Lucene search
This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2004-408.NASLHistorySep 09, 2004 - 12:00 a.m.
RHEL 2.1 : mod_ssl (RHSA-2004:408)
2004-09-0900:00:00
This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
20
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.901
Percentile
98.8%
An updated mod_ssl package for Apache that fixes a format string vulnerability is now available.
The mod_ssl module provides strong cryptography for the Apache Web server via the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols.
A format string issue was discovered in mod_ssl for Apache 1.3 which can be triggered if mod_ssl is configured to allow a client to proxy to remote SSL sites. In order to exploit this issue, a user who is authorized to use Apache as a proxy would have to attempt to connect to a carefully crafted hostname via SSL. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0700 to this issue.
Users of mod_ssl should upgrade to this updated package, which contains a backported patch to correct this issue.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2004:408. The text
# itself is copyright (C) Red Hat, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(14698);
script_version("1.26");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2004-0700");
script_xref(name:"RHSA", value:"2004:408");
script_name(english:"RHEL 2.1 : mod_ssl (RHSA-2004:408)");
script_summary(english:"Checks the rpm output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Red Hat host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"An updated mod_ssl package for Apache that fixes a format string
vulnerability is now available.
The mod_ssl module provides strong cryptography for the Apache Web
server via the Secure Sockets Layer (SSL) and Transport Layer Security
(TLS) protocols.
A format string issue was discovered in mod_ssl for Apache 1.3 which
can be triggered if mod_ssl is configured to allow a client to proxy
to remote SSL sites. In order to exploit this issue, a user who is
authorized to use Apache as a proxy would have to attempt to connect
to a carefully crafted hostname via SSL. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name
CVE-2004-0700 to this issue.
Users of mod_ssl should upgrade to this updated package, which
contains a backported patch to correct this issue."
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2004-0700"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/errata/RHSA-2004:408"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected mod_ssl package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_ssl");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:2.1");
script_set_attribute(attribute:"vuln_publication_date", value:"2004/07/27");
script_set_attribute(attribute:"patch_publication_date", value:"2004/09/07");
script_set_attribute(attribute:"plugin_publication_date", value:"2004/09/09");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Red Hat Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^2\.1([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 2.1", "Red Hat " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
if (cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i386", cpu);
yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo))
{
rhsa = "RHSA-2004:408";
yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
if (!empty_or_null(yum_report))
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : yum_report
);
exit(0);
}
else
{
audit_message = "affected by Red Hat security advisory " + rhsa;
audit(AUDIT_OS_NOT, audit_message);
}
}
else
{
flag = 0;
if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"mod_ssl-2.8.12-6")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get() + redhat_report_package_caveat()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mod_ssl");
}
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | enterprise_linux | mod_ssl | p-cpe:/a:redhat:enterprise_linux:mod_ssl |
| redhat | enterprise_linux | 2.1 | cpe:/o:redhat:enterprise_linux:2.1 |
Related
nessus
nessus
Mandrake Linux Security Advisory : mod_ssl (MDKSA-2004:075)
2004-07-31 00:00:00
Apache mod_ssl ssl_engine_log.c mod_proxy Hook Function Remote Format String
2004-07-16 00:00:00
cve
cve
CVE-2004-0700
2004-07-27 04:00:00
openvas
openvas
mod_ssl hook functions format string vulnerability
2005-11-03 00:00:00
FreeBSD Ports: apache+mod_ssl
2008-09-04 00:00:00
FreeBSD Ports: apache+mod_ssl
2008-09-04 00:00:00
ubuntucve
ubuntucve
CVE-2004-0700
2004-07-27 00:00:00
redhat
redhat
(RHSA-2004:408) mod_ssl security update
2004-09-07 00:00:00
f5
f5
K5534 : Apache mod_proxy message format vulnerability CAN-2004-0700
2013-03-28 00:00:00
K000138508 : mod_ssl vulnerability CVE-2004-0700
2024-02-06 00:00:00
SOL5534 - Apache mod_proxy message format vulnerability - CAN-2004-0700
2007-05-16 00:00:00
cvelist
cvelist
CVE-2004-0700
2004-07-21 04:00:00
freebsd
freebsd
apache13-modssl -- format string vulnerability in proxy support
2004-07-16 00:00:00
nvd
nvd
CVE-2004-0700
2004-07-27 04:00:00
osv
osv
libapache-mod-ssl - several vulnerabilities
2004-07-27 00:00:00
debian
debian
ubuntu
ubuntu
Apache 2 vulnerabilities
2005-09-07 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.901
Percentile
98.8%
Related for REDHAT-RHSA-2004-408.NASL