-9.2.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", reference:"apache2-mod_dav-2.0.53-9.2.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", reference:"apache2-mod_deflate-2.0.53-9.2.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", reference:"apache2-mod_disk_cache-2.0.53-9.2.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", reference:"apache2-mod_file_cache-2.0.53-9.2.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", reference:"apache2-mod_ldap-2.0.53-9.2.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", reference:"apache2-mod_mem_cache-2.0.53-9.2.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", reference:"apache2-mod_proxy-2.0.53-9.2.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", reference:"apache2-mod_ssl-2.0.53-8.2.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", reference:"apache2-modules-2.0.53-9.2.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", reference:"apache2-peruser-2.0.53-9.2.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", reference:"apache2-source-2.0.53-9.2.102mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.2", reference:"apache2-worker-2.0.53-9.2.102mdk", yank:"mdk")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
mandrivalinuxapache2p-cpe:/a:mandriva:linux:apache2
mandrivalinuxapache2-commonp-cpe:/a:mandriva:linux:apache2-common
mandrivalinuxapache2-develp-cpe:/a:mandriva:linux:apache2-devel
mandrivalinuxapache2-manualp-cpe:/a:mandriva:linux:apache2-manual
mandrivalinuxapache2-mod_cachep-cpe:/a:mandriva:linux:apache2-mod_cache
mandrivalinuxapache2-mod_davp-cpe:/a:mandriva:linux:apache2-mod_dav
mandrivalinuxapache2-mod_deflatep-cpe:/a:mandriva:linux:apache2-mod_deflate
mandrivalinuxapache2-mod_disk_cachep-cpe:/a:mandriva:linux:apache2-mod_disk_cache
mandrivalinuxapache2-mod_file_cachep-cpe:/a:mandriva:linux:apache2-mod_file_cache
mandrivalinuxapache2-mod_ldapp-cpe:/a:mandriva:linux:apache2-mod_ldap
Rows per page:
1-10 of 221

Related

nessus 17
redhat 2
centos 2
openvas 33
suse 3
osv 2
debian 4
ubuntu 1
f5 4
cve 2
ubuntucve 2
checkpoint_advisories 1
httpd 2
debiancve 2
cert 1
slackware 2
securityvulns 1
gentoo 2
nessus
nessus
CentOS 3 / 4 : httpd (CESA-2005:608)
2006-07-03 00:00:00
Fedora Core 3 : httpd-2.0.53-3.3 (2005-848)
2005-09-17 00:00:00
RHEL 3 / 4 : httpd (RHSA-2005:608)
2005-09-12 00:00:00
redhat
redhat
(RHSA-2005:608) httpd security update
2005-09-06 00:00:00
(RHSA-2005:773) mod_ssl security update
2005-09-15 00:00:00
centos
centos
httpd, mod_ssl security update
2005-09-06 15:58:02
mod_ssl security update
2005-09-16 00:34:35
openvas
openvas
SLES9: Security update for Apache2
2009-10-10 00:00:00
SLES9: Security update for Apache2
2009-10-10 00:00:00
Debian: Security Advisory (DSA-805-1)
2008-01-17 00:00:00
suse
suse
local command execution, authentication bypass, in apache2
2005-09-16 12:34:21
local command execution, authentication bypass, in apache2
2005-09-12 13:00:50
cryptographic problems in apache2
2006-09-08 14:34:17
osv
osv
apache2 - several
2005-09-08 00:00:00
libapache-mod-ssl - acl restriction bypass
2005-09-12 00:00:00
debian
debian
[SECURITY] [DSA 805-1] New Apache2 packages fix several vulnerabilities
2005-09-08 18:07:44
[SECURITY] [DSA 805-1] New Apache2 packages fix several vulnerabilities
2005-09-08 18:07:44
[SECURITY] [DSA 807-1] New mod_ssl packages fix acl restriction bypass
2005-09-12 14:21:07
ubuntu
ubuntu
Apache 2 vulnerabilities
2005-09-07 00:00:00
f5
f5
SOL5857 - Client certificate check vulnerability in Apache - CVE-2005-2700
2007-05-16 00:00:00
K5278 : Apache mod_ssl SSLVerifyClient bypass - CAN-2005-2700
2013-03-28 00:00:00
K5857 : Client certificate check vulnerability in Apache - CVE-2005-2700
2013-03-28 00:00:00
cve
cve
CVE-2005-2700
2005-09-06 23:03:00
CVE-2005-2728
2005-08-30 11:45:00
ubuntucve
ubuntucve
CVE-2005-2700
2005-09-06 00:00:00
CVE-2005-2728
2005-08-30 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache Byte-Range Filter Denial of Service (CVE-2005-2728)
2010-07-25 00:00:00
httpd
httpd
Apache Httpd < 2.0.55 : SSLVerifyClient bypass
2005-08-30 00:00:00
Apache Httpd < 2.0.55 : Byterange filter DoS
2005-07-07 00:00:00
debiancve
debiancve
CVE-2005-2700
2005-09-06 23:03:00
CVE-2005-2728
2005-08-30 11:45:00
cert
cert
mod_ssl fails to properly enforce client certificates authentication
2005-09-09 00:00:00
slackware
slackware
mod_ssl
2005-09-08 15:54:45
slackware-current security updates
2005-09-08 15:55:02
securityvulns
securityvulns
mod_ssl &quot;SSLVerifyClient&quot; Security Bypass Security Issue
2005-09-05 00:00:00
gentoo
gentoo
Apache 2.0: Denial of Service vulnerability
2005-08-25 00:00:00
Apache, mod_ssl: Multiple vulnerabilities
2005-09-19 00:00:00
JSON
Related for MANDRAKE_MDKSA-2005-161.NASL
nessus17redhat2centos2openvas33suse3osv2debian4ubuntu1f54cve2ubuntucve2checkpoint_advisories1httpd2debiancve2cert1slackware2securityvulns1gentoo2