{"id": "REDHAT-RHSA-2006-0159.NASL", "bulletinFamily": "scanner", "title": "RHEL 3 / 4 : httpd (RHSA-2006:0159)", "description": "Updated Apache httpd packages that correct three security issues are\nnow available for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular and freely-available Web server.\n\nA memory leak in the worker MPM could allow remote attackers to cause\na denial of service (memory consumption) via aborted connections,\nwhich prevents the memory for the transaction pool from being reused\nfor other connections. The Common Vulnerabilities and Exposures\nproject assigned the name CVE-2005-2970 to this issue. This\nvulnerability only affects users who are using the non-default worker\nMPM.\n\nA flaw in mod_imap when using the Referer directive with image maps\nwas discovered. With certain site configurations, a remote attacker\ncould perform a cross-site scripting attack if a victim can be forced\nto visit a malicious URL using certain web browsers. (CVE-2005-3352)\n\nA NULL pointer dereference flaw in mod_ssl was discovered affecting\nserver configurations where an SSL virtual host is configured with\naccess control and a custom 400 error document. A remote attacker\ncould send a carefully crafted request to trigger this issue which\nwould lead to a crash. This crash would only be a denial of service if\nusing the non-default worker MPM. (CVE-2005-3357)\n\nUsers of httpd should update to these erratum packages which contain\nbackported patches to correct these issues along with some additional\nbugs.", "published": "2006-01-11T00:00:00", "modified": "2006-01-11T00:00:00", "cvss": {"score": 5.4, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:C"}, "href": "https://www.tenable.com/plugins/nessus/20398", "reporter": "This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://access.redhat.com/security/cve/cve-2005-3357", "https://access.redhat.com/security/cve/cve-2005-3352", "https://access.redhat.com/security/cve/cve-2005-2970", "https://access.redhat.com/errata/RHSA-2006:0159"], "cvelist": ["CVE-2005-2970", "CVE-2005-3357", "CVE-2005-3352"], "type": "nessus", "lastseen": "2021-01-17T13:05:34", "edition": 27, "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-3357", "CVE-2005-3352", "CVE-2005-2970"]}, {"type": "centos", "idList": ["CESA-2006:0159", "CESA-2006:0158-01"]}, {"type": "nessus", "idList": ["MANDRAKE_MDKSA-2006-007.NASL", "GENTOO_GLSA-200602-03.NASL", "HPUX_PHSS_35436.NASL", "HPUX_PHSS_36385.NASL", "CENTOS_RHSA-2006-0159.NASL", "UBUNTU_USN-241-1.NASL", "FEDORA_2006-052.NASL", "UBUNTU_USN-225-1.NASL", "HPUX_PHSS_35437.NASL", "HPUX_PHSS_36386.NASL"]}, {"type": "redhat", "idList": ["RHSA-2006:0159", "RHSA-2006:0158"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231056731", "OPENVAS:56067", "OPENVAS:65472", "OPENVAS:56731", "OPENVAS:136141256231065472", "OPENVAS:65017", "OPENVAS:136141256231065017", "OPENVAS:56246", "OPENVAS:65209", "OPENVAS:136141256231065209"]}, {"type": "ubuntu", "idList": ["USN-225-1", "USN-241-1"]}, {"type": "gentoo", "idList": ["GLSA-200602-03"]}, {"type": "cert", "idList": ["VU:395412"]}, {"type": "osvdb", "idList": ["OSVDB:20462", "OSVDB:22261", "OSVDB:21705"]}, {"type": "httpd", "idList": ["HTTPD:585431E03431E2BD4D1F7D6E61204BB9", "HTTPD:60A3A95B73E5F3424F9955F53B32634F", "HTTPD:F7679CE4C32DE86477AA13FB89AE6D5F", "HTTPD:02D2F96F0155C694CF1295A7E79268B4", "HTTPD:B93D1EFA6697D7A4CCEEDEDA4931C90F", "HTTPD:213CE6E948FDBFEC685F7DEEF1C5BFE4", "HTTPD:86B13C85F68E8D147B32F80CDEF73D8E", "HTTPD:6A6D246162DDA1D862484083299ECC4C", "HTTPD:11A7A61AEC2B4A2E6B1136E7EC18285F"]}, {"type": "seebug", "idList": ["SSV:4227"]}, {"type": "slackware", "idList": ["SSA-2006-129-01"]}, {"type": "jvn", "idList": ["JVN:06045169"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:10660"]}, {"type": "freebsd", "idList": ["9FFF8DC8-7AA7-11DA-BF72-00123F589060"]}, {"type": "suse", "idList": ["SUSE-SA:2006:043", "SUSE-SA:2006:051"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1167-1:158F8"]}], "modified": "2021-01-17T13:05:34", "rev": 2}, "score": {"value": 5.8, "vector": "NONE", "modified": "2021-01-17T13:05:34", "rev": 2}, "vulnersScore": 5.8}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2006:0159. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(20398);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-2970\", \"CVE-2005-3352\", \"CVE-2005-3357\");\n script_bugtraq_id(15834, 16152);\n script_xref(name:\"RHSA\", value:\"2006:0159\");\n\n script_name(english:\"RHEL 3 / 4 : httpd (RHSA-2006:0159)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated Apache httpd packages that correct three security issues are\nnow available for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular and freely-available Web server.\n\nA memory leak in the worker MPM could allow remote attackers to cause\na denial of service (memory consumption) via aborted connections,\nwhich prevents the memory for the transaction pool from being reused\nfor other connections. The Common Vulnerabilities and Exposures\nproject assigned the name CVE-2005-2970 to this issue. This\nvulnerability only affects users who are using the non-default worker\nMPM.\n\nA flaw in mod_imap when using the Referer directive with image maps\nwas discovered. With certain site configurations, a remote attacker\ncould perform a cross-site scripting attack if a victim can be forced\nto visit a malicious URL using certain web browsers. (CVE-2005-3352)\n\nA NULL pointer dereference flaw in mod_ssl was discovered affecting\nserver configurations where an SSL virtual host is configured with\naccess control and a custom 400 error document. A remote attacker\ncould send a carefully crafted request to trigger this issue which\nwould lead to a crash. This crash would only be a denial of service if\nusing the non-default worker MPM. (CVE-2005-3357)\n\nUsers of httpd should update to these erratum packages which contain\nbackported patches to correct these issues along with some additional\nbugs.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-2970\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-3352\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-3357\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2006:0159\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-suexec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/10/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2006:0159\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"httpd-2.0.46-56.ent\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"httpd-devel-2.0.46-56.ent\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"mod_ssl-2.0.46-56.ent\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"httpd-2.0.52-22.ent\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"httpd-devel-2.0.52-22.ent\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"httpd-manual-2.0.52-22.ent\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"httpd-suexec-2.0.52-22.ent\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"mod_ssl-2.0.52-22.ent\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / httpd-manual / httpd-suexec / mod_ssl\");\n }\n}\n", "naslFamily": "Red Hat Local Security Checks", "pluginID": "20398", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "p-cpe:/a:redhat:enterprise_linux:httpd-suexec", "p-cpe:/a:redhat:enterprise_linux:mod_ssl", "p-cpe:/a:redhat:enterprise_linux:httpd", "p-cpe:/a:redhat:enterprise_linux:httpd-manual", "p-cpe:/a:redhat:enterprise_linux:httpd-devel"], "scheme": null}

{"cve": [{"lastseen": "2021-02-02T05:24:38", "description": "Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections.", "edition": 6, "cvss3": {}, "published": "2005-10-25T17:06:00", "title": "CVE-2005-2970", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-2970"], "modified": "2018-10-19T15:34:00", "cpe": ["cpe:/a:apache:http_server:2.0"], "id": "CVE-2005-2970", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2970", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:24:39", "description": "Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.", "edition": 6, "cvss3": {}, "published": "2005-12-13T20:03:00", "title": "CVE-2005-3352", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-3352"], "modified": "2018-10-19T15:35:00", "cpe": ["cpe:/a:apache:http_server:2.0.40", "cpe:/a:apache:http_server:2.0.39", "cpe:/a:apache:http_server:1.3.27", "cpe:/a:apache:http_server:1.3.3", "cpe:/a:apache:http_server:1.3.24", "cpe:/a:apache:http_server:2.0.34", "cpe:/a:apache:http_server:1.3.22", "cpe:/a:apache:http_server:1.3.17", "cpe:/a:apache:http_server:2.0.32", "cpe:/a:apache:http_server:2.0.38", "cpe:/a:apache:http_server:2.0.35", "cpe:/a:apache:http_server:2.0.49", "cpe:/a:apache:http_server:1.3.10", "cpe:/a:apache:http_server:2.0", "cpe:/a:apache:http_server:2.0.53", "cpe:/a:apache:http_server:2.0.50", "cpe:/a:apache:http_server:1.3.16", "cpe:/a:apache:http_server:2.0.9", "cpe:/a:apache:http_server:1.3.6", "cpe:/a:apache:http_server:1.3.30", "cpe:/a:apache:http_server:2.0.55", "cpe:/a:apache:http_server:2.0.28", "cpe:/a:apache:http_server:1.3.28", "cpe:/a:apache:http_server:2.0.48", "cpe:/a:apache:http_server:1.3.14", "cpe:/a:apache:http_server:2.0.46", "cpe:/a:apache:mod_imap:*", "cpe:/a:apache:http_server:1.3.1", "cpe:/a:apache:http_server:1.3.20", "cpe:/a:apache:http_server:1.3.19", "cpe:/a:apache:http_server:2.0.45", "cpe:/a:apache:http_server:1.3.25", "cpe:/a:apache:http_server:2.0.41", "cpe:/a:apache:http_server:1.3.5", "cpe:/a:apache:http_server:2.0.44", "cpe:/a:apache:http_server:1.3.4", "cpe:/a:apache:http_server:1.3.0", "cpe:/a:apache:http_server:1.3.12", "cpe:/a:apache:http_server:1.3.7", "cpe:/a:apache:http_server:1.3.8", "cpe:/a:apache:http_server:1.3.26", "cpe:/a:apache:http_server:1.3.13", "cpe:/a:apache:http_server:1.3", "cpe:/a:apache:http_server:1.3.11", "cpe:/a:apache:http_server:2.0.37", "cpe:/a:apache:http_server:1.3.31", "cpe:/a:apache:http_server:2.0.54", "cpe:/a:apache:http_server:1.3.32", "cpe:/a:apache:http_server:2.0.43", "cpe:/a:apache:http_server:2.0.47", "cpe:/a:apache:http_server:2.0.36", "cpe:/a:apache:http_server:1.3.15", "cpe:/a:apache:http_server:2.0.42", "cpe:/a:apache:http_server:1.3.18", "cpe:/a:apache:http_server:1.3.2", "cpe:/a:apache:http_server:1.3.23", "cpe:/a:apache:http_server:1.3.29", "cpe:/a:apache:http_server:2.0.52", "cpe:/a:apache:http_server:2.0.51", "cpe:/a:apache:http_server:1.3.9"], "id": "CVE-2005-3352", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3352", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:apache:http_server:1.3.19:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.15:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.22:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.24:*:win32:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.13:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.51:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.19:*:win32:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.16:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.29:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.53:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.12:*:win32:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.34:beta:win32:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.25:*:win32:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.30:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.43:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.24:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.14:*:mac_os:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.17:*:win32:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.31:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.23:*:win32:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.22:*:win32:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.18:*:win32:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.13:*:win32:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.26:*:win32:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.15:*:win32:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.28:beta:win32:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.42:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.20:*:win32:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.28:*:*:*:*:*:*:*", "cpe:2.3:a:apache:mod_imap:*:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.16:*:win32:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.20:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.14:*:win32:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.32:beta:win32:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.23:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.54:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.25:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.11:*:win32:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.14:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.32:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.7:*:dev:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.55:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.45:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.18:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.4:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:24:39", "description": "mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.", "edition": 6, "cvss3": {}, "published": "2005-12-31T05:00:00", "title": "CVE-2005-3357", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 5.4, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-3357"], "modified": "2018-10-19T15:36:00", "cpe": ["cpe:/a:apache:http_server:2.0.40", "cpe:/a:apache:http_server:2.0.39", "cpe:/a:apache:http_server:2.0.32", "cpe:/a:apache:http_server:2.0.38", "cpe:/a:apache:http_server:2.0.35", "cpe:/a:apache:http_server:2.0.49", "cpe:/a:apache:http_server:2.0", "cpe:/a:apache:http_server:2.0.53", "cpe:/a:apache:http_server:2.0.50", "cpe:/a:apache:http_server:2.0.9", "cpe:/a:apache:http_server:2.0.55", "cpe:/a:apache:http_server:2.0.28", "cpe:/a:apache:http_server:2.0.48", "cpe:/a:apache:http_server:2.0.46", "cpe:/a:apache:http_server:2.0.45", "cpe:/a:apache:http_server:2.0.41", "cpe:/a:apache:http_server:2.0.44", "cpe:/a:apache:http_server:2.0.37", "cpe:/a:apache:http_server:2.0.54", "cpe:/a:apache:http_server:2.0.43", "cpe:/a:apache:http_server:2.0.47", "cpe:/a:apache:http_server:2.0.36", "cpe:/a:apache:http_server:2.0.42", "cpe:/a:apache:http_server:2.0.52", "cpe:/a:apache:http_server:2.0.51"], "id": "CVE-2005-3357", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3357", "cvss": {"score": 5.4, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:apache:http_server:2.0.51:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.53:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.43:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.42:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.54:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.55:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.45:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*"]}], "centos": [{"lastseen": "2019-12-20T18:24:12", "bulletinFamily": "unix", "cvelist": ["CVE-2005-2970", "CVE-2005-3357", "CVE-2005-3352"], "description": "**CentOS Errata and Security Advisory** CESA-2006:0159\n\n\nThe Apache HTTP Server is a popular and freely-available Web server.\r\n\r\nA memory leak in the worker MPM could allow remote attackers to cause a\r\ndenial of service (memory consumption) via aborted connections, which\r\nprevents the memory for the transaction pool from being reused for other\r\nconnections. The Common Vulnerabilities and Exposures project assigned the\r\nname CVE-2005-2970 to this issue. This vulnerability only affects users\r\nwho are using the non-default worker MPM.\r\n\r\nA flaw in mod_imap when using the Referer directive with image maps was\r\ndiscovered. With certain site configurations, a remote attacker could\r\nperform a cross-site scripting attack if a victim can be forced to visit a\r\nmalicious URL using certain web browsers. (CVE-2005-3352)\r\n\r\nA NULL pointer dereference flaw in mod_ssl was discovered affecting server\r\nconfigurations where an SSL virtual host is configured with access control\r\nand a custom 400 error document. A remote attacker could send a carefully\r\ncrafted request to trigger this issue which would lead to a crash. This\r\ncrash would only be a denial of service if using the non-default worker\r\nMPM. (CVE-2005-3357)\r\n\r\nUsers of httpd should update to these erratum packages which contain\r\nbackported patches to correct these issues along with some additional bugs.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024575.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024576.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024577.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024578.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024579.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024580.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024581.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024582.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024583.html\n\n**Affected packages:**\nhttpd\nhttpd-devel\nhttpd-manual\nhttpd-suexec\nmod_ssl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2006-0159.html", "edition": 4, "modified": "2006-01-06T01:29:35", "published": "2006-01-05T21:38:50", "href": "http://lists.centos.org/pipermail/centos-announce/2006-January/024575.html", "id": "CESA-2006:0159", "title": "httpd, mod_ssl security update", "type": "centos", "cvss": {"score": 5.4, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-12-20T18:28:40", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3352"], "description": "**CentOS Errata and Security Advisory** CESA-2006:0158-01\n\n\nThe Apache HTTP Server is a popular and freely-available Web server. \r\n\r\nA flaw in mod_imap when using the Referer directive with image maps was\r\ndiscovered. With certain site configurations, a remote attacker could\r\nperform a cross-site scripting attack if a victim can be forced to visit a\r\nmalicious URL using certain web browsers. The Common Vulnerabilities and\r\nExposures project assigned the name CVE-2005-3352 to this issue.\r\n\r\nUsers of apache should upgrade to these updated packages, which contain\r\na backported patch to correct this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2006-January/024641.html\n\n**Affected packages:**\napache\napache-devel\napache-manual\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 5, "modified": "2006-01-30T00:50:54", "published": "2006-01-30T00:50:54", "href": "http://lists.centos.org/pipermail/centos-announce/2006-January/024641.html", "id": "CESA-2006:0158-01", "title": "apache security update", "type": "centos", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2021-01-12T10:05:54", "description": "This update includes fixes for three security issues in the Apache\nHTTP Server.\n\nA memory leak in the worker MPM could allow remote attackers to cause\na denial of service (memory consumption) via aborted connections,\nwhich prevents the memory for the transaction pool from being reused\nfor other connections. The Common Vulnerabilities and Exposures\nproject assigned the name CVE-2005-2970 to this issue. This\nvulnerability only affects users who are using the non-default worker\nMPM.\n\nA flaw in mod_imap when using the Referer directive with image maps\nwas discovered. With certain site configurations, a remote attacker\ncould perform a cross-site scripting attack if a victim can be forced\nto visit a malicious URL using certain web browsers. (CVE-2005-3352)\n\nA NULL pointer dereference flaw in mod_ssl was discovered affecting\nserver configurations where an SSL virtual host is configured with\naccess control and a custom 400 error document. A remote attacker\ncould send a carefully crafted request to trigger this issue which\nwould lead to a crash. This crash would only be a denial of service if\nusing the non-default worker MPM. (CVE-2005-3357)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2006-01-21T00:00:00", "title": "Fedora Core 4 : httpd-2.0.54-10.3 (2006-052)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2970", "CVE-2005-3357", "CVE-2005-3352"], "modified": "2006-01-21T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:httpd", "p-cpe:/a:fedoraproject:fedora:httpd-devel", "p-cpe:/a:fedoraproject:fedora:httpd-manual", "cpe:/o:fedoraproject:fedora_core:4", "p-cpe:/a:fedoraproject:fedora:httpd-debuginfo", "p-cpe:/a:fedoraproject:fedora:mod_ssl"], "id": "FEDORA_2006-052.NASL", "href": "https://www.tenable.com/plugins/nessus/20757", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2006-052.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(20757);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2005-2970\", \"CVE-2005-3352\", \"CVE-2005-3357\");\n script_xref(name:\"FEDORA\", value:\"2006-052\");\n\n script_name(english:\"Fedora Core 4 : httpd-2.0.54-10.3 (2006-052)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update includes fixes for three security issues in the Apache\nHTTP Server.\n\nA memory leak in the worker MPM could allow remote attackers to cause\na denial of service (memory consumption) via aborted connections,\nwhich prevents the memory for the transaction pool from being reused\nfor other connections. The Common Vulnerabilities and Exposures\nproject assigned the name CVE-2005-2970 to this issue. This\nvulnerability only affects users who are using the non-default worker\nMPM.\n\nA flaw in mod_imap when using the Referer directive with image maps\nwas discovered. With certain site configurations, a remote attacker\ncould perform a cross-site scripting attack if a victim can be forced\nto visit a malicious URL using certain web browsers. (CVE-2005-3352)\n\nA NULL pointer dereference flaw in mod_ssl was discovered affecting\nserver configurations where an SSL virtual host is configured with\naccess control and a custom 400 error document. A remote attacker\ncould send a carefully crafted request to trigger this issue which\nwould lead to a crash. This crash would only be a denial of service if\nusing the non-default worker MPM. (CVE-2005-3357)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2006-January/001765.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?68f387ab\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 4.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC4\", reference:\"httpd-2.0.54-10.3\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"httpd-debuginfo-2.0.54-10.3\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"httpd-devel-2.0.54-10.3\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"httpd-manual-2.0.54-10.3\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"mod_ssl-2.0.54-10.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-debuginfo / httpd-devel / httpd-manual / mod_ssl\");\n}\n", "cvss": {"score": 5.4, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-06T09:24:55", "description": "Updated Apache httpd packages that correct three security issues are\nnow available for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular and freely-available Web server.\n\nA memory leak in the worker MPM could allow remote attackers to cause\na denial of service (memory consumption) via aborted connections,\nwhich prevents the memory for the transaction pool from being reused\nfor other connections. The Common Vulnerabilities and Exposures\nproject assigned the name CVE-2005-2970 to this issue. This\nvulnerability only affects users who are using the non-default worker\nMPM.\n\nA flaw in mod_imap when using the Referer directive with image maps\nwas discovered. With certain site configurations, a remote attacker\ncould perform a cross-site scripting attack if a victim can be forced\nto visit a malicious URL using certain web browsers. (CVE-2005-3352)\n\nA NULL pointer dereference flaw in mod_ssl was discovered affecting\nserver configurations where an SSL virtual host is configured with\naccess control and a custom 400 error document. A remote attacker\ncould send a carefully crafted request to trigger this issue which\nwould lead to a crash. This crash would only be a denial of service if\nusing the non-default worker MPM. (CVE-2005-3357)\n\nUsers of httpd should update to these erratum packages which contain\nbackported patches to correct these issues along with some additional\nbugs.", "edition": 26, "published": "2006-07-03T00:00:00", "title": "CentOS 3 / 4 : httpd (CESA-2006:0159)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2970", "CVE-2005-3357", "CVE-2005-3352"], "modified": "2006-07-03T00:00:00", "cpe": ["p-cpe:/a:centos:centos:httpd-suexec", "p-cpe:/a:centos:centos:mod_ssl", "p-cpe:/a:centos:centos:httpd-manual", "cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:httpd", "p-cpe:/a:centos:centos:httpd-devel", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2006-0159.NASL", "href": "https://www.tenable.com/plugins/nessus/21884", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2006:0159 and \n# CentOS Errata and Security Advisory 2006:0159 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(21884);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2005-2970\", \"CVE-2005-3352\", \"CVE-2005-3357\");\n script_bugtraq_id(15834, 16152);\n script_xref(name:\"RHSA\", value:\"2006:0159\");\n\n script_name(english:\"CentOS 3 / 4 : httpd (CESA-2006:0159)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated Apache httpd packages that correct three security issues are\nnow available for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular and freely-available Web server.\n\nA memory leak in the worker MPM could allow remote attackers to cause\na denial of service (memory consumption) via aborted connections,\nwhich prevents the memory for the transaction pool from being reused\nfor other connections. The Common Vulnerabilities and Exposures\nproject assigned the name CVE-2005-2970 to this issue. This\nvulnerability only affects users who are using the non-default worker\nMPM.\n\nA flaw in mod_imap when using the Referer directive with image maps\nwas discovered. With certain site configurations, a remote attacker\ncould perform a cross-site scripting attack if a victim can be forced\nto visit a malicious URL using certain web browsers. (CVE-2005-3352)\n\nA NULL pointer dereference flaw in mod_ssl was discovered affecting\nserver configurations where an SSL virtual host is configured with\naccess control and a custom 400 error document. A remote attacker\ncould send a carefully crafted request to trigger this issue which\nwould lead to a crash. This crash would only be a denial of service if\nusing the non-default worker MPM. (CVE-2005-3357)\n\nUsers of httpd should update to these erratum packages which contain\nbackported patches to correct these issues along with some additional\nbugs.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-January/012537.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?74987a03\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-January/012538.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?45a2e4c6\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-January/012540.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e02190f2\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-January/012541.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?be8581ff\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-January/012542.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b4830549\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-January/012543.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?559e6b8d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected httpd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-suexec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/10/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/07/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x / 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"httpd-2.0.46-56.ent.centos.1\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"httpd-devel-2.0.46-56.ent.centos.1\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"mod_ssl-2.0.46-56.ent.centos.1\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", reference:\"httpd-2.0.52-22.ent.centos4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"httpd-devel-2.0.52-22.ent.centos4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"httpd-manual-2.0.52-22.ent.centos4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"httpd-suexec-2.0.52-22.ent.centos4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"mod_ssl-2.0.52-22.ent.centos4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / httpd-manual / httpd-suexec / mod_ssl\");\n}\n", "cvss": {"score": 5.4, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-20T15:28:01", "description": "The 'mod_imap' module (which provides support for image maps) did not\nproperly escape the 'referer' URL which rendered it vulnerable against\na cross-site scripting attack. A malicious web page (or HTML email)\ncould trick a user into visiting a site running the vulnerable\nmod_imap, and employ cross-site-scripting techniques to gather\nsensitive user information from that site. (CVE-2005-3352)\n\nHartmut Keil discovered a Denial of Service vulnerability in the SSL\nmodule ('mod_ssl') that affects SSL-enabled virtual hosts with a\ncustomized error page for error 400. By sending a specially crafted\nrequest to the server, a remote attacker could crash the server. This\nonly affects Apache 2, and only if the 'worker' implementation\n(apache2-mpm-worker) is used. (CVE-2005-3357).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2006-01-21T00:00:00", "title": "Ubuntu 4.10 / 5.04 / 5.10 : apache2, apache vulnerabilities (USN-241-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3357", "CVE-2005-3352"], "modified": "2006-01-21T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:apache2-prefork-dev", "p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-perchild", "p-cpe:/a:canonical:ubuntu_linux:apache-ssl", "p-cpe:/a:canonical:ubuntu_linux:apache-utils", "p-cpe:/a:canonical:ubuntu_linux:apache", "p-cpe:/a:canonical:ubuntu_linux:apache-dev", "cpe:/o:canonical:ubuntu_linux:5.04", "p-cpe:/a:canonical:ubuntu_linux:libapr0", "p-cpe:/a:canonical:ubuntu_linux:apache-common", "p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-prefork", "p-cpe:/a:canonical:ubuntu_linux:libapr0-dev", "p-cpe:/a:canonical:ubuntu_linux:apache2", "cpe:/o:canonical:ubuntu_linux:4.10", "p-cpe:/a:canonical:ubuntu_linux:apache-dbg", "p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-threadpool", "p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-worker", "p-cpe:/a:canonical:ubuntu_linux:apache-perl", "cpe:/o:canonical:ubuntu_linux:5.10", "p-cpe:/a:canonical:ubuntu_linux:apache2-threaded-dev", "p-cpe:/a:canonical:ubuntu_linux:apache2-doc", "p-cpe:/a:canonical:ubuntu_linux:apache2-common", "p-cpe:/a:canonical:ubuntu_linux:apache2-utils", "p-cpe:/a:canonical:ubuntu_linux:libapache-mod-perl", "p-cpe:/a:canonical:ubuntu_linux:apache-doc"], "id": "UBUNTU_USN-241-1.NASL", "href": "https://www.tenable.com/plugins/nessus/20788", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-241-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(20788);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2005-3352\", \"CVE-2005-3357\");\n script_xref(name:\"USN\", value:\"241-1\");\n\n script_name(english:\"Ubuntu 4.10 / 5.04 / 5.10 : apache2, apache vulnerabilities (USN-241-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 'mod_imap' module (which provides support for image maps) did not\nproperly escape the 'referer' URL which rendered it vulnerable against\na cross-site scripting attack. A malicious web page (or HTML email)\ncould trick a user into visiting a site running the vulnerable\nmod_imap, and employ cross-site-scripting techniques to gather\nsensitive user information from that site. (CVE-2005-3352)\n\nHartmut Keil discovered a Denial of Service vulnerability in the SSL\nmodule ('mod_ssl') that affects SSL-enabled virtual hosts with a\ncustomized error page for error 400. By sending a specially crafted\nrequest to the server, a remote attacker could crash the server. This\nonly affects Apache 2, and only if the 'worker' implementation\n(apache2-mpm-worker) is used. (CVE-2005-3357).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache-ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-perchild\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-threadpool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-prefork-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-threaded-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache-mod-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapr0-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:4.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/21\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/12/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2006-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(4\\.10|5\\.04|5\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 4.10 / 5.04 / 5.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"4.10\", pkgname:\"apache\", pkgver:\"1.3.31-6ubuntu0.9\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"apache-common\", pkgver:\"1.3.31-6ubuntu0.9\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"apache-dbg\", pkgver:\"1.3.31-6ubuntu0.9\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"apache-dev\", pkgver:\"1.3.31-6ubuntu0.9\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"apache-doc\", pkgver:\"1.3.31-6ubuntu0.9\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"apache-perl\", pkgver:\"1.3.31-6ubuntu0.9\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"apache-ssl\", pkgver:\"1.3.31-6ubuntu0.9\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"apache-utils\", pkgver:\"1.3.31-6ubuntu0.9\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"apache2\", pkgver:\"2.0.50-12ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"apache2-common\", pkgver:\"2.0.50-12ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"apache2-doc\", pkgver:\"2.0.50-12ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"apache2-mpm-perchild\", pkgver:\"2.0.50-12ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"apache2-mpm-prefork\", pkgver:\"2.0.50-12ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"apache2-mpm-threadpool\", pkgver:\"2.0.50-12ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"apache2-mpm-worker\", pkgver:\"2.0.50-12ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"apache2-prefork-dev\", pkgver:\"2.0.50-12ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"apache2-threaded-dev\", pkgver:\"2.0.50-12ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"libapache-mod-perl\", pkgver:\"1.29.0.2.0-6ubuntu0.9\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"libapr0\", pkgver:\"2.0.50-12ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"libapr0-dev\", pkgver:\"2.0.50-12ubuntu4.10\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"apache\", pkgver:\"1.3.33-4ubuntu2\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"apache-common\", pkgver:\"1.3.33-4ubuntu2\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"apache-dbg\", pkgver:\"1.3.33-4ubuntu2\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"apache-dev\", pkgver:\"1.3.33-4ubuntu2\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"apache-doc\", pkgver:\"1.3.33-4ubuntu2\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"apache-perl\", pkgver:\"1.3.33-4ubuntu2\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"apache-ssl\", pkgver:\"1.3.33-4ubuntu2\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"apache-utils\", pkgver:\"1.3.33-4ubuntu2\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"apache2\", pkgver:\"2.0.53-5ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"apache2-common\", pkgver:\"2.0.53-5ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"apache2-doc\", pkgver:\"2.0.53-5ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"apache2-mpm-perchild\", pkgver:\"2.0.53-5ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"apache2-mpm-prefork\", pkgver:\"2.0.53-5ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"apache2-mpm-threadpool\", pkgver:\"2.0.53-5ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"apache2-mpm-worker\", pkgver:\"2.0.53-5ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"apache2-prefork-dev\", pkgver:\"2.0.53-5ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"apache2-threaded-dev\", pkgver:\"2.0.53-5ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"apache2-utils\", pkgver:\"2.0.53-5ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libapache-mod-perl\", pkgver:\"1.29.0.3-4ubuntu2\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libapr0\", pkgver:\"2.0.53-5ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libapr0-dev\", pkgver:\"2.0.53-5ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"apache\", pkgver:\"1.3.33-8ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"apache-common\", pkgver:\"1.3.33-8ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"apache-dbg\", pkgver:\"1.3.33-8ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"apache-dev\", pkgver:\"1.3.33-8ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"apache-doc\", pkgver:\"1.3.33-8ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"apache-perl\", pkgver:\"1.3.33-8ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"apache-ssl\", pkgver:\"1.3.33-8ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"apache-utils\", pkgver:\"1.3.33-8ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"apache2\", pkgver:\"2.0.54-5ubuntu4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"apache2-common\", pkgver:\"2.0.54-5ubuntu4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"apache2-doc\", pkgver:\"2.0.54-5ubuntu4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"apache2-mpm-perchild\", pkgver:\"2.0.54-5ubuntu4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"apache2-mpm-prefork\", pkgver:\"2.0.54-5ubuntu4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"apache2-mpm-threadpool\", pkgver:\"2.0.54-5ubuntu4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"apache2-mpm-worker\", pkgver:\"2.0.54-5ubuntu4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"apache2-prefork-dev\", pkgver:\"2.0.54-5ubuntu4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"apache2-threaded-dev\", pkgver:\"2.0.54-5ubuntu4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"apache2-utils\", pkgver:\"2.0.54-5ubuntu4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libapache-mod-perl\", pkgver:\"1.29.0.3-8ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libapr0\", pkgver:\"2.0.54-5ubuntu4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libapr0-dev\", pkgver:\"2.0.54-5ubuntu4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache / apache-common / apache-dbg / apache-dev / apache-doc / etc\");\n}\n", "cvss": {"score": 5.4, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-07T10:52:01", "description": "The remote host is affected by the vulnerability described in GLSA-200602-03\n(Apache: Multiple vulnerabilities)\n\n Apache's mod_imap fails to properly sanitize the 'Referer' directive of\n imagemaps in some cases, leaving the HTTP Referer header unescaped. A\n flaw in mod_ssl can lead to a NULL pointer dereference if the site uses\n a custom 'Error 400' document. These vulnerabilities were reported by\n Marc Cox and Hartmut Keil, respectively.\n \nImpact :\n\n A remote attacker could exploit mod_imap to inject arbitrary HTML or\n JavaScript into a user's browser to gather sensitive information.\n Attackers could also cause a Denial of Service on hosts using the SSL\n module (Apache 2.0.x only).\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 25, "published": "2006-02-10T00:00:00", "title": "GLSA-200602-03 : Apache: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3357", "CVE-2005-3352"], "modified": "2006-02-10T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:apache"], "id": "GENTOO_GLSA-200602-03.NASL", "href": "https://www.tenable.com/plugins/nessus/20874", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200602-03.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(20874);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-3352\", \"CVE-2005-3357\");\n script_bugtraq_id(15834, 16152);\n script_xref(name:\"GLSA\", value:\"200602-03\");\n\n script_name(english:\"GLSA-200602-03 : Apache: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200602-03\n(Apache: Multiple vulnerabilities)\n\n Apache's mod_imap fails to properly sanitize the 'Referer' directive of\n imagemaps in some cases, leaving the HTTP Referer header unescaped. A\n flaw in mod_ssl can lead to a NULL pointer dereference if the site uses\n a custom 'Error 400' document. These vulnerabilities were reported by\n Marc Cox and Hartmut Keil, respectively.\n \nImpact :\n\n A remote attacker could exploit mod_imap to inject arbitrary HTML or\n JavaScript into a user's browser to gather sensitive information.\n Attackers could also cause a Denial of Service on hosts using the SSL\n module (Apache 2.0.x only).\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200602-03\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Apache users should upgrade to the latest version, depending on\n whether they still use the old configuration style\n (/etc/apache/conf/*.conf) or the new one (/etc/apache2/httpd.conf).\n 2.0.x users, new style config:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-servers/apache-2.0.55-r1'\n 2.0.x users, old style config:\n # emerge --sync\n # emerge --ask --oneshot --verbose '=www-servers/apache-2.0.54-r16'\n 1.x users, new style config:\n # emerge --sync\n # emerge --ask --oneshot --verbose '=www-servers/apache-1.3.34-r11'\n 1.x users, old style config:\n # emerge --sync\n # emerge --ask --oneshot --verbose '=www-servers/apache-1.3.34-r2'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:apache\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/02/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/02/10\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/12/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-servers/apache\", unaffected:make_list(\"ge 2.0.55-r1\", \"rge 2.0.54-r16\", \"eq 1.3.34-r2\", \"rge 1.3.34-r11\", \"rge 1.3.37\"), vulnerable:make_list(\"lt 2.0.55-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Apache\");\n}\n", "cvss": {"score": 5.4, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-07T11:51:31", "description": "A flaw was discovered in mod_imap when using the Referer directive\nwith image maps that could be used by a remote attacker to perform a\ncross- site scripting attack, in certain site configurations, if a\nvictim could be forced to visit a malicious URL using certain web\nbrowsers (CVE-2005-3352).\n\nAlso, a NULL pointer dereference flaw was found in mod_ssl that\naffects server configurations where an SSL virtual host was configured\nwith access controls and a custom 400 error document. This could allow\na remote attacker to send a carefully crafted request to trigger the\nissue and cause a crash, but only with the non-default worker MPM\n(CVE-2005-3357).\n\nThe provided packages have been patched to prevent these problems.", "edition": 24, "published": "2006-01-15T00:00:00", "title": "Mandrake Linux Security Advisory : apache2 (MDKSA-2006:007)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3357", "CVE-2005-3352"], "modified": "2006-01-15T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:apache2-mod_dav", "p-cpe:/a:mandriva:linux:apache2-mod_ssl", "p-cpe:/a:mandriva:linux:apache2-mod_ldap", "p-cpe:/a:mandriva:linux:apache-mpm-worker", "p-cpe:/a:mandriva:linux:apache2", "cpe:/o:mandrakesoft:mandrake_linux:10.1", "p-cpe:/a:mandriva:linux:apache-mod_ssl", "p-cpe:/a:mandriva:linux:apache-mod_ldap", "p-cpe:/a:mandriva:linux:apache-modules", "p-cpe:/a:mandriva:linux:apache2-mod_disk_cache", "p-cpe:/a:mandriva:linux:apache-devel", "p-cpe:/a:mandriva:linux:apache2-common", "p-cpe:/a:mandriva:linux:apache2-devel", "p-cpe:/a:mandriva:linux:apache-mod_dav", "p-cpe:/a:mandriva:linux:apache2-modules", "p-cpe:/a:mandriva:linux:apache-mod_mem_cache", "p-cpe:/a:mandriva:linux:apache-mod_proxy", "p-cpe:/a:mandriva:linux:apache-mpm-peruser", "p-cpe:/a:mandriva:linux:apache-mod_file_cache", "p-cpe:/a:mandriva:linux:apache2-mod_mem_cache", "p-cpe:/a:mandriva:linux:apache2-manual", "cpe:/o:mandriva:linux:2006", "p-cpe:/a:mandriva:linux:apache2-mod_file_cache", "p-cpe:/a:mandriva:linux:apache2-mod_proxy", "x-cpe:/o:mandrakesoft:mandrake_linux:le2005", "p-cpe:/a:mandriva:linux:apache2-mod_cache", "p-cpe:/a:mandriva:linux:apache-source", "p-cpe:/a:mandriva:linux:apache-base", "p-cpe:/a:mandriva:linux:apache-mod_deflate", "p-cpe:/a:mandriva:linux:apache2-mod_deflate", "p-cpe:/a:mandriva:linux:apache-mod_disk_cache", "p-cpe:/a:mandriva:linux:apache2-worker", "p-cpe:/a:mandriva:linux:apache2-source", "p-cpe:/a:mandriva:linux:apache2-peruser", "p-cpe:/a:mandriva:linux:apache-mpm-prefork", "p-cpe:/a:mandriva:linux:apache-mod_cache", "p-cpe:/a:mandriva:linux:apache-mod_userdir"], "id": "MANDRAKE_MDKSA-2006-007.NASL", "href": "https://www.tenable.com/plugins/nessus/20473", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2006:007. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(20473);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-3352\", \"CVE-2005-3357\");\n script_xref(name:\"MDKSA\", value:\"2006:007\");\n\n script_name(english:\"Mandrake Linux Security Advisory : apache2 (MDKSA-2006:007)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was discovered in mod_imap when using the Referer directive\nwith image maps that could be used by a remote attacker to perform a\ncross- site scripting attack, in certain site configurations, if a\nvictim could be forced to visit a malicious URL using certain web\nbrowsers (CVE-2005-3352).\n\nAlso, a NULL pointer dereference flaw was found in mod_ssl that\naffects server configurations where an SSL virtual host was configured\nwith access controls and a custom 400 error document. This could allow\na remote attacker to send a carefully crafted request to trigger the\nissue and cause a crash, but only with the non-default worker MPM\n(CVE-2005-3357).\n\nThe provided packages have been patched to prevent these problems.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_dav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_deflate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_disk_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_file_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_mem_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_userdir\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-peruser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_dav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_deflate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_disk_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_file_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_mem_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-peruser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2006\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:mandrakesoft:mandrake_linux:le2005\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-2.0.50-7.6.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-common-2.0.50-7.6.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-devel-2.0.50-7.6.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-manual-2.0.50-7.6.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_cache-2.0.50-7.6.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_dav-2.0.50-7.6.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_deflate-2.0.50-7.6.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_disk_cache-2.0.50-7.6.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_file_cache-2.0.50-7.6.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_ldap-2.0.50-7.6.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_mem_cache-2.0.50-7.6.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_proxy-2.0.50-7.6.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_ssl-2.0.50-4.4.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-modules-2.0.50-7.6.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-source-2.0.50-7.6.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-worker-2.0.50-7.6.101mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-2.0.53-9.4.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-common-2.0.53-9.4.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-devel-2.0.53-9.4.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-manual-2.0.53-9.4.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_cache-2.0.53-9.4.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_dav-2.0.53-9.4.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_deflate-2.0.53-9.4.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_disk_cache-2.0.53-9.4.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_file_cache-2.0.53-9.4.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_ldap-2.0.53-9.4.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_mem_cache-2.0.53-9.4.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_proxy-2.0.53-9.4.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_ssl-2.0.53-8.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-modules-2.0.53-9.4.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-peruser-2.0.53-9.4.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-source-2.0.53-9.4.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-worker-2.0.53-9.4.102mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-base-2.0.54-13.2.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-devel-2.0.54-13.2.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mod_cache-2.0.54-13.2.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mod_dav-2.0.54-13.2.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mod_deflate-2.0.54-13.2.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mod_disk_cache-2.0.54-13.2.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mod_file_cache-2.0.54-13.2.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mod_ldap-2.0.54-13.2.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mod_mem_cache-2.0.54-13.2.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mod_proxy-2.0.54-13.2.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mod_ssl-2.0.54-6.1.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mod_userdir-2.0.54-13.2.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-modules-2.0.54-13.2.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mpm-peruser-2.0.54-13.2.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mpm-prefork-2.0.54-13.2.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mpm-worker-2.0.54-13.2.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-source-2.0.54-13.2.20060mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.4, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-12T11:32:16", "description": "s700_800 11.X IA-64 OV NNM7.51 Intermediate Patch 16 : \n\nPotential vulnerabilities have been identified with HP OpenView\nNetwork Node Manager (OV NNM) running Apache. These vulnerabilities\ncould be exploited remotely resulting in cross site scripting (XSS),\nDenial of Service (DoS), or execution of arbitrary code.", "edition": 25, "published": "2007-09-25T00:00:00", "title": "HP-UX PHSS_36386 : HP OpenView Network Node Manager (OV NNM) Running Apache, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execute Arbitrary Code (HPSBMA02328 SSRT071293 rev.2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-3747", "CVE-2005-3357", "CVE-2005-3352"], "modified": "2007-09-25T00:00:00", "cpe": ["cpe:/o:hp:hp-ux"], "id": "HPUX_PHSS_36386.NASL", "href": "https://www.tenable.com/plugins/nessus/26155", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHSS_36386. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26155);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2005-3352\", \"CVE-2005-3357\", \"CVE-2006-3747\");\n script_bugtraq_id(15834, 16152, 19204);\n script_xref(name:\"HP\", value:\"emr_na-c01428449\");\n script_xref(name:\"HP\", value:\"SSRT071293\");\n\n script_name(english:\"HP-UX PHSS_36386 : HP OpenView Network Node Manager (OV NNM) Running Apache, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execute Arbitrary Code (HPSBMA02328 SSRT071293 rev.2)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.X IA-64 OV NNM7.51 Intermediate Patch 16 : \n\nPotential vulnerabilities have been identified with HP OpenView\nNetwork Node Manager (OV NNM) running Apache. These vulnerabilities\ncould be exploited remotely resulting in cross site scripting (XSS),\nDenial of Service (DoS), or execution of arbitrary code.\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?69af359a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHSS_36386 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Apache Module mod_rewrite LDAP Protocol Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/18\");\n script_set_attribute(attribute:\"patch_modification_date\", value:\"2008/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/25\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/12/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.23 11.31\", proc:\"ia64\"))\n{\n exit(0, \"The host is not affected since PHSS_36386 applies to a different OS release / architecture.\");\n}\n\npatches = make_list(\"PHSS_36386\", \"PHSS_36902\", \"PHSS_37274\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"OVNNMETCore.OVNNMET-CORE\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMETCore.OVNNMET-PD\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMETCore.OVNNMET-PESA\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgr.OVMIB-CONTRIB\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgr.OVNNM-RUN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgr.OVNNMGR-JPN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgr.OVNNMGR-KOR\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgr.OVNNMGR-SCH\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgr.OVRPT-RUN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgr.OVWWW-JPN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgr.OVWWW-KOR\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgr.OVWWW-SCH\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgrMan.OVNNM-RUN-MAN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgrRtDOC.OVNNM-DOC-REUS\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgrRtDOC.OVNNM-ENG-DOC\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVPlatform.OVDB-RUN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVPlatform.OVEVENT-MIN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVPlatform.OVMIN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVPlatform.OVSNMP-MIN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVPlatform.OVWIN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVPlatform.OVWWW-EVNT\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVPlatform.OVWWW-FW\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVPlatform.OVWWW-SRV\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVPlatformMan.OVEVENTMIN-MAN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVPlatformMan.OVSNMP-MIN-MAN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVPlatformMan.OVWIN-MAN\", version:\"B.07.50.00\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T11:32:16", "description": "s700_800 11.X PA-RISC OV NNM7.51 Intermediate Patch 16 : \n\nPotential vulnerabilities have been identified with HP OpenView\nNetwork Node Manager (OV NNM) running Apache. These vulnerabilities\ncould be exploited remotely resulting in cross site scripting (XSS),\nDenial of Service (DoS), or execution of arbitrary code.", "edition": 25, "published": "2007-09-25T00:00:00", "title": "HP-UX PHSS_36385 : HP OpenView Network Node Manager (OV NNM) Running Apache, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execute Arbitrary Code (HPSBMA02328 SSRT071293 rev.2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-3747", "CVE-2005-3357", "CVE-2005-3352"], "modified": "2007-09-25T00:00:00", "cpe": ["cpe:/o:hp:hp-ux"], "id": "HPUX_PHSS_36385.NASL", "href": "https://www.tenable.com/plugins/nessus/26154", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHSS_36385. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26154);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2005-3352\", \"CVE-2005-3357\", \"CVE-2006-3747\");\n script_bugtraq_id(15834, 16152, 19204);\n script_xref(name:\"HP\", value:\"emr_na-c01428449\");\n script_xref(name:\"HP\", value:\"SSRT071293\");\n\n script_name(english:\"HP-UX PHSS_36385 : HP OpenView Network Node Manager (OV NNM) Running Apache, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execute Arbitrary Code (HPSBMA02328 SSRT071293 rev.2)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.X PA-RISC OV NNM7.51 Intermediate Patch 16 : \n\nPotential vulnerabilities have been identified with HP OpenView\nNetwork Node Manager (OV NNM) running Apache. These vulnerabilities\ncould be exploited remotely resulting in cross site scripting (XSS),\nDenial of Service (DoS), or execution of arbitrary code.\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?69af359a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHSS_36385 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Apache Module mod_rewrite LDAP Protocol Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/18\");\n script_set_attribute(attribute:\"patch_modification_date\", value:\"2008/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/25\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/12/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.00 11.11 11.23 11.31\", proc:\"parisc\"))\n{\n exit(0, \"The host is not affected since PHSS_36385 applies to a different OS release / architecture.\");\n}\n\npatches = make_list(\"PHSS_36385\", \"PHSS_36901\", \"PHSS_37273\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"OVNNMETCore.OVNNMET-CORE\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMETCore.OVNNMET-PD\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMETCore.OVNNMET-PESA\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgr.OVMIB-CONTRIB\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgr.OVNNM-RUN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgr.OVNNMGR-JPN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgr.OVNNMGR-KOR\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgr.OVNNMGR-SCH\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgr.OVRPT-RUN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgr.OVWWW-JPN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgr.OVWWW-KOR\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgr.OVWWW-SCH\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgrMan.OVNNM-RUN-MAN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgrRtDOC.OVNNM-DOC-REUS\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVNNMgrRtDOC.OVNNM-ENG-DOC\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVPlatform.OVDB-RUN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVPlatform.OVEVENT-MIN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVPlatform.OVMIN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVPlatform.OVSNMP-MIN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVPlatform.OVWIN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVPlatform.OVWWW-EVNT\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVPlatform.OVWWW-FW\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVPlatform.OVWWW-SRV\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVPlatformMan.OVEVENTMIN-MAN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVPlatformMan.OVSNMP-MIN-MAN\", version:\"B.07.50.00\")) flag++;\nif (hpux_check_patch(app:\"OVPlatformMan.OVWIN-MAN\", version:\"B.07.50.00\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T11:32:14", "description": "s700_800 11.04 Virtualvault 4.7 OWS (Apache 2.x) update : \n\nThe remote HP-UX host is affected by multiple vulnerabilities :\n\n - Potential security vulnerabilities have been identified\n with Apache running on HP-UX VirtualVault. These\n vulnerabilities could be exploited remotely to allow\n execution of arbitrary code, Denial of Service (DoS), or\n unauthorized access. (HPSBUX02172 SSRT061269)\n\n - A security vulnerability has been identified in OpenSSL\n used in HP VirtualVault 4.7, 4.6, 4.5 and HP WebProxy\n that may allow remote unauthorized access. (HPSBUX02165\n SSRT061266)", "edition": 26, "published": "2006-11-22T00:00:00", "title": "HP-UX PHSS_35436 : s700_800 11.04 Virtualvault 4.7 OWS (Apache 2.x) update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-4339", "CVE-2006-3747", "CVE-2005-3747", "CVE-2005-3357", "CVE-2005-3352"], "modified": "2006-11-22T00:00:00", "cpe": ["cpe:/o:hp:hp-ux"], "id": "HPUX_PHSS_35436.NASL", "href": "https://www.tenable.com/plugins/nessus/23714", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHSS_35436. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(23714);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2005-3352\", \"CVE-2005-3357\", \"CVE-2005-3747\", \"CVE-2006-3747\", \"CVE-2006-4339\");\n script_bugtraq_id(15834, 16152, 19204, 19849);\n script_xref(name:\"HP\", value:\"emr_na-c00794048\");\n script_xref(name:\"HP\", value:\"emr_na-c00797078\");\n script_xref(name:\"HP\", value:\"HPSBUX02165\");\n script_xref(name:\"HP\", value:\"HPSBUX02172\");\n script_xref(name:\"HP\", value:\"SSRT061266\");\n script_xref(name:\"HP\", value:\"SSRT061269\");\n\n script_name(english:\"HP-UX PHSS_35436 : s700_800 11.04 Virtualvault 4.7 OWS (Apache 2.x) update\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.04 Virtualvault 4.7 OWS (Apache 2.x) update : \n\nThe remote HP-UX host is affected by multiple vulnerabilities :\n\n - Potential security vulnerabilities have been identified\n with Apache running on HP-UX VirtualVault. These\n vulnerabilities could be exploited remotely to allow\n execution of arbitrary code, Denial of Service (DoS), or\n unauthorized access. (HPSBUX02172 SSRT061269)\n\n - A security vulnerability has been identified in OpenSSL\n used in HP VirtualVault 4.7, 4.6, 4.5 and HP WebProxy\n that may allow remote unauthorized access. (HPSBUX02165\n SSRT061266)\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00794048\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2e53f82c\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00797078\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a13a9b59\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHSS_35436 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Apache Module mod_rewrite LDAP Protocol Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(189, 200, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/11/22\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/12/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.04\"))\n{\n exit(0, \"The host is not affected since PHSS_35436 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHSS_35436\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"VaultDOC.VV-HTML-MAN\", version:\"A.04.70\")) flag++;\nif (hpux_check_patch(app:\"VaultTS.VV-IWS-GUI\", version:\"A.04.70\")) flag++;\nif (hpux_check_patch(app:\"VaultWS.WS-CORE\", version:\"A.04.70\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T11:32:14", "description": "s700_800 11.04 Webproxy server 2.1 (Apache 2.x) update : \n\nThe remote HP-UX host is affected by multiple vulnerabilities :\n\n - A security vulnerability has been identified in OpenSSL\n used in HP VirtualVault 4.7, 4.6, 4.5 and HP WebProxy\n that may allow remote unauthorized access. (HPSBUX02165\n SSRT061266)\n\n - Potential security vulnerabilities have been identified\n with Apache running on HP-UX VirtualVault. These\n vulnerabilities could be exploited remotely to allow\n execution of arbitrary code, Denial of Service (DoS), or\n unauthorized access. (HPSBUX02172 SSRT061269)", "edition": 26, "published": "2006-11-22T00:00:00", "title": "HP-UX PHSS_35437 : s700_800 11.04 Webproxy server 2.1 (Apache 2.x) update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-4339", "CVE-2006-3747", "CVE-2005-3747", "CVE-2005-3357", "CVE-2005-3352"], "modified": "2006-11-22T00:00:00", "cpe": ["cpe:/o:hp:hp-ux"], "id": "HPUX_PHSS_35437.NASL", "href": "https://www.tenable.com/plugins/nessus/23715", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHSS_35437. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(23715);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2005-3352\", \"CVE-2005-3357\", \"CVE-2005-3747\", \"CVE-2006-3747\", \"CVE-2006-4339\");\n script_bugtraq_id(15834, 16152, 19204, 19849);\n script_xref(name:\"HP\", value:\"emr_na-c00794048\");\n script_xref(name:\"HP\", value:\"emr_na-c00797078\");\n script_xref(name:\"HP\", value:\"HPSBUX02165\");\n script_xref(name:\"HP\", value:\"HPSBUX02172\");\n script_xref(name:\"HP\", value:\"SSRT061266\");\n script_xref(name:\"HP\", value:\"SSRT061269\");\n\n script_name(english:\"HP-UX PHSS_35437 : s700_800 11.04 Webproxy server 2.1 (Apache 2.x) update\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.04 Webproxy server 2.1 (Apache 2.x) update : \n\nThe remote HP-UX host is affected by multiple vulnerabilities :\n\n - A security vulnerability has been identified in OpenSSL\n used in HP VirtualVault 4.7, 4.6, 4.5 and HP WebProxy\n that may allow remote unauthorized access. (HPSBUX02165\n SSRT061266)\n\n - Potential security vulnerabilities have been identified\n with Apache running on HP-UX VirtualVault. These\n vulnerabilities could be exploited remotely to allow\n execution of arbitrary code, Denial of Service (DoS), or\n unauthorized access. (HPSBUX02172 SSRT061269)\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00794048\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2e53f82c\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00797078\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a13a9b59\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHSS_35437 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Apache Module mod_rewrite LDAP Protocol Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(189, 200, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/11/22\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/12/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.04\"))\n{\n exit(0, \"The host is not affected since PHSS_35437 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHSS_35437\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"HP_Webproxy.HPWEB-PX-CORE\", version:\"A.02.10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T11:51:30", "description": "A memory leak in the worker MPM in Apache 2 could allow remote\nattackers to cause a Denial of Service (memory consumption) via\naborted commands in certain circumstances, which prevents the memory\nfor the transaction pool from being reused for other connections.\n\nAs well, this update addresses two bugs in the Mandriva 2006 Apache\npackges where apachectl was missing and also a segfault that occured\nwhen using the mod_ldap module.", "edition": 24, "published": "2006-01-15T00:00:00", "title": "Mandrake Linux Security Advisory : apache2 (MDKSA-2005:233)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2970"], "modified": "2006-01-15T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:apache2-mod_dav", "p-cpe:/a:mandriva:linux:apache2-mod_ldap", "p-cpe:/a:mandriva:linux:apache-mpm-worker", "p-cpe:/a:mandriva:linux:apache2", "cpe:/o:mandrakesoft:mandrake_linux:10.1", "p-cpe:/a:mandriva:linux:apache-mod_ldap", "p-cpe:/a:mandriva:linux:apache-modules", "p-cpe:/a:mandriva:linux:apache2-mod_disk_cache", "p-cpe:/a:mandriva:linux:apache-devel", "p-cpe:/a:mandriva:linux:apache2-common", "p-cpe:/a:mandriva:linux:apache2-devel", "p-cpe:/a:mandriva:linux:apache-mod_dav", "p-cpe:/a:mandriva:linux:apache2-modules", "p-cpe:/a:mandriva:linux:apache-mod_mem_cache", "p-cpe:/a:mandriva:linux:apache-mod_proxy", "p-cpe:/a:mandriva:linux:apache-mpm-peruser", "p-cpe:/a:mandriva:linux:apache-mod_file_cache", "p-cpe:/a:mandriva:linux:apache2-mod_mem_cache", "p-cpe:/a:mandriva:linux:apache2-manual", "cpe:/o:mandriva:linux:2006", "p-cpe:/a:mandriva:linux:apache2-mod_file_cache", "p-cpe:/a:mandriva:linux:apache2-mod_proxy", "x-cpe:/o:mandrakesoft:mandrake_linux:le2005", "p-cpe:/a:mandriva:linux:apache2-mod_cache", "p-cpe:/a:mandriva:linux:apache-source", "p-cpe:/a:mandriva:linux:apache-base", "p-cpe:/a:mandriva:linux:apache-mod_deflate", "p-cpe:/a:mandriva:linux:apache2-mod_deflate", "p-cpe:/a:mandriva:linux:apache-mod_disk_cache", "p-cpe:/a:mandriva:linux:apache2-worker", "p-cpe:/a:mandriva:linux:apache2-source", "p-cpe:/a:mandriva:linux:apache2-peruser", "p-cpe:/a:mandriva:linux:apache-mpm-prefork", "p-cpe:/a:mandriva:linux:apache-mod_cache", "p-cpe:/a:mandriva:linux:apache-mod_userdir"], "id": "MANDRAKE_MDKSA-2005-233.NASL", "href": "https://www.tenable.com/plugins/nessus/20464", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2005:233. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(20464);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-2970\");\n script_xref(name:\"MDKSA\", value:\"2005:233\");\n\n script_name(english:\"Mandrake Linux Security Advisory : apache2 (MDKSA-2005:233)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A memory leak in the worker MPM in Apache 2 could allow remote\nattackers to cause a Denial of Service (memory consumption) via\naborted commands in certain circumstances, which prevents the memory\nfor the transaction pool from being reused for other connections.\n\nAs well, this update addresses two bugs in the Mandriva 2006 Apache\npackges where apachectl was missing and also a segfault that occured\nwhen using the mod_ldap module.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_dav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_deflate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_disk_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_file_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_mem_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_userdir\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-peruser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_dav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_deflate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_disk_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_file_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_mem_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-mod_proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-peruser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2006\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:mandrakesoft:mandrake_linux:le2005\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-2.0.50-7.5.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-common-2.0.50-7.5.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-devel-2.0.50-7.5.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-manual-2.0.50-7.5.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_cache-2.0.50-7.5.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_dav-2.0.50-7.5.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_deflate-2.0.50-7.5.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_disk_cache-2.0.50-7.5.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_file_cache-2.0.50-7.5.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_ldap-2.0.50-7.5.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_mem_cache-2.0.50-7.5.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-mod_proxy-2.0.50-7.5.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-modules-2.0.50-7.5.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-source-2.0.50-7.5.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"apache2-worker-2.0.50-7.5.101mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-2.0.53-9.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-common-2.0.53-9.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-devel-2.0.53-9.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-manual-2.0.53-9.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_cache-2.0.53-9.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_dav-2.0.53-9.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_deflate-2.0.53-9.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_disk_cache-2.0.53-9.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_file_cache-2.0.53-9.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_ldap-2.0.53-9.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_mem_cache-2.0.53-9.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-mod_proxy-2.0.53-9.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-modules-2.0.53-9.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-peruser-2.0.53-9.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-source-2.0.53-9.3.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"apache2-worker-2.0.53-9.3.102mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-base-2.0.54-13.1.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-devel-2.0.54-13.1.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mod_cache-2.0.54-13.1.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mod_dav-2.0.54-13.1.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mod_deflate-2.0.54-13.1.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mod_disk_cache-2.0.54-13.1.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mod_file_cache-2.0.54-13.1.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mod_ldap-2.0.54-13.1.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mod_mem_cache-2.0.54-13.1.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mod_proxy-2.0.54-13.1.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mod_userdir-2.0.54-13.1.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-modules-2.0.54-13.1.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mpm-peruser-2.0.54-13.1.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mpm-prefork-2.0.54-13.1.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-mpm-worker-2.0.54-13.1.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"apache-source-2.0.54-13.1.20060mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:44:48", "bulletinFamily": "unix", "cvelist": ["CVE-2005-2970", "CVE-2005-3352", "CVE-2005-3357"], "description": "The Apache HTTP Server is a popular and freely-available Web server.\r\n\r\nA memory leak in the worker MPM could allow remote attackers to cause a\r\ndenial of service (memory consumption) via aborted connections, which\r\nprevents the memory for the transaction pool from being reused for other\r\nconnections. The Common Vulnerabilities and Exposures project assigned the\r\nname CVE-2005-2970 to this issue. This vulnerability only affects users\r\nwho are using the non-default worker MPM.\r\n\r\nA flaw in mod_imap when using the Referer directive with image maps was\r\ndiscovered. With certain site configurations, a remote attacker could\r\nperform a cross-site scripting attack if a victim can be forced to visit a\r\nmalicious URL using certain web browsers. (CVE-2005-3352)\r\n\r\nA NULL pointer dereference flaw in mod_ssl was discovered affecting server\r\nconfigurations where an SSL virtual host is configured with access control\r\nand a custom 400 error document. A remote attacker could send a carefully\r\ncrafted request to trigger this issue which would lead to a crash. This\r\ncrash would only be a denial of service if using the non-default worker\r\nMPM. (CVE-2005-3357)\r\n\r\nUsers of httpd should update to these erratum packages which contain\r\nbackported patches to correct these issues along with some additional bugs.", "modified": "2017-09-08T12:12:11", "published": "2006-01-05T05:00:00", "id": "RHSA-2006:0159", "href": "https://access.redhat.com/errata/RHSA-2006:0159", "type": "redhat", "title": "(RHSA-2006:0159) httpd security update", "cvss": {"score": 5.4, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:46:49", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3352"], "description": "The Apache HTTP Server is a popular and freely-available Web server. \r\n\r\nA flaw in mod_imap when using the Referer directive with image maps was\r\ndiscovered. With certain site configurations, a remote attacker could\r\nperform a cross-site scripting attack if a victim can be forced to visit a\r\nmalicious URL using certain web browsers. The Common Vulnerabilities and\r\nExposures project assigned the name CVE-2005-3352 to this issue.\r\n\r\nUsers of apache should upgrade to these updated packages, which contain\r\na backported patch to correct this issue.", "modified": "2018-03-14T19:27:35", "published": "2006-01-17T05:00:00", "id": "RHSA-2006:0158", "href": "https://access.redhat.com/errata/RHSA-2006:0158", "type": "redhat", "title": "(RHSA-2006:0158) apache security update", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "openvas": [{"lastseen": "2018-04-06T11:38:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3357", "CVE-2005-3352"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2-prefork\n apache2-worker\n apache2\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5012004 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:136141256231065017", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065017", "type": "openvas", "title": "SLES9: Security update for Apache 2", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5012004.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for Apache 2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2-prefork\n apache2-worker\n apache2\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5012004 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65017\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2005-3352\", \"CVE-2005-3357\");\n script_tag(name:\"cvss_base\", value:\"5.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:N/I:N/A:C\");\n script_name(\"SLES9: Security update for Apache 2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.0.49~27.45\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.4, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:38", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3357", "CVE-2005-3352"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2-prefork\n apache2-worker\n apache2\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5012004 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:65017", "href": "http://plugins.openvas.org/nasl.php?oid=65017", "type": "openvas", "title": "SLES9: Security update for Apache 2", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5012004.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for Apache 2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2-prefork\n apache2-worker\n apache2\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5012004 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65017);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2005-3352\", \"CVE-2005-3357\");\n script_tag(name:\"cvss_base\", value:\"5.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:N/I:N/A:C\");\n script_name(\"SLES9: Security update for Apache 2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.0.49~27.45\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.4, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:46", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3357", "CVE-2005-3352"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200602-03.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:56246", "href": "http://plugins.openvas.org/nasl.php?oid=56246", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200602-03 (Apache)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Apache can be exploited for cross-site scripting attacks and is vulnerable\nto a Denial of Service attack.\";\ntag_solution = \"All Apache users should upgrade to the latest version, depending on whether\nthey still use the old configuration style (/etc/apache/conf/*.conf) or the\nnew one (/etc/apache2/httpd.conf).\n\n2.0.x users, new style config:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-www/apache-2.0.55-r1'\n\n2.0.x users, old style config:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '=net-www/apache-2.0.54-r16'\n\n1.x users, new style config:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '=net-www/apache-1.3.34-r11'\n\n1.x users, old style config:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '=net-www/apache-1.3.34-r2'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200602-03\nhttp://bugs.gentoo.org/show_bug.cgi?id=115324\nhttp://bugs.gentoo.org/show_bug.cgi?id=118875\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200602-03.\";\n\n \n\nif(description)\n{\n script_id(56246);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2005-3352\", \"CVE-2005-3357\");\n script_tag(name:\"cvss_base\", value:\"5.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:N/I:N/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200602-03 (Apache)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-www/apache\", unaffected: make_list(\"ge 2.0.55-r1\", \"rge 2.0.54-r16\", \"eq 1.3.34-r2\", \"rge 1.3.34-r11\"), vulnerable: make_list(\"lt 2.0.55-r1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.4, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:56:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2970"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2-worker\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5019072 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:65209", "href": "http://plugins.openvas.org/nasl.php?oid=65209", "type": "openvas", "title": "SLES9: Security update for apache2-worker", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5019072.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for apache2-worker\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2-worker\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5019072 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65209);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2005-2970\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"SLES9: Security update for apache2-worker\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.0.49~27.36.3\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2970"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2-worker\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5019072 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:136141256231065209", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065209", "type": "openvas", "title": "SLES9: Security update for apache2-worker", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5019072.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for apache2-worker\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2-worker\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5019072 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65209\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2005-2970\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"SLES9: Security update for apache2-worker\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.0.49~27.36.3\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3352"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-15T00:00:00", "published": "2008-09-04T00:00:00", "id": "OPENVAS:56067", "href": "http://plugins.openvas.org/nasl.php?oid=56067", "type": "openvas", "title": "FreeBSD Ports: apache", "sourceData": "#\n#VID 9fff8dc8-7aa7-11da-bf72-00123f589060\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n apache\n apache+mod_perl\n apache_fp\n apache+ipv6\n ru-apache\n ru-apache+mod_ssl\n apache+ssl\n apache+mod_ssl\n apache+mod_ssl+ipv6\n apache+mod_ssl+mod_accel\n apache+mod_ssl+mod_accel+ipv6\n apache+mod_ssl+mod_accel+mod_deflate\n apache+mod_ssl+mod_accel+mod_deflate+ipv6\n apache+mod_ssl+mod_deflate\n apache+mod_ssl+mod_deflate+ipv6\n apache+mod_ssl+mod_snmp\n apache+mod_ssl+mod_snmp+mod_accel\n apache+mod_ssl+mod_snmp+mod_accel+ipv6\n apache+mod_ssl+mod_snmp+mod_deflate\n apache+mod_ssl+mod_snmp+mod_deflate+ipv6\n apache+mod_ssl+mod_snmp+mod_accel+mod_deflate+ipv6\n\nCVE-2005-3352\nCross-site scripting (XSS) vulnerability in the mod_imap module allows\nremote attackers to inject arbitrary web script or HTML via the\nReferer when using image maps.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.apacheweek.com/features/security-13\nhttp://www.apacheweek.com/features/security-20\nhttp://www.vuxml.org/freebsd/9fff8dc8-7aa7-11da-bf72-00123f589060.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(56067);\n script_version(\"$Revision: 4075 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-15 15:13:05 +0200 (Thu, 15 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2005-3352\");\n script_bugtraq_id(15834);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"FreeBSD Ports: apache\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"apache\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3\")>=0 && revcomp(a:bver, b:\"1.3.34_3\")<0) {\n txt += 'Package apache version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"2.0.35\")>=0 && revcomp(a:bver, b:\"2.0.55_2\")<0) {\n txt += 'Package apache version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"2.1\")>=0 && revcomp(a:bver, b:\"2.1.9_3\")<0) {\n txt += 'Package apache version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"2.2\")>=0 && revcomp(a:bver, b:\"2.2.0_3\")<0) {\n txt += 'Package apache version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"apache+mod_perl\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3.34_1\")<0) {\n txt += 'Package apache+mod_perl version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"apache_fp\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0\")>=0) {\n txt += 'Package apache_fp version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"apache+ipv6\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0\")>=0) {\n txt += 'Package apache+ipv6 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ru-apache\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3.34+30.22_1\")<0) {\n txt += 'Package ru-apache version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ru-apache+mod_ssl\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3.34+30.22+2.8.25_1\")<0) {\n txt += 'Package ru-apache+mod_ssl version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"apache+ssl\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3.0\")>=0 && revcomp(a:bver, b:\"1.3.33.1.55_2\")<0) {\n txt += 'Package apache+ssl version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"apache+mod_ssl\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3.34+2.8.25_1\")<0) {\n txt += 'Package apache+mod_ssl version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"apache+mod_ssl+ipv6\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3.34+2.8.25_1\")<0) {\n txt += 'Package apache+mod_ssl+ipv6 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"apache+mod_ssl+mod_accel\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3.34+2.8.25_1\")<0) {\n txt += 'Package apache+mod_ssl+mod_accel version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"apache+mod_ssl+mod_accel+ipv6\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3.34+2.8.25_1\")<0) {\n txt += 'Package apache+mod_ssl+mod_accel+ipv6 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"apache+mod_ssl+mod_accel+mod_deflate\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3.34+2.8.25_1\")<0) {\n txt += 'Package apache+mod_ssl+mod_accel+mod_deflate version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"apache+mod_ssl+mod_accel+mod_deflate+ipv6\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3.34+2.8.25_1\")<0) {\n txt += 'Package apache+mod_ssl+mod_accel+mod_deflate+ipv6 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"apache+mod_ssl+mod_deflate\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3.34+2.8.25_1\")<0) {\n txt += 'Package apache+mod_ssl+mod_deflate version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"apache+mod_ssl+mod_deflate+ipv6\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3.34+2.8.25_1\")<0) {\n txt += 'Package apache+mod_ssl+mod_deflate+ipv6 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"apache+mod_ssl+mod_snmp\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3.34+2.8.25_1\")<0) {\n txt += 'Package apache+mod_ssl+mod_snmp version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"apache+mod_ssl+mod_snmp+mod_accel\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3.34+2.8.25_1\")<0) {\n txt += 'Package apache+mod_ssl+mod_snmp+mod_accel version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"apache+mod_ssl+mod_snmp+mod_accel+ipv6\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3.34+2.8.25_1\")<0) {\n txt += 'Package apache+mod_ssl+mod_snmp+mod_accel+ipv6 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"apache+mod_ssl+mod_snmp+mod_deflate\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3.34+2.8.25_1\")<0) {\n txt += 'Package apache+mod_ssl+mod_snmp+mod_deflate version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"apache+mod_ssl+mod_snmp+mod_deflate+ipv6\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3.34+2.8.25_1\")<0) {\n txt += 'Package apache+mod_ssl+mod_snmp+mod_deflate+ipv6 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"apache+mod_ssl+mod_snmp+mod_accel+mod_deflate+ipv6\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.3.34+2.8.25_1\")<0) {\n txt += 'Package apache+mod_ssl+mod_snmp+mod_accel+mod_deflate+ipv6 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-26T08:55:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3352"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache-devel\n mod_ssl\n apache\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5015908 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:65472", "href": "http://plugins.openvas.org/nasl.php?oid=65472", "type": "openvas", "title": "SLES9: Security update for Apache", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5015908.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for Apache\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache-devel\n mod_ssl\n apache\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5015908 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65472);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2005-3352\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"SLES9: Security update for Apache\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~1.3.29~71.24\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-24T12:50:46", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3352"], "description": "The remote host is missing an update as announced\nvia advisory SSA:2006-129-01.", "modified": "2017-07-07T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:56731", "href": "http://plugins.openvas.org/nasl.php?oid=56731", "type": "openvas", "title": "Slackware Advisory SSA:2006-129-01 Apache httpd", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2006_129_01.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New Apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1,\n10.2, and -current to fix security issues.\n\nIn addition, new mod_ssl packages for Apache 1.3.35 are available for\nall of these versions of Slackware, and new versions of PHP are\navailable for Slackware -current. These additional packages do not\nfix security issues, but may be required on your system depending on\nyour Apache setup.\n\nOne more note about this round of updates: the packages have been given\nbuild versions that indicate which version of Slackware they are meant\nto patch, such as -1_slack8.1, or -1_slack9.0, etc. This should help to\navoid some of the issues with automatic upgrade tools by providing a\nunique package name when the same fix is deployed across multiple\nSlackware versions. Only patches applied to -current will have the\nsimple build number, such as -1.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2006-129-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2006-129-01\";\n \nif(description)\n{\n script_id(56731);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_bugtraq_id(15834);\n script_cve_id(\"CVE-2005-3352\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_version(\"$Revision: 6598 $\");\n name = \"Slackware Advisory SSA:2006-129-01 Apache httpd \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"apache\", ver:\"1.3.35-i386-1_slack8.1\", rls:\"SLK8.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"mod_ssl\", ver:\"2.8.26_1.3.35-i386-1_slack8.1\", rls:\"SLK8.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"apache\", ver:\"1.3.35-i386-1_slack9.0\", rls:\"SLK9.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"mod_ssl\", ver:\"2.8.26_1.3.35-i386-1_slack9.0\", rls:\"SLK9.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"apache\", ver:\"1.3.35-i486-1_slack9.1\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"mod_ssl\", ver:\"2.8.26_1.3.35-i486-1_slack9.1\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"apache\", ver:\"1.3.35-i486-1_slack10.0\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"mod_ssl\", ver:\"2.8.26_1.3.35-i486-1_slack10.0\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"apache\", ver:\"1.3.35-i486-1_slack10.1\", rls:\"SLK10.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"mod_ssl\", ver:\"2.8.26_1.3.35-i486-1_slack10.1\", rls:\"SLK10.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"apache\", ver:\"1.3.35-i486-1_slack10.2\", rls:\"SLK10.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"mod_ssl\", ver:\"2.8.26_1.3.35-i486-1_slack10.2\", rls:\"SLK10.2\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3352"], "description": "The remote host is missing an update as announced\nvia advisory SSA:2006-129-01.", "modified": "2019-03-15T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:136141256231056731", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231056731", "type": "openvas", "title": "Slackware Advisory SSA:2006-129-01 Apache httpd", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2006_129_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.56731\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_bugtraq_id(15834);\n script_cve_id(\"CVE-2005-3352\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2006-129-01 Apache httpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(8\\.1|9\\.0|9\\.1|10\\.0|10\\.1|10\\.2)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2006-129-01\");\n\n script_tag(name:\"insight\", value:\"New Apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1,\n10.2, and -current to fix security issues.\n\nIn addition, new mod_ssl packages for Apache 1.3.35 are available for\nall of these versions of Slackware, and new versions of PHP are\navailable for Slackware -current. These additional packages do not\nfix security issues, but may be required on your system depending on\nyour Apache setup.\n\nOne more note about this round of updates: the packages have been given\nbuild versions that indicate which version of Slackware they are meant\nto patch, such as -1_slack8.1, or -1_slack9.0, etc. This should help to\navoid some of the issues with automatic upgrade tools by providing a\nunique package name when the same fix is deployed across multiple\nSlackware versions. Only patches applied to -current will have the\nsimple build number, such as -1.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2006-129-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"apache\", ver:\"1.3.35-i386-1_slack8.1\", rls:\"SLK8.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"mod_ssl\", ver:\"2.8.26_1.3.35-i386-1_slack8.1\", rls:\"SLK8.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"apache\", ver:\"1.3.35-i386-1_slack9.0\", rls:\"SLK9.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"mod_ssl\", ver:\"2.8.26_1.3.35-i386-1_slack9.0\", rls:\"SLK9.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"apache\", ver:\"1.3.35-i486-1_slack9.1\", rls:\"SLK9.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"mod_ssl\", ver:\"2.8.26_1.3.35-i486-1_slack9.1\", rls:\"SLK9.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"apache\", ver:\"1.3.35-i486-1_slack10.0\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"mod_ssl\", ver:\"2.8.26_1.3.35-i486-1_slack10.0\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"apache\", ver:\"1.3.35-i486-1_slack10.1\", rls:\"SLK10.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"mod_ssl\", ver:\"2.8.26_1.3.35-i486-1_slack10.1\", rls:\"SLK10.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"apache\", ver:\"1.3.35-i486-1_slack10.2\", rls:\"SLK10.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"mod_ssl\", ver:\"2.8.26_1.3.35-i486-1_slack10.2\", rls:\"SLK10.2\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2018-04-06T11:37:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3352"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache-devel\n mod_ssl\n apache\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5015908 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:136141256231065472", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065472", "type": "openvas", "title": "SLES9: Security update for Apache", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5015908.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for Apache\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache-devel\n mod_ssl\n apache\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5015908 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65472\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2005-3352\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"SLES9: Security update for Apache\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~1.3.29~71.24\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:44", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3357", "CVE-2005-3352"], "edition": 1, "description": "### Background\n\nThe Apache HTTP server is one of the most popular web servers on the Internet. mod_imap provides support for server-side image maps; mod_ssl provides secure HTTP connections. \n\n### Description\n\nApache's mod_imap fails to properly sanitize the \"Referer\" directive of imagemaps in some cases, leaving the HTTP Referer header unescaped. A flaw in mod_ssl can lead to a NULL pointer dereference if the site uses a custom \"Error 400\" document. These vulnerabilities were reported by Marc Cox and Hartmut Keil, respectively. \n\n### Impact\n\nA remote attacker could exploit mod_imap to inject arbitrary HTML or JavaScript into a user's browser to gather sensitive information. Attackers could also cause a Denial of Service on hosts using the SSL module (Apache 2.0.x only). \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Apache users should upgrade to the latest version, depending on whether they still use the old configuration style (/etc/apache/conf/*.conf) or the new one (/etc/apache2/httpd.conf). \n\n2.0.x users, new style config: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-servers/apache-2.0.55-r1\"\n\n2.0.x users, old style config: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \"=www-servers/apache-2.0.54-r16\"\n\n1.x users, new style config: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \"=www-servers/apache-1.3.34-r11\"\n\n1.x users, old style config: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \"=www-servers/apache-1.3.34-r2\"", "modified": "2007-12-30T00:00:00", "published": "2006-02-06T00:00:00", "id": "GLSA-200602-03", "href": "https://security.gentoo.org/glsa/200602-03", "type": "gentoo", "title": "Apache: Multiple vulnerabilities", "cvss": {"score": 5.4, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2020-07-09T19:46:32", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3357", "CVE-2005-3352"], "description": "The \"mod_imap\" module (which provides support for image maps) did not \nproperly escape the \"referer\" URL which rendered it vulnerable against \na cross-site scripting attack. A malicious web page (or HTML email) \ncould trick a user into visiting a site running the vulnerable mod_imap, \nand employ cross-site-scripting techniques to gather sensitive user \ninformation from that site. (CVE-2005-3352)\n\nHartmut Keil discovered a Denial of Service vulnerability in the SSL \nmodule (\"mod_ssl\") that affects SSL-enabled virtual hosts with a \ncustomized error page for error 400. By sending a specially crafted \nrequest to the server, a remote attacker could crash the server. This \nonly affects Apache 2, and only if the \"worker\" implementation \n(apache2-mpm-worker) is used. (CVE-2005-3357)", "edition": 5, "modified": "2006-01-13T00:00:00", "published": "2006-01-13T00:00:00", "id": "USN-241-1", "href": "https://ubuntu.com/security/notices/USN-241-1", "title": "Apache vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.4, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-09T17:38:07", "bulletinFamily": "unix", "cvelist": ["CVE-2005-2970"], "description": "A memory leak was found in the Apache 2 'worker' module in the \nhandling of aborted TCP connections. By repeatedly triggering this \nsituation, a remote attacker could drain all available memory, which \neventually led to a Denial of Service.", "edition": 5, "modified": "2005-12-07T00:00:00", "published": "2005-12-07T00:00:00", "id": "USN-225-1", "href": "https://ubuntu.com/security/notices/USN-225-1", "title": "Apache 2 vulnerability", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cert": [{"lastseen": "2020-09-18T20:43:09", "bulletinFamily": "info", "cvelist": ["CVE-2005-3352", "CVE-2005-3357", "CVE-2006-3747"], "description": "### Overview \n\nA vulnerability in a common Apache HTTP server module, `mod_rewrite`, could allow a remote attacker to execute arbitrary code on an affected web server.\n\n### Description \n\nThe [Apache HTTP server](<http://httpd.apache.org/>) distribution includes a number of supplemental [modules](<http://httpd.apache.org/docs/mod/>) that provide additional functionality to the web server. One of these modules, [`mod_rewrite`](<http://httpd.apache.org/docs/mod/mod_rewrite.html>), provides a rule-based rewriting engine to rewrite requested URLs \"on the fly\" based on regular expressions.\n\nAn off-by-one error exists in the `ldap` scheme handling in `mod_rewrite`. For some `RewriteRules`, specifically those where the remote user can influence the beginning of a rewritten URL and that do not include any of the following flags: Forbidden (`F`), Gone (`G`), or NoEscape (`NE`), this could lead to a pointer being written out of bounds. This flaw causes a remotely exploitable vulnerability on web servers that have `mod_rewrite` enabled (configuration directive \"`RewriteEngine on`\") and configured to use certain rules. For example, rules with this format expose the vulnerability: \n \n`RewriteRule fred/(.*) $1` \n \nWhile rules with this format do not expose the vulnerability: \n \n`RewriteRule fred/(.*) joe/$1` \n \nThe versions of the `mod_rewrite` module supplied with the Apache HTTP server versions \n\n\n * 1.3 branch from 1.3.28\n * 2.0 branch from 2.0.46\n * 2.2 branch from 2.2.0\n \nare vulnerable to this issue but earlier versions are not. The Apache Software Foundation notes that `mod_rewrite` is not enabled and configured as a normal default, however it is a commonly used module and may be provided in a vulnerable configuration by redistributors. \n--- \n \n### Impact \n\nAn attacker may be able to execute arbitrary code in the context of the web server user (e.g., \"`apache`\", \"`httpd`\", \"`nobody`\", \"`SYSTEM`\", etc.). The Apache Software Foundation notes that, due to the nature of the underlying flaw, successful exploitation is dependent upon the stack frame layout of apache running on the target host. \n \n--- \n \n### Solution \n\n**Apply a patch from the vendor** \n \nPatches have been released to address this vulnerability. Please see the Systems Affected section of this document for more details. \n \n--- \n \n**Workarounds**\n\n \nDisable `mod_rewrite` if it is not required in your web server configuration. Instructions for doing this can be found in the [Apache HTTP server documentation](<http://httpd.apache.org/docs/>). Sites, particularly those that are not able to apply the patches, are encouraged to implement this workaround. \n \n--- \n \n### Vendor Information\n\n395412\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Apache HTTP Server Project __ Affected\n\nUpdated: August 01, 2006 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe Apache project has released httpd versions 1.3.37 (for the 1.3 branch), 2.0.59 (for the 2.0 branch), and 2.2.3 (for the 2.2 branch) in response to this issue. Users are encouraged to upgrade to the appropriate version of the software that contains a fix. For more information, see the following Apache announcements:\n\n \n&lt;<http://www.apache.org/dist/httpd/Announcement2.2.html>&gt; \n&lt;<http://www.apache.org/dist/httpd/Announcement2.0.html>&gt; \n&lt;<http://www.apache.org/dist/httpd/Announcement1.3.html>&gt;\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23395412 Feedback>).\n\n### Fedora Project __ Affected\n\nUpdated: July 27, 2006 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\n`Vendor statement: Fedora Project \n \nVulnerable \n \nThe ability to exploit this issue is dependent on the stack layout for \na particular compiled version of mod_rewrite. The Fedora project has \nanalyzed Fedora Core 4 and 5 binaries and determined that these \ndistributions are vulnerable to this issue. However this flaw does \nnot affect a default installation of Fedora Core; users who do not \nuse, or have not enabled, the Rewrite module are not affected by this \nissue. \n \nUpdates to correct this issue are available, see \n<http://fedora.redhat.com/Download/updates.html> \n`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Gentoo Linux __ Affected\n\nNotified: July 26, 2006 Updated: August 01, 2006 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe Gentoo Security Team has published Gentoo Linux Security Advisory [GLSA 200608-01/apache](<http://www.gentoo.org/security/en/glsa/glsa-200608-01.xml>) in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23395412 Feedback>).\n\n### Hewlett-Packard Company __ Affected\n\nNotified: July 26, 2006 Updated: September 15, 2006 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\n`-----BEGIN PGP SIGNED MESSAGE-----` \n`Hash: SHA1` \n \n`SUPPORT COMMUNICATION - SECURITY BULLETIN` \n \n`Document ID: c00760969` \n \n`Version: 1` \n \n`HPSBUX02145 SSRT061202 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, ` \n`Denial of Service (DoS), and Unauthorized Access` \n \n`NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.` \n \n`Release Date: 2006-08-25` \n`Last Updated: 2006-08-28` \n \n`Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), ` \n`and unauthorized access.` \n \n`Source: Hewlett-Packard Company, HP Software Security Response Team` \n \n`VULNERABILITY SUMMARY` \n`Potential security vulnerabilities have been identified with Apache running on HP-UX. ` \n`These vulnerabilities could be exploited remotely to allow execution of arbitrary code, ` \n`Denial of Service (DoS), or unauthorized access.` \n \n`References: CVE-2006-3747, CVE-2005-3352, CVE-2005-3357` \n \n`SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.` \n`HP-UX B.11.00, B.11.11, B.11.23 running Apache-based Web Server prior to v.2.0.58.` \n \n`BACKGROUND` \n \n`The following potential security vulnerabilities are resolved in the ` \n`software update listed below:` \n \n`CVE-2006-3747 (cve.mitre.org): Off-by-one error in the ldap scheme handling.` \n`CVE-2005-3352 (cve.mitre.org): mod_ssl NULL pointer dereference.` \n`CVE-2005-3357 (cve.mitre.org): Remote arbitrary code execution.` \n \n`AFFECTED VERSIONS` \n \n`For IPv4:` \n`HP-UX B.11.00` \n`HP-UX B.11.11` \n`===========` \n`hpuxwsAPACHE` \n`action: install revision A.2.0.58.00 or subsequent` \n`action: restart Apache` \n \n`For IPv6:` \n`HP-UX B.11.11` \n`===========` \n`hpuxwsAPACHE,revision=B.1.0.00.01` \n`hpuxwsAPACHE,revision=B.1.0.07.01` \n`hpuxwsAPACHE,revision=B.1.0.08.01` \n`hpuxwsAPACHE,revision=B.1.0.09.01` \n`hpuxwsAPACHE,revision=B.1.0.10.01` \n`hpuxwsAPACHE,revision=B.2.0.48.00` \n`hpuxwsAPACHE,revision=B.2.0.49.00` \n`hpuxwsAPACHE,revision=B.2.0.50.00` \n`hpuxwsAPACHE,revision=B.2.0.51.00` \n`hpuxwsAPACHE,revision=B.2.0.52.00` \n`hpuxwsAPACHE,revision=B.2.0.53.00` \n`hpuxwsAPACHE,revision=B.2.0.54.00` \n`hpuxwsAPACHE,revision=B.2.0.55.00` \n`action: install revision B.2.0.58.00 or subsequent` \n`action: restart Apache` \n \n`HP-UX B.11.23` \n`===========` \n`hpuxwsAPACHE` \n`action: install revision B.2.0.58.00 or subsequent` \n`action: restart Apache` \n \n`END AFFECTED VERSIONS` \n \n`RESOLUTION` \n \n`HP has made the following patches and software updates available to resolve the issue.` \n \n`Software updates for the Apache-based Web Server are available from:` \n \n`<http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/>` \n`displayProductInfo.pl?productNumber=HPUXWSSUITE` \n \n`HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server ` \n`v.2.0.58.00 or subsequent.` \n \n`Apache Update Procedure` \n \n`Check for Apache Installation` \n`- ----------------------------` \n`To determine if the Apache web server from HP is installed on your system, ` \n`use Software Distributor's swlist command. All three revisions of the product ` \n`may co-exist on a single system.` \n`For example, the results of the command` \n`swlist -l product | grep -i apache` \n`hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server` \n \n`Stop Apache` \n`- -------------` \n`Before updating, make sure to stop any previous Apache binary. Otherwise, ` \n`the previous binary will continue running, preventing the new one from starting,` \n`although the installation would be successful. After determining which Apache is ` \n`installed, stop Apache with the following commands:` \n`for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop` \n \n`Download and Install Apache` \n`- ---------------------------` \n`Download Apache from Software Depot:` \n \n`<http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/>` \n`displayProductInfo.pl?productNumber=HPUXWSSUITE` \n \n`Verify successful download by comparing the cksum with the value ` \n`specified on the installation web page.` \n \n`Use SD to swinstall the depot.` \n`Installation of this new revision of HP Apache over an existing HP Apache ` \n`installation is supported, while installation over a non-HP Apache is NOT supported.` \n \n`Removing Apache Installation` \n`- ----------------------------` \n`If you prefer to remove Apache from your system instead of installing a newer revision ` \n`to resolve the security problem, use both Software Distributor's \"swremove\" command ` \n`and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables.` \n`%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf` \n \n`MANUAL ACTIONS: Yes - Update plus other actions` \n`Install the revision of the product.` \n \n`PRODUCT SPECIFIC INFORMATION` \n`HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all ` \n`HP-issued Security Bulletins to provide a subset of recommended actions that potentially ` \n`affect a specific HP-UX system. For more information: <http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA>` \n \n`HISTORY: rev.1 - 28 August 2006 Initial Release` \n \n`Support: For further information, contact normal HP Services` \n`support channel.` \n \n`Report: To report a potential security vulnerability with any HP` \n`supported product, send Email to: security-alert@hp.com. It is` \n`strongly recommended that security related information being` \n`communicated to HP be encrypted using PGP, especially exploit` \n`information. To get the security-alert PGP key, please send an` \n`e-mail message as follows:` \n` To: security-alert@hp.com` \n` Subject: get key` \n \n`Subscribe: To initiate a subscription to receive future HP` \n`Security Bulletins via Email:` \n`[http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&](<http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&>)` \n`langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC` \n \n`On the web page: ITRC security bulletins and patch sign-up` \n`Under Step1: your ITRC security bulletins and patches` \n` - check ALL categories for which alerts are required and` \n` continue.` \n`Under Step2: your ITRC operating systems` \n` - verify your operating system selections are checked and` \n` save.` \n \n`To update an existing subscription:` \n`<http://h30046.www3.hp.com/subSignIn.php>` \n`Log in on the web page:` \n` Subscriber's choice for Business: sign-in.` \n`On the web page:` \n` Subscriber's Choice: your profile summary` \n` - use Edit Profile to update appropriate sections.` \n \n`To review previously published Security Bulletins visit:` \n`<http://www.itrc.hp.com/service/cki/secBullArchive.do>` \n \n`* The Software Product Category that this Security Bulletin` \n`relates to is represented by the 5th and 6th characters of the` \n`Bulletin number in the title:` \n \n` GN = HP General SW,` \n` MA = HP Management Agents,` \n` MI = Misc. 3rd party SW,` \n` MP = HP MPE/iX,` \n` NS = HP NonStop Servers,` \n` OV = HP OpenVMS,` \n` PI = HP Printing & Imaging,` \n` ST = HP Storage SW,` \n` TL = HP Trusted Linux,` \n` TU = HP Tru64 UNIX,` \n` UX = HP-UX,` \n` VV = HP Virtual Vault` \n \n \n`System management and security procedures must be reviewed` \n`frequently to maintain system integrity. HP is continually` \n`reviewing and enhancing the security features of software products` \n`to provide customers with current secure solutions.` \n \n`\"HP is broadly distributing this Security Bulletin in order to` \n`bring to the attention of users of the affected HP products the` \n`important security information contained in this Bulletin. HP` \n`recommends that all users determine the applicability of this` \n`information to their individual situations and take appropriate` \n`action. HP does not warrant that this information is necessarily` \n`accurate or complete for all user situations and, consequently, HP` \n`will not be responsible for any damages resulting from user's use` \n`or disregard of the information provided in this Bulletin. To the` \n`extent permitted by law, HP disclaims all warranties, either` \n`express or implied, including the warranties of merchantability` \n`and fitness for a particular purpose, title and non-infringement.\"` \n \n \n`(c)Copyright 2006 Hewlett-Packard Development Company, L.P.` \n`Hewlett-Packard Company shall not be liable for technical or` \n`editorial errors or omissions contained herein. The information` \n`provided is provided \"as is\" without warranty of any kind. To the` \n`extent permitted by law, neither HP nor its affiliates,` \n`subcontractors or suppliers will be liable for incidental, special` \n`or consequential damages including downtime cost; lost profits;` \n`damages relating to the procurement of substitute products or` \n`services; or damages for loss of data, or software restoration.` \n`The information in this document is subject to change without` \n`notice. Hewlett-Packard Company and the names of Hewlett-Packard` \n`products referenced herein are trademarks of Hewlett-Packard` \n`Company in the United States and other countries. Other product` \n`and company names mentioned herein may be trademarks of their` \n`respective owners.` \n`-----BEGIN PGP SIGNATURE-----` \n`Version: PGP 8.1` \n \n`iQA/AwUBRP1TReAfOvwtKn1ZEQLT9ACfWII/AKKvj7mlAZjWvCuL5RR7WjkAn38R` \n`t0wC8YEPUSa3cTZD5UhhZEiW` \n`=30XB` \n`-----END PGP SIGNATURE-----`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Mandriva, Inc. __ Affected\n\nNotified: July 26, 2006 Updated: August 01, 2006 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nMandriva has published Mandriva Linux Security Advisory [MDKSA-2006:133](<http://www.mandriva.com/security/advisories?name=MDKSA-2006:133>) in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23395412 Feedback>).\n\n### OpenPKG __ Affected\n\nUpdated: August 01, 2006 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe OpenPKG Project has published OpenPKG Security Advisory [OpenPKG-SA-2006.015](<http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html>) in response to this issue. Users are encouraged to review this advisory and apply the patches that it refers to.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23395412 Feedback>).\n\n### Oracle Corporation __ Affected\n\nNotified: July 26, 2006 Updated: October 18, 2006 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nRefer to <http://www.oracle.com/technology/deploy/security/critical-patch-updates/public_vuln_to_advisory_mapping.html>.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23395412 Feedback>).\n\n### SUSE Linux __ Affected\n\nNotified: July 26, 2006 Updated: August 01, 2006 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nSUSE has published SUSE Security Announcement [SUSE-SA:2006:043](<http://www.novell.com/linux/security/advisories/2006_43_apache.html>) in response to this issue. Users are encouraged to review this announcement and apply the patches it refers to.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23395412 Feedback>).\n\n### Slackware Linux Inc. __ Affected\n\nNotified: July 26, 2006 Updated: August 01, 2006 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nSlackware has published Slackware Security Advisory [SSA:2006-209-01](<http://www.slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.610131>) in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23395412 Feedback>).\n\n### Ubuntu __ Affected\n\nNotified: July 26, 2006 Updated: August 01, 2006 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe Ubuntu project has published [Ubuntu Security Notice USN-328-1](<http://www.ubuntu.com/usn/usn-328-1>) in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23395412 Feedback>).\n\n### Apple Computer, Inc. __ Not Affected\n\nNotified: July 26, 2006 Updated: July 27, 2006 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n`Mac OS X and Mac OS X Server do not contain this vulnerability.`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Fujitsu __ Not Affected\n\nNotified: July 26, 2006 Updated: July 27, 2006 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n`We are investigating this issue. \nNo affected products have been identified.`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Hitachi __ Not Affected\n\nNotified: July 26, 2006 Updated: July 31, 2006 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n`Hitachi Web Server does NOT support mod_rewrite module \nofficially and is NOT vulnerable to this issue.`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Juniper Networks, Inc. __ Not Affected\n\nNotified: July 26, 2006 Updated: July 27, 2006 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n`Juniper Networks products are not susceptible to this vulnerability`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Openwall GNU/*/Linux __ Not Affected\n\nNotified: July 26, 2006 Updated: July 31, 2006 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n`Openwall GNU/*/Linux is not vulnerable. We do not currently ship Apache.`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Red Hat, Inc. __ Not Affected\n\nUpdated: July 27, 2006 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n`Not vulnerable \n \nThis issue does not affect the version of Apache httpd as supplied with \nRed Hat Enterprise Linux 2.1 \n \nThe ability to exploit this issue is dependent on the stack layout for \na particular compiled version of mod_rewrite. If the compiler has \nadded padding to the stack immediately after the buffer being \noverwritten, this issue can not be exploited, and Apache httpd will \ncontinue operating normally. \n \nThe Red Hat Security Response Team analyzed Red Hat Enterprise Linux 3 \nand Red Hat Enterprise Linux 4 binaries for all architectures as \nshipped by Red Hat and determined that these versions cannot be \nexploited. We therefore do not plan on providing updates for this \nissue. \n \nFor technical details see: \n<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=200219> \n`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Conectiva Inc. Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Cray Inc. Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Debian GNU/Linux __ Unknown\n\nNotified: July 26, 2006 Updated: August 03, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe Debian project has published [Debian Security Advisory DSA 1132](<http://www.debian.org/security/2006/dsa-1132>) in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23395412 Feedback>).\n\n### EMC, Inc. (formerly Data General Corporation) Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Engarde Secure Linux Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### F5 Networks, Inc. Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### FreeBSD, Inc. Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### IBM Corporation Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### IBM Corporation (zseries) Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### IBM eServer __ Unknown\n\nNotified: July 26, 2006 Updated: July 27, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\n`For information related to this and other published CERT Advisories that may \nrelate to the IBM eServer Platforms (xSeries, iSeries, pSeries, and zSeries) \nplease go to \n[https://app-06.www.ibm.com/servers/resourcelink/lib03020.nsf/pages/securityalerts?OpenDocument&pathID=](<https://app-06.www.ibm.com/servers/resourcelink/lib03020.nsf/pages/securityalerts?OpenDocument&pathID=>) \n \nIn order to access this information you will require a Resource Link ID. To \nsubscribe to Resource Link go to \n<http://app-06.www.ibm.com/servers/resourcelink> and follow the steps for \nregistration. \n \nAll questions should be referred to servsec@us.ibm.com. \n`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Immunix Communications, Inc. Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Ingrian Networks, Inc. Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### MontaVista Software, Inc. Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### NEC Corporation Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### NetBSD Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Nokia Unknown\n\nNotified: July 26, 2006 Updated: July 28, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Novell, Inc. Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### OpenBSD Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### QNX, Software Systems, Inc. Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Silicon Graphics, Inc. Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Sony Corporation Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Sun Microsystems, Inc. Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### The SCO Group Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Trustix Secure Linux Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Turbolinux Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Unisys Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Wind River Systems, Inc. Unknown\n\nNotified: July 26, 2006 Updated: July 25, 2006 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\nView all 43 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References \n\n * <http://www.apache.org/dist/httpd/Announcement2.2.html>\n * <http://www.apache.org/dist/httpd/Announcement2.0.html>\n * <http://www.apache.org/dist/httpd/Announcement1.3.html>\n * <http://secunia.com/advisories/21197/>\n * <http://secunia.com/advisories/21273/>\n * <http://secunia.com/advisories/21245/>\n * <http://secunia.com/advisories/21266/>\n * <http://secunia.com/advisories/21247/>\n * <http://secunia.com/advisories/21307/>\n * <http://secunia.com/advisories/21315/>\n * <http://secunia.com/advisories/21313/>\n * <http://secunia.com/advisories/21284/>\n * <http://www.niscc.gov.uk/niscc/docs/al-20060728-00515.html?lang=en>\n * <http://jvn.jp/cert/JVNVU%23395412/index.html>\n\n### Acknowledgements\n\nThanks to Mark Cox of the Apache Software Foundation for reporting this vulnerability. Mark, in turn, credits Mark Dowd of McAfee AVERT Labs with reporting this issue.\n\nThis document was written by Chad R Dougherty.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2006-3747](<http://web.nvd.nist.gov/vuln/detail/CVE-2006-3747>) \n---|--- \n**Severity Metric:** | 6.48 \n**Date Public:** | 2006-07-27 \n**Date First Published:** | 2006-07-28 \n**Date Last Updated: ** | 2006-10-18 12:52 UTC \n**Document Revision: ** | 43 \n", "modified": "2006-10-18T12:52:00", "published": "2006-07-28T00:00:00", "id": "VU:395412", "href": "https://www.kb.cert.org/vuls/id/395412", "type": "cert", "title": "Apache mod_rewrite contains off-by-one error in ldap scheme handling", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:17", "bulletinFamily": "software", "cvelist": ["CVE-2005-2970"], "edition": 1, "description": "## Vulnerability Description\nApache Multi-Processing Module (MPM) contains a flaw that may allow a remote denial of service. The issue is triggered when a malicious attacker uses aborted connection attempts to fill transaction pool memory, preventing the memory from being reused for other connections. This will result in loss of availability for the service.\n## Solution Description\nUpgrade to version 2.0.55, 2.1.9 (devel) or higher, as it has been reported to fix this vulnerability. In addition, Apache has released a patch for some older versions.\n## Short Description\nApache Multi-Processing Module (MPM) contains a flaw that may allow a remote denial of service. The issue is triggered when a malicious attacker uses aborted connection attempts to fill transaction pool memory, preventing the memory from being reused for other connections. This will result in loss of availability for the service.\n## References:\nVendor URL: http://httpd.apache.org/\nVendor Specific Solution URL: http://www.apache.org/dist/httpd/Announcement2.0.html\nVendor Specific Solution URL: http://httpd.apache.org/download.cgi\nVendor Specific Solution URL: http://issues.apache.org/bugzilla/attachment.cgi?id=16102\nVendor Specific News/Changelog Entry: http://svn.apache.org/viewcvs.cgi/httpd/httpd/branches/2.0.x/server/mpm/worker/worker.c\nVendor Specific News/Changelog Entry: http://mail-archives.apache.org/mod_mbox/httpd-cvs/200509.mbox/%3C20051001110218.40692.qmail@minotaur.apache.org%3E\nVendor Specific News/Changelog Entry: http://svn.apache.org/viewcvs?rev=292949&view=rev\nVendor Specific News/Changelog Entry: http://svn.apache.org/viewcvs.cgi/httpd/httpd/branches/2.2.x/server/mpm/worker/worker.c\n[Vendor Specific Advisory URL](http://issues.apache.org/bugzilla/show_bug.cgi?id=28175)\n[Vendor Specific Advisory URL](http://issues.apache.org/bugzilla/show_bug.cgi?id=29962)\n[Vendor Specific Advisory URL](ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U.asc)\nSecurity Tracker: 1015093\n[Secunia Advisory ID:18333](https://secuniaresearch.flexerasoftware.com/advisories/18333/)\n[Secunia Advisory ID:16559](https://secuniaresearch.flexerasoftware.com/advisories/16559/)\n[Secunia Advisory ID:18517](https://secuniaresearch.flexerasoftware.com/advisories/18517/)\n[Secunia Advisory ID:17831](https://secuniaresearch.flexerasoftware.com/advisories/17831/)\n[Secunia Advisory ID:17923](https://secuniaresearch.flexerasoftware.com/advisories/17923/)\n[Secunia Advisory ID:18161](https://secuniaresearch.flexerasoftware.com/advisories/18161/)\n[Secunia Advisory ID:18585](https://secuniaresearch.flexerasoftware.com/advisories/18585/)\nRedHat RHSA: RHSA-2006:0159\nOther Solution URL: http://www-1.ibm.com/support/docview.wss?rs=0&uid=swg24010709\nOther Solution URL: ftp://ftp.software.ibm.com/software/websphere/ihs/support/Tools/ihsdiag/\nOther Advisory URL: http://lists.suse.com/archive/suse-security-announce/2005-Dec/0001.html\nOther Advisory URL: http://www.ubuntulinux.org/usn/usn-225-1\nOther Advisory URL: http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:233\nISS X-Force ID: 22858\nGeneric Informational URL: http://httpd.apache.org/docs/2.0/mod/worker.html\n[CVE-2005-2970](https://vulners.com/cve/CVE-2005-2970)\n", "modified": "2005-07-07T00:00:00", "published": "2005-07-07T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:20462", "id": "OSVDB:20462", "type": "osvdb", "title": "Apache HTTP Server worker.c MPM Memory Exhaustion DoS", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:18", "bulletinFamily": "software", "cvelist": ["CVE-2005-3352"], "edition": 1, "description": "# No description provided by the source\n\n## References:\n[Vendor Specific Advisory URL](http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:007)\n[Vendor Specific Advisory URL](http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml)\n[Vendor Specific Advisory URL](http://www-1.ibm.com/support/docview.wss?uid=swg24012511)\n[Vendor Specific Advisory URL](ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U.asc)\n[Vendor Specific Advisory URL](http://www.us.debian.org/security/2006/dsa-1167)\n[Vendor Specific Advisory URL](http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html)\n[Vendor Specific Advisory URL](http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.685483)\n[Vendor Specific Advisory URL](http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1)\n[Vendor Specific Advisory URL](http://itrc.hp.com/service/cki/docDisplay.do?docId=c00797078)\n[Vendor Specific Advisory URL](http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE)\n[Vendor Specific Advisory URL](http://www.trustix.org/errata/2005/0074/)\n[Vendor Specific Advisory URL](http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1)\nSecurity Tracker: 1015344\n[Secunia Advisory ID:18333](https://secuniaresearch.flexerasoftware.com/advisories/18333/)\n[Secunia Advisory ID:18339](https://secuniaresearch.flexerasoftware.com/advisories/18339/)\n[Secunia Advisory ID:18429](https://secuniaresearch.flexerasoftware.com/advisories/18429/)\n[Secunia Advisory ID:18743](https://secuniaresearch.flexerasoftware.com/advisories/18743/)\n[Secunia Advisory ID:22388](https://secuniaresearch.flexerasoftware.com/advisories/22388/)\n[Secunia Advisory ID:18008](https://secuniaresearch.flexerasoftware.com/advisories/18008/)\n[Secunia Advisory ID:18340](https://secuniaresearch.flexerasoftware.com/advisories/18340/)\n[Secunia Advisory ID:20046](https://secuniaresearch.flexerasoftware.com/advisories/20046/)\n[Secunia Advisory ID:21744](https://secuniaresearch.flexerasoftware.com/advisories/21744/)\n[Secunia Advisory ID:18526](https://secuniaresearch.flexerasoftware.com/advisories/18526/)\n[Secunia Advisory ID:18517](https://secuniaresearch.flexerasoftware.com/advisories/18517/)\n[Secunia Advisory ID:22368](https://secuniaresearch.flexerasoftware.com/advisories/22368/)\n[Secunia Advisory ID:22669](https://secuniaresearch.flexerasoftware.com/advisories/22669/)\n[Secunia Advisory ID:23260](https://secuniaresearch.flexerasoftware.com/advisories/23260/)\n[Secunia Advisory ID:18585](https://secuniaresearch.flexerasoftware.com/advisories/18585/)\n[Secunia Advisory ID:19012](https://secuniaresearch.flexerasoftware.com/advisories/19012/)\n[Secunia Advisory ID:20670](https://secuniaresearch.flexerasoftware.com/advisories/20670/)\n[Secunia Advisory ID:22140](https://secuniaresearch.flexerasoftware.com/advisories/22140/)\n[Secunia Advisory ID:25239](https://secuniaresearch.flexerasoftware.com/advisories/25239/)\nRedHat RHSA: RHSA-2006:0159\nRedHat RHSA: RHSA-2006:0158\nRedHat RHSA: RHSA-2006:0692\nOther Advisory URL: http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html\nOther Advisory URL: http://www.ubuntu.com/usn/usn-241-1\nOther Advisory URL: http://www.apacheweek.com/features/security-13\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-12/0089.html\nKeyword: 4012511\nKeyword: HPSBUX02172,SSRT061269\nFrSIRT Advisory: ADV-2005-2870\n[CVE-2005-3352](https://vulners.com/cve/CVE-2005-3352)\nBugtraq ID: 15834\n", "modified": "2005-12-13T14:32:28", "published": "2005-12-13T14:32:28", "href": "https://vulners.com/osvdb/OSVDB:21705", "id": "OSVDB:21705", "title": "Apache HTTP Server mod_imap Image Map Referer XSS", "type": "osvdb", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-04-28T13:20:19", "bulletinFamily": "software", "cvelist": ["CVE-2005-3357"], "edition": 1, "description": "# No description provided by the source\n\n## References:\nVendor URL: http://www.modssl.org/\nVendor URL: http://httpd.apache.org/\nVendor Specific News/Changelog Entry: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=175720\nVendor Specific News/Changelog Entry: http://issues.apache.org/bugzilla/show_bug.cgi?id=37791\nVendor Specific News/Changelog Entry: http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117\n[Vendor Specific Advisory URL](http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:007)\n[Vendor Specific Advisory URL](http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml)\n[Vendor Specific Advisory URL](ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U.asc)\n[Vendor Specific Advisory URL](http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html)\n[Vendor Specific Advisory URL](http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1)\n[Vendor Specific Advisory URL](http://itrc.hp.com/service/cki/docDisplay.do?docId=c00797078)\n[Vendor Specific Advisory URL](http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE)\n[Vendor Specific Advisory URL](http://www.trustix.org/errata/2005/0074/)\nSecurity Tracker: 1015447\n[Secunia Advisory ID:18333](https://secuniaresearch.flexerasoftware.com/advisories/18333/)\n[Secunia Advisory ID:18339](https://secuniaresearch.flexerasoftware.com/advisories/18339/)\n[Secunia Advisory ID:18429](https://secuniaresearch.flexerasoftware.com/advisories/18429/)\n[Secunia Advisory ID:18743](https://secuniaresearch.flexerasoftware.com/advisories/18743/)\n[Secunia Advisory ID:22523](https://secuniaresearch.flexerasoftware.com/advisories/22523/)\n[Secunia Advisory ID:18340](https://secuniaresearch.flexerasoftware.com/advisories/18340/)\n[Secunia Advisory ID:18307](https://secuniaresearch.flexerasoftware.com/advisories/18307/)\n[Secunia Advisory ID:18517](https://secuniaresearch.flexerasoftware.com/advisories/18517/)\n[Secunia Advisory ID:22233](https://secuniaresearch.flexerasoftware.com/advisories/22233/)\n[Secunia Advisory ID:22368](https://secuniaresearch.flexerasoftware.com/advisories/22368/)\n[Secunia Advisory ID:22669](https://secuniaresearch.flexerasoftware.com/advisories/22669/)\n[Secunia Advisory ID:23260](https://secuniaresearch.flexerasoftware.com/advisories/23260/)\n[Secunia Advisory ID:18585](https://secuniaresearch.flexerasoftware.com/advisories/18585/)\n[Secunia Advisory ID:19012](https://secuniaresearch.flexerasoftware.com/advisories/19012/)\nRedHat RHSA: RHSA-2006:0159\nRedHat RHSA: RHSA-2006:0159-8\nOther Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102640-1\nOther Advisory URL: http://www.ubuntu.com/usn/usn-241-1\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-12/0089.html\nKeyword: HPSBUX02172,SSRT061269\n[CVE-2005-3357](https://vulners.com/cve/CVE-2005-3357)\n", "modified": "2005-12-05T07:33:20", "published": "2005-12-05T07:33:20", "href": "https://vulners.com/osvdb/OSVDB:22261", "id": "OSVDB:22261", "type": "osvdb", "title": "Apache HTTP Server mod_ssl ssl_hook_Access Error Handling DoS", "cvss": {"score": 5.4, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "httpd": [{"lastseen": "2016-09-26T21:39:38", "bulletinFamily": "software", "cvelist": ["CVE-2005-2970"], "description": "\n\nA memory leak in the worker MPM would allow remote attackers to cause\na denial of service (memory consumption) via aborted connections,\nwhich prevents the memory for the transaction pool from being reused\nfor other connections. This issue was downgraded in severity to low\n(from moderate) as sucessful exploitation of the race condition would\nbe difficult.\n\n", "edition": 1, "modified": "2005-10-14T00:00:00", "published": "2005-10-14T00:00:00", "id": "HTTPD:11A7A61AEC2B4A2E6B1136E7EC18285F", "href": "https://httpd.apache.org/security_report.html", "type": "httpd", "title": "Apache Httpd < 2.0.55: Worker MPM memory leak", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2020-12-24T14:26:52", "bulletinFamily": "software", "cvelist": ["CVE-2005-2970"], "description": "\n\nA memory leak in the worker MPM would allow remote attackers to cause\na denial of service (memory consumption) via aborted connections,\nwhich prevents the memory for the transaction pool from being reused\nfor other connections. This issue was downgraded in severity to low\n(from moderate) as sucessful exploitation of the race condition would\nbe difficult.\n\n", "edition": 5, "modified": "2005-10-14T00:00:00", "published": "2005-10-14T00:00:00", "id": "HTTPD:60A3A95B73E5F3424F9955F53B32634F", "href": "https://httpd.apache.org/security_report.html", "title": "Apache Httpd < None: Worker MPM memory leak", "type": "httpd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2016-09-26T21:39:38", "bulletinFamily": "software", "cvelist": ["CVE-2005-3352"], "description": "\n\nA flaw in mod_imap when using the Referer directive with image maps.\nIn certain site configurations a remote attacker could perform a cross-site\nscripting attack if a victim can be forced to visit a malicious \nURL using certain web browsers. \n\n", "edition": 1, "modified": "2006-05-01T00:00:00", "published": "2005-11-01T00:00:00", "id": "HTTPD:6A6D246162DDA1D862484083299ECC4C", "href": "https://httpd.apache.org/security_report.html", "type": "httpd", "title": "Apache Httpd < 2.0.58: mod_imap Referer Cross-Site Scripting", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2020-12-24T14:26:52", "bulletinFamily": "software", "cvelist": ["CVE-2005-3352"], "description": "\n\nA flaw in mod_imap when using the Referer directive with image maps.\nIn certain site configurations a remote attacker could perform a cross-site\nscripting attack if a victim can be forced to visit a malicious \nURL using certain web browsers. \n\n", "edition": 5, "modified": "2005-12-12T00:00:00", "published": "2005-11-01T00:00:00", "id": "HTTPD:585431E03431E2BD4D1F7D6E61204BB9", "href": "https://httpd.apache.org/security_report.html", "title": "Apache Httpd < None: mod_imap Referer Cross-Site Scripting", "type": "httpd", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2016-09-26T21:39:38", "bulletinFamily": "software", "cvelist": ["CVE-2005-3352"], "description": "\n\nA flaw in mod_imap when using the Referer directive with image maps.\nIn certain site configurations a remote attacker could perform a cross-site\nscripting attack if a victim can be forced to visit a malicious \nURL using certain web browsers. \n\n", "edition": 1, "modified": "2006-05-01T00:00:00", "published": "2005-11-01T00:00:00", "id": "HTTPD:02D2F96F0155C694CF1295A7E79268B4", "href": "https://httpd.apache.org/security_report.html", "type": "httpd", "title": "Apache Httpd < 1.3.35: mod_imap Referer Cross-Site Scripting", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2016-09-26T21:39:38", "bulletinFamily": "software", "cvelist": ["CVE-2005-3352"], "description": "\n\nA flaw in mod_imap when using the Referer directive with image maps.\nIn certain site configurations a remote attacker could perform a cross-site\nscripting attack if a victim can be forced to visit a malicious \nURL using certain web browsers. \n\n", "edition": 1, "modified": "2006-05-01T00:00:00", "published": "2005-11-01T00:00:00", "id": "HTTPD:86B13C85F68E8D147B32F80CDEF73D8E", "href": "https://httpd.apache.org/security_report.html", "type": "httpd", "title": "Apache Httpd < 2.2.2: mod_imap Referer Cross-Site Scripting", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2020-12-24T14:26:52", "bulletinFamily": "software", "cvelist": ["CVE-2005-3357"], "description": "\n\nA NULL pointer dereference flaw in mod_ssl was discovered affecting server\nconfigurations where an SSL virtual host is configured with access control\nand a custom 400 error document. A remote attacker could send a carefully\ncrafted request to trigger this issue which would lead to a crash. This\ncrash would only be a denial of service if using the worker MPM.\n\n", "edition": 5, "modified": "2005-12-12T00:00:00", "published": "2005-12-05T00:00:00", "id": "HTTPD:F7679CE4C32DE86477AA13FB89AE6D5F", "href": "https://httpd.apache.org/security_report.html", "title": "Apache Httpd < None: mod_ssl access control DoS", "type": "httpd", "cvss": {"score": 5.4, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2016-09-26T21:39:38", "bulletinFamily": "software", "cvelist": ["CVE-2005-3357"], "description": "\n\nA NULL pointer dereference flaw in mod_ssl was discovered affecting server\nconfigurations where an SSL virtual host is configured with access control\nand a custom 400 error document. A remote attacker could send a carefully\ncrafted request to trigger this issue which would lead to a crash. This\ncrash would only be a denial of service if using the worker MPM.\n\n", "edition": 1, "modified": "2006-05-01T00:00:00", "published": "2005-12-05T00:00:00", "id": "HTTPD:B93D1EFA6697D7A4CCEEDEDA4931C90F", "href": "https://httpd.apache.org/security_report.html", "type": "httpd", "title": "Apache Httpd < 2.0.58: mod_ssl access control DoS", "cvss": {"score": 5.4, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-26T21:39:38", "bulletinFamily": "software", "cvelist": ["CVE-2005-3357"], "description": "\n\nA NULL pointer dereference flaw in mod_ssl was discovered affecting server\nconfigurations where an SSL virtual host is configured with access control\nand a custom 400 error document. A remote attacker could send a carefully\ncrafted request to trigger this issue which would lead to a crash. This\ncrash would only be a denial of service if using the worker MPM.\n\n", "edition": 1, "modified": "2006-05-01T00:00:00", "published": "2005-12-05T00:00:00", "id": "HTTPD:213CE6E948FDBFEC685F7DEEF1C5BFE4", "href": "https://httpd.apache.org/security_report.html", "type": "httpd", "title": "Apache Httpd < 2.2.2: mod_ssl access control DoS", "cvss": {"score": 5.4, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "slackware": [{"lastseen": "2020-10-25T16:36:15", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3352"], "description": "New Apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1,\n10.2, and -current to fix security issues.\n\nMore details about the issues may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352\n\nIn addition, new mod_ssl packages for Apache 1.3.35 are available for\nall of these versions of Slackware, and new versions of PHP are\navailable for Slackware -current. These additional packages do not\nfix security issues, but may be required on your system depending on\nyour Apache setup.\n\nOne more note about this round of updates: the packages have been given\nbuild versions that indicate which version of Slackware they are meant\nto patch, such as -1_slack8.1, or -1_slack9.0, etc. This should help to\navoid some of the issues with automatic upgrade tools by providing a\nunique package name when the same fix is deployed across multiple\nSlackware versions. Only patches applied to -current will have the\nsimple build number, such as -1.\n\n\nHere are the details from the Slackware 10.2 ChangeLog:\n\npatches/packages/apache-1.3.35-i486-1_slack10.2.tgz:\n Upgraded to apache-1.3.35.\n From the official announcement:\n Of particular note is that 1.3.35 addresses and fixes 1 potential\n security issue: CVE-2005-3352 (cve.mitre.org)\n mod_imap: Escape untrusted referer header before outputting in HTML\n to avoid potential cross-site scripting. Change also made to\n ap_escape_html so we escape quotes. Reported by JPCERT\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352\n (* Security fix *)\npatches/packages/mod_ssl-2.8.26_1.3.35-i486-1_slack10.2.tgz:\n Upgraded to mod_ssl-2.8.26-1.3.35.\n This is an updated version designed for Apache 1.3.35.\n\nWhere to find the new packages:\n\nUpdated package for Slackware 8.1:\nftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/apache-1.3.35-i386-1_slack8.1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/mod_ssl-2.8.26_1.3.35-i386-1_slack8.1.tgz\n\nUpdated package for Slackware 9.0:\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/apache-1.3.35-i386-1_slack9.0.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/mod_ssl-2.8.26_1.3.35-i386-1_slack9.0.tgz\n\nUpdated package for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/apache-1.3.35-i486-1_slack9.1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/mod_ssl-2.8.26_1.3.35-i486-1_slack9.1.tgz\n\nUpdated package for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/apache-1.3.35-i486-1_slack10.0.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/mod_ssl-2.8.26_1.3.35-i486-1_slack10.0.tgz\n\nUpdated package for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/apache-1.3.35-i486-1_slack10.1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/mod_ssl-2.8.26_1.3.35-i486-1_slack10.1.tgz\n\nUpdated package for Slackware 10.2:\nftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/apache-1.3.35-i486-1_slack10.2.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/mod_ssl-2.8.26_1.3.35-i486-1_slack10.2.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/apache-1.3.35-i486-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/mod_ssl-2.8.26_1.3.35-i486-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-4.4.2-i486-4.tgz\n\n\nMD5 signatures:\n\nSlackware 8.1 packages:\n208bbe94a46f8d05e15f1ccdb38f9a91 apache-1.3.35-i386-1_slack8.1.tgz\n9172a6d347df033d024a7ba786c47bfe mod_ssl-2.8.26_1.3.35-i386-1_slack8.1.tgz\n\nSlackware 9.0 packages:\n0482ca192a7b94c254421c717634e628 apache-1.3.35-i386-1_slack9.0.tgz\n913763c2e12d6d2a101ce4a539f060f3 mod_ssl-2.8.26_1.3.35-i386-1_slack9.0.tgz\n\nSlackware 9.1 packages:\nd96044932ab33623425c328862a3750f apache-1.3.35-i486-1_slack9.1.tgz\nae58ab559c60a475330514dca689d735 mod_ssl-2.8.26_1.3.35-i486-1_slack9.1.tgz\n\nSlackware 10.0 packages:\n2beb7c88f4f28adbe61e13d79889a27e apache-1.3.35-i486-1_slack10.0.tgz\n403f1297bcc9cff0df3f9afcb16d69b6 mod_ssl-2.8.26_1.3.35-i486-1_slack10.0.tgz\n\nSlackware 10.1 packages:\n4a0b68ddf002a300e536e584c3eb2923 apache-1.3.35-i486-1_slack10.1.tgz\nf24d6776f221cc61f2b0b98cd1fc1ae9 mod_ssl-2.8.26_1.3.35-i486-1_slack10.1.tgz\n\nSlackware 10.2 packages:\nbbaed7e942e5f1c7380b3def44d54d74 apache-1.3.35-i486-1_slack10.2.tgz\ne70a300f5c4333ae1d31e8d852b89dc3 mod_ssl-2.8.26_1.3.35-i486-1_slack10.2.tgz\n\nSlackware -current packages:\nb662f564f048ace17eaafc7e50bed7b2 apache-1.3.35-i486-1.tgz\nc7d403fc891e210d1f1a71c559939cd5 mod_ssl-2.8.26_1.3.35-i486-1.tgz\nfb78ce30aece8d8718ed722be319dd2b php-4.4.2-i486-4.tgz\n\n\nInstallation instructions:\n\nFirst, stop apache:\n\n > apachectl stop\n\nThen, upgrade the apache package:\n\n > upgradepkg apache-1.3.35-i486-1_slack10.2.tgz\n\nIf you use mod_ssl, you'll also need to upgrade that package. The\nupgrade should save the important config files for mod_ssl,\nnevertheless it's a good idea to backup any keys/certificates you wish\nto save for mod_ssl (in /etc/apache/ssl.*), then upgrade mod_ssl:\n\n > upgradepkg mod_ssl-2.8.26_1.3.35-i486-1_slack10.2.tgz\n\nIf necessary, restore any mod_ssl config files.\n\nIf you are using PHP on Slackware -current, upgrade the PHP package.\n\nFinally, restart apache:\n\n > apachectl start\n\nOr, if you use mod_ssl:\n\n > apachectl startssl", "modified": "2006-05-09T22:19:21", "published": "2006-05-09T22:19:21", "id": "SSA-2006-129-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.685483", "type": "slackware", "title": "[slackware-security] Apache httpd", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "jvn": [{"lastseen": "2019-05-29T17:21:35", "bulletinFamily": "info", "cvelist": ["CVE-2005-3352"], "description": "\n ## Description\n\n ## Impact\n\nA remote attacker could execute a malicious script on the web browser of a user who accessed a web page where mod_imap or mod_imagemap is used. \n\n ## Solution\n\n ## Products Affected\n\n * For more information, refer to the vendor's website.\n", "edition": 4, "modified": "2008-05-21T00:00:00", "published": "2005-12-15T00:00:00", "id": "JVN:06045169", "href": "http://jvn.jp/en/jp/JVN06045169/index.html", "title": "JVN#06045169 mod_imap cross-site scripting vulnerability", "type": "jvn", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "freebsd": [{"lastseen": "2019-05-29T18:34:49", "bulletinFamily": "unix", "cvelist": ["CVE-2005-3352"], "description": "\nThe Apache HTTP Server Project reports:\n\nA flaw in mod_imap when using the Referer directive with\n\t image maps. In certain site configurations a remote\n\t attacker could perform a cross-site scripting attack if a\n\t victim can be forced to visit a malicious URL using\n\t certain web browsers.\n\n", "edition": 4, "modified": "2009-01-23T00:00:00", "published": "2005-11-01T00:00:00", "id": "9FFF8DC8-7AA7-11DA-BF72-00123F589060", "href": "https://vuxml.freebsd.org/freebsd/9fff8dc8-7aa7-11da-bf72-00123f589060.html", "title": "apache -- mod_imap cross-site scripting flaw", "type": "freebsd", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:15", "bulletinFamily": "software", "cvelist": ["CVE-2005-3352"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n________________________________________________________________________\r\n\r\nOpenPKG Security Advisory The OpenPKG Project\r\nhttp://www.openpkg.org/security.html http://www.openpkg.org\r\nopenpkg-security@openpkg.org openpkg@openpkg.org\r\nOpenPKG-SA-2005.029 14-Dec-2005\r\n________________________________________________________________________\r\n\r\nPackage: apache\r\nVulnerability: cross site scripting\r\nOpenPKG Specific: no\r\n\r\nAffected Releases: Affected Packages: Corrected Packages:\r\nOpenPKG CURRENT &lt;= apache-1.3.34-20051205 &gt;= apache-1.3.34-20051214\r\nOpenPKG 2.5 &lt;= apache-1.3.33-2.5.4 &gt;= apache-1.3.33-2.5.5\r\nOpenPKG 2.4 &lt;= apache-1.3.33-2.4.4 &gt;= apache-1.3.33-2.4.5\r\nOpenPKG 2.3 &lt;= apache-1.3.33-2.3.6 &gt;= apache-1.3.33-2.3.7\r\n\r\nDescription:\r\n According to vendor information [0], a Cross-Site Scripting &#40;XSS&#41;\r\n vulnerability exists in the Apache HTTP server [1]. The flaw exists in\r\n the &quot;mod_imap&quot; extension module and occurs when using the &quot;Referer&quot;\r\n directive with image maps. In certain configurations a remote attacker\r\n could perform an XSS attack if a victim can be forced to visit a\r\n malicious URL using certain web browsers. The Common Vulnerabilities\r\n and Exposures &#40;CVE&#41; project assigned the id CVE-2005-3352 [2] to the\r\n problem.\r\n________________________________________________________________________\r\n\r\nReferences:\r\n [0] http://issues.apache.org/bugzilla/show_bug.cgi?id=37874 \r\n [1] http://httpd.apache.org/\r\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352\r\n________________________________________________________________________\r\n\r\nFor security reasons, this advisory was digitally signed with the\r\nOpenPGP public key &quot;OpenPKG &lt;openpkg@openpkg.org&gt;&quot; &#40;ID 63C4CB9F&#41; of the\r\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\r\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org/\r\nfor details on how to verify the integrity of this advisory.\r\n________________________________________________________________________\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nComment: OpenPKG &lt;openpkg@openpkg.org&gt;\r\n\r\niD8DBQFDoH90gHWT4GPEy58RAhdVAJ0VS9ZdblzdeFoUppzby5/Rvb3LwgCghRcF\r\nGhKY6XK9mxxKkpwTUtSF+V4=\r\n=vbUz\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2005-12-16T00:00:00", "published": "2005-12-16T00:00:00", "id": "SECURITYVULNS:DOC:10660", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:10660", "title": "[OpenPKG-SA-2005.029] OpenPKG Security Advisory &#40;apache&#41;", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "seebug": [{"lastseen": "2017-11-19T22:28:37", "description": "BUGTRAQ ID: 16152\r\nCVE(CAN) ID: CVE-2005-3357\r\n\r\nMod_SSL\u662fApache\u670d\u52a1\u5668\u4e0a\u7684SSL\u5b9e\u73b0\uff0c\u7528\u6765\u4e3aApache Web\u670d\u52a1\u5668\u63d0\u4f9b\u52a0\u5bc6\u652f\u6301\u3002\r\n\r\n\u5728\u67d0\u4e9b\u914d\u7f6e\u60c5\u51b5\u4e0bApache\u7684Mod_SSL\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u5668\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u80fd\u5229\u7528\u6b64\u6f0f\u6d1e\u5bfc\u81f4Apache\u670d\u52a1\u5668\u7684\u62d2\u7edd\u670d\u52a1\u3002\r\n\r\n\u6b64\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u662f\u4e00\u4e2a\u53ef\u80fd\u7684\u7a7a\u6307\u9488\u5e9f\u5f03\u95ee\u9898\u5f15\u8d77\u7684\uff0c\u5f53Apache\u88ab\u914d\u7f6e\u6210\u652f\u6301\u5bf9\u4ee3\u7801400\u9519\u8bef\u53ef\u5b9a\u5236ErrorDocument\u65f6\u53ef\u89e6\u53d1\u6b64\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5bfc\u81f4Apache\u8fdb\u7a0b\u6216\u7ebf\u7a0b\u5d29\u6e83\uff0c\u6301\u7ee7\u6027\u7684\u653b\u51fb\u53ef\u4ee5\u4f7fApache\u5931\u53bb\u54cd\u5e94\u3002\r\n\n\nApache Group Apache 2.x\n \u4e34\u65f6\u89e3\u51b3\u65b9\u6cd5\uff1a\r\n\r\n\u5982\u679c\u60a8\u4e0d\u80fd\u7acb\u523b\u5b89\u88c5\u8865\u4e01\u6216\u8005\u5347\u7ea7\uff0cNSFOCUS\u5efa\u8bae\u60a8\u91c7\u53d6\u4ee5\u4e0b\u63aa\u65bd\u4ee5\u964d\u4f4e\u5a01\u80c1\uff1a\r\n\r\n* \u4e0d\u8981\u4e3aApache\u914d\u7f6e\u6210\u5bf9\u4ee3\u7801400\u9519\u8bef\u53ef\u5b9a\u5236ErrorDocument\u3002\r\n\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nRedHat\r\n------\r\nRedHat\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08RHSA-2006:0159-01\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nRHSA-2006:0159-01\uff1aModerate: httpd security update\r\n\u94fe\u63a5\uff1a<a href=http://lwn.net/Alerts/166549/?format=printable target=_blank>http://lwn.net/Alerts/166549/?format=printable</a>\r\n\r\n\u8865\u4e01\u4e0b\u8f7d\uff1a\r\n\r\nRed Hat Enterprise Linux AS version 3:\r\n\r\nSRPMS:\r\n<a href=ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/httpd... target=_blank>ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/httpd...</a>\r\n5fb40d08b35daf0b9dca84bae2d807ad httpd-2.0.46-56.ent.src.rpm\r\n\r\ni386:\r\n58472c7851877c10d75fc11acc987690 httpd-2.0.46-56.ent.i386.rpm\r\n7c5a357dc808d626e84f0b811d875087 httpd-devel-2.0.46-56.ent.i386.rpm\r\nfd69217826949e34854440914919115d mod_ssl-2.0.46-56.ent.i386.rpm\r\n\r\nia64:\r\n9ba4fcecc7a987e0095cab3f3097573e httpd-2.0.46-56.ent.ia64.rpm\r\neaaa9f395d525f97d864fa8fb7abf0b3 httpd-devel-2.0.46-56.ent.ia64.rpm\r\n5c1958e1b3abe828ccc70ef6aed3bb64 mod_ssl-2.0.46-56.ent.ia64.rpm\r\n\r\nppc:\r\n463c75e6ea66006c222c769c133bc4a0 httpd-2.0.46-56.ent.ppc.rpm\r\nfbfa43b0915f7593b0b53b060ccaa5f8 httpd-devel-2.0.46-56.ent.ppc.rpm\r\na9c64df8a73025eca98e931dd074b69a mod_ssl-2.0.46-56.ent.ppc.rpm\r\n\r\ns390:\r\nfe25eb28019d8d9a3a75b87eb60dbfe9 httpd-2.0.46-56.ent.s390.rpm\r\n21a7aab2c525ea1f61528823f440c1ab httpd-devel-2.0.46-56.ent.s390.rpm\r\n4bec0fb1ba74b43121cba95fcbc54430 mod_ssl-2.0.46-56.ent.s390.rpm\r\n\r\ns390x:\r\n1f0093a5d44fa75ad8d5dff12f6a8f81 httpd-2.0.46-56.ent.s390x.rpm\r\ne005b654914be004d22d456c3f7cd9f1 httpd-devel-2.0.46-56.ent.s390x.rpm\r\ned206f46043e55028a3a1ec63f516042 mod_ssl-2.0.46-56.ent.s390x.rpm\r\n\r\nx86_64:\r\n19e480d4aaf0e54cd1e8beb741081e1c httpd-2.0.46-56.ent.x86_64.rpm\r\n204c07d7e05a9d4b3292a5072d9c6f2a httpd-devel-2.0.46-56.ent.x86_64.rpm\r\n770cc4db896225d99e1df93a589a02b4 mod_ssl-2.0.46-56.ent.x86_64.rpm\r\n\r\nRed Hat Desktop version 3:\r\n\r\nSRPMS:\r\n<a href=ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/... target=_blank>ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/...</a>\r\n5fb40d08b35daf0b9dca84bae2d807ad httpd-2.0.46-56.ent.src.rpm\r\n\r\ni386:\r\n58472c7851877c10d75fc11acc987690 httpd-2.0.46-56.ent.i386.rpm\r\n7c5a357dc808d626e84f0b811d875087 httpd-devel-2.0.46-56.ent.i386.rpm\r\nfd69217826949e34854440914919115d mod_ssl-2.0.46-56.ent.i386.rpm\r\n\r\nx86_64:\r\n19e480d4aaf0e54cd1e8beb741081e1c httpd-2.0.46-56.ent.x86_64.rpm\r\n204c07d7e05a9d4b3292a5072d9c6f2a httpd-devel-2.0.46-56.ent.x86_64.rpm\r\n770cc4db896225d99e1df93a589a02b4 mod_ssl-2.0.46-56.ent.x86_64.rpm\r\n\r\nRed Hat Enterprise Linux ES version 3:\r\n\r\nSRPMS:\r\n<a href=ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/httpd... target=_blank>ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/httpd...</a>\r\n5fb40d08b35daf0b9dca84bae2d807ad httpd-2.0.46-56.ent.src.rpm\r\n\r\ni386:\r\n58472c7851877c10d75fc11acc987690 httpd-2.0.46-56.ent.i386.rpm\r\n7c5a357dc808d626e84f0b811d875087 httpd-devel-2.0.46-56.ent.i386.rpm\r\nfd69217826949e34854440914919115d mod_ssl-2.0.46-56.ent.i386.rpm\r\n\r\nia64:\r\n9ba4fcecc7a987e0095cab3f3097573e httpd-2.0.46-56.ent.ia64.rpm\r\neaaa9f395d525f97d864fa8fb7abf0b3 httpd-devel-2.0.46-56.ent.ia64.rpm\r\n5c1958e1b3abe828ccc70ef6aed3bb64 mod_ssl-2.0.46-56.ent.ia64.rpm\r\n\r\nx86_64:\r\n19e480d4aaf0e54cd1e8beb741081e1c httpd-2.0.46-56.ent.x86_64.rpm\r\n204c07d7e05a9d4b3292a5072d9c6f2a httpd-devel-2.0.46-56.ent.x86_64.rpm\r\n770cc4db896225d99e1df93a589a02b4 mod_ssl-2.0.46-56.ent.x86_64.rpm\r\n\r\nRed Hat Enterprise Linux WS version 3:\r\n\r\nSRPMS:\r\n<a href=ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/httpd... target=_blank>ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/httpd...</a>\r\n5fb40d08b35daf0b9dca84bae2d807ad httpd-2.0.46-56.ent.src.rpm\r\n\r\ni386:\r\n58472c7851877c10d75fc11acc987690 httpd-2.0.46-56.ent.i386.rpm\r\n7c5a357dc808d626e84f0b811d875087 httpd-devel-2.0.46-56.ent.i386.rpm\r\nfd69217826949e34854440914919115d mod_ssl-2.0.46-56.ent.i386.rpm\r\n\r\nia64:\r\n9ba4fcecc7a987e0095cab3f3097573e httpd-2.0.46-56.ent.ia64.rpm\r\neaaa9f395d525f97d864fa8fb7abf0b3 httpd-devel-2.0.46-56.ent.ia64.rpm\r\n5c1958e1b3abe828ccc70ef6aed3bb64 mod_ssl-2.0.46-56.ent.ia64.rpm\r\n\r\nx86_64:\r\n19e480d4aaf0e54cd1e8beb741081e1c httpd-2.0.46-56.ent.x86_64.rpm\r\n204c07d7e05a9d4b3292a5072d9c6f2a httpd-devel-2.0.46-56.ent.x86_64.rpm\r\n770cc4db896225d99e1df93a589a02b4 mod_ssl-2.0.46-56.ent.x86_64.rpm\r\n\r\nRed Hat Enterprise Linux AS version 4:\r\n\r\nSRPMS:\r\n<a href=ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/httpd... target=_blank>ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/httpd...</a>\r\n1758c0d1f6326b2f8d77885a351872a1 httpd-2.0.52-22.ent.src.rpm\r\n\r\ni386:\r\n64b2b544496645ed16ce4e7415b358b0 httpd-2.0.52-22.ent.i386.rpm\r\n7191377bec8fdd54c327830b05f74e7e httpd-devel-2.0.52-22.ent.i386.rpm\r\n5b69c82ad64cee1b4c46e9f814e88286 httpd-manual-2.0.52-22.ent.i386.rpm\r\n4cde89fc87b21feff51d54098fe4ed83 httpd-suexec-2.0.52-22.ent.i386.rpm\r\n97f4a87d758c4b84def3abf53e6293cc mod_ssl-2.0.52-22.ent.i386.rpm\r\n\r\nia64:\r\nc7522babbf9b3a24f8c3bfaff8e2e10f httpd-2.0.52-22.ent.ia64.rpm\r\n10a317c00ae0e59b4f3071870f6d939a httpd-devel-2.0.52-22.ent.ia64.rpm\r\nadaf0ba8b49ee0ceb3469e1b5f67c339 httpd-manual-2.0.52-22.ent.ia64.rpm\r\n38dec291e729a7e69bdc9ba25cfca5be httpd-suexec-2.0.52-22.ent.ia64.rpm\r\nfa92eddcfe59311085ed2c0c7675380b mod_ssl-2.0.52-22.ent.ia64.rpm\r\n\r\nppc:\r\n1fef1c2e4c3e8796c8d29f1a8b4288f2 httpd-2.0.52-22.ent.ppc.rpm\r\n756f217a147ae442b5b60612c42a6e80 httpd-devel-2.0.52-22.ent.ppc.rpm\r\nd8f0dd7e832cad4efa48333ed1d649af httpd-manual-2.0.52-22.ent.ppc.rpm\r\n3a466a4bceadf2fcc1994206481062a6 httpd-suexec-2.0.52-22.ent.ppc.rpm\r\na293bf05ecae2c4b192d5ec3dfcbb98d mod_ssl-2.0.52-22.ent.ppc.rpm\r\n\r\ns390:\r\nc9aee197a528745c6c8590f7605b1643 httpd-2.0.52-22.ent.s390.rpm\r\n9f8f303a60b8b52a5a1c4be911df9212 httpd-devel-2.0.52-22.ent.s390.rpm\r\nf3107dc3d74f773f21854fc94e2eca2d httpd-manual-2.0.52-22.ent.s390.rpm\r\n4f3d8737a2656298e7b2b867b0f35d2a httpd-suexec-2.0.52-22.ent.s390.rpm\r\ne78eb4e3946b778fcd3a8fd650c1cc02 mod_ssl-2.0.52-22.ent.s390.rpm\r\n\r\ns390x:\r\nc175a4c5c89597afd57932e6e08f5755 httpd-2.0.52-22.ent.s390x.rpm\r\nf894f7f71f4ab719d09812bb794f37df httpd-devel-2.0.52-22.ent.s390x.rpm\r\nda94d5e68605db9f5c4c801e853e60ad httpd-manual-2.0.52-22.ent.s390x.rpm\r\n350bbc702110c42e1cf95787168d63b1 httpd-suexec-2.0.52-22.ent.s390x.rpm\r\n321b95391c4d73b76fb632db96fec976 mod_ssl-2.0.52-22.ent.s390x.rpm\r\n\r\nx86_64:\r\ne0c7651c64d7ba3c4c1e6e5b0296295c httpd-2.0.52-22.ent.x86_64.rpm\r\n95f9a419ba8d943c5a99fc750fc82176 httpd-devel-2.0.52-22.ent.x86_64.rpm\r\nf72c3a86cae6f4a2716e27d1e315797c httpd-manual-2.0.52-22.ent.x86_64.rpm\r\ndbbd0863f64a60bba95c0bd2164e4d17 httpd-suexec-2.0.52-22.ent.x86_64.rpm\r\n8ee3ac6dff631ffc1d2b645582b35cfb mod_ssl-2.0.52-22.ent.x86_64.rpm\r\n\r\nRed Hat Enterprise Linux Desktop version 4:\r\n\r\nSRPMS:\r\n<a href=ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/... target=_blank>ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/...</a>\r\n1758c0d1f6326b2f8d77885a351872a1 httpd-2.0.52-22.ent.src.rpm\r\n\r\ni386:\r\n64b2b544496645ed16ce4e7415b358b0 httpd-2.0.52-22.ent.i386.rpm\r\n7191377bec8fdd54c327830b05f74e7e httpd-devel-2.0.52-22.ent.i386.rpm\r\n5b69c82ad64cee1b4c46e9f814e88286 httpd-manual-2.0.52-22.ent.i386.rpm\r\n4cde89fc87b21feff51d54098fe4ed83 httpd-suexec-2.0.52-22.ent.i386.rpm\r\n97f4a87d758c4b84def3abf53e6293cc mod_ssl-2.0.52-22.ent.i386.rpm\r\n\r\nx86_64:\r\ne0c7651c64d7ba3c4c1e6e5b0296295c httpd-2.0.52-22.ent.x86_64.rpm\r\n95f9a419ba8d943c5a99fc750fc82176 httpd-devel-2.0.52-22.ent.x86_64.rpm\r\nf72c3a86cae6f4a2716e27d1e315797c httpd-manual-2.0.52-22.ent.x86_64.rpm\r\ndbbd0863f64a60bba95c0bd2164e4d17 httpd-suexec-2.0.52-22.ent.x86_64.rpm\r\n8ee3ac6dff631ffc1d2b645582b35cfb mod_ssl-2.0.52-22.\r\n\u53ef\u4f7f\u7528\u4e0b\u5217\u547d\u4ee4\u5b89\u88c5\u8865\u4e01\uff1a\r\n\r\nrpm -Fvh [\u6587\u4ef6\u540d]", "published": "2006-08-17T00:00:00", "title": "Apache Mod_SSL\u53ef\u5b9a\u5236\u9519\u8bef\u6587\u6863\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2005-3357"], "modified": "2006-08-17T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-4227", "id": "SSV:4227", "sourceData": "", "cvss": {"score": 5.4, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "sourceHref": ""}], "suse": [{"lastseen": "2016-09-04T11:56:37", "bulletinFamily": "unix", "cvelist": ["CVE-2006-3747", "CVE-2005-3352"], "description": "The following security problem was fixed in the Apache and Apache 2 web servers:\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2006-07-28T14:21:14", "published": "2006-07-28T14:21:14", "id": "SUSE-SA:2006:043", "href": "http://lists.opensuse.org/opensuse-security-announce/2006-07/msg00019.html", "title": "remote denial of service in apache,apache2", "type": "suse", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:36:33", "bulletinFamily": "unix", "cvelist": ["CVE-2005-2700", "CVE-2006-3918", "CVE-2005-3357"], "description": "The web server Apache2 has been updated to fix several security issues:\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2006-09-08T14:34:17", "published": "2006-09-08T14:34:17", "id": "SUSE-SA:2006:051", "href": "http://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html", "type": "suse", "title": "cryptographic problems in apache2", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2020-11-11T13:22:12", "bulletinFamily": "unix", "cvelist": ["CVE-2006-3918", "CVE-2005-3352"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1167-1 security@debian.org\nhttp://www.debian.org/security/ Steve Kemp\nSeptember 4th, 2005 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : apache\nVulnerability : missing input sanitising \nProblem-Type : remote\nDebian-specific: no \nCVE ID : CVE-2006-3918 CVE-2005-3352\nDebian Bug : 381381 343466\n\nSeveral remote vulnerabilities have been discovered in the Apache, the\nworlds most popular webserver, which may lead to the execution of arbitrary\nweb script. The Common Vulnerabilities and Exposures project identifies\nthe following problems:\n\nCVE-2005-3352\n\n A cross-site scripting (XSS) flaw exists in the mod_imap component of\n the Apache server.\n\nCVE-2006-3918\n\n Apache does not sanitize the Expect header from an HTTP request when \n it is reflected back in an error message, which might allow cross-site \n scripting (XSS) style attacks.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 1.3.33-6sarge3.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1.3.34-3.\n\nWe recommend that you upgrade your apache package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3.dsc\n Size/MD5 checksum: 1119 38df6fe54a784dfcbf3e1510e099865e\n http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3.diff.gz\n Size/MD5 checksum: 373584 2af62cfb3d6523134bf52d32567d396a\n http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33.orig.tar.gz\n Size/MD5 checksum: 3105683 1a34f13302878a8713a2ac760d9b6da8\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/a/apache/apache-dev_1.3.33-6sarge3_all.deb\n Size/MD5 checksum: 334696 494bae0fb839c498146119864a215a45\n http://security.debian.org/pool/updates/main/a/apache/apache-doc_1.3.33-6sarge3_all.deb\n Size/MD5 checksum: 1333060 d580b14b6d0dcd625d2e5d8cd052e172\n http://security.debian.org/pool/updates/main/a/apache/apache-utils_1.3.33-6sarge3_all.deb\n Size/MD5 checksum: 212750 62b603132ddffa8f1d209e25efaf710b\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_alpha.deb\n Size/MD5 checksum: 428394 f046f50e83b2001911b075426a00496e\n http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_alpha.deb\n Size/MD5 checksum: 904410 11ab4e174f28b2ad55a4b8fe9164ec70\n http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_alpha.deb\n Size/MD5 checksum: 9223374 18af7b52030a8235808f758c9adc2233\n http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_alpha.deb\n Size/MD5 checksum: 569796 3df0cdde9f4293b732b00535e288638d\n http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_alpha.deb\n Size/MD5 checksum: 542832 a76d1fe52c6c7b604a4406b09b553dfb\n http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_alpha.deb\n Size/MD5 checksum: 505212 cd448b4a36c588e832fb3450ee568383\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_amd64.deb\n Size/MD5 checksum: 401596 25172b26459154f43f6d6a30ca984223\n http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_amd64.deb\n Size/MD5 checksum: 876800 90566c369fb5bd3aef95cb1a982c4673\n http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_amd64.deb\n Size/MD5 checksum: 9163050 0039650aceb91734f4d28d71ed03b0b7\n http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_amd64.deb\n Size/MD5 checksum: 524552 974a82bc6cad36fceca1beb7e6e8a751\n http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_amd64.deb\n Size/MD5 checksum: 513922 cee41d6c34a440aa2641c6298afaec78\n http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_amd64.deb\n Size/MD5 checksum: 492634 a42522ddd4b1b0df67c214fe8fe30702\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_arm.deb\n Size/MD5 checksum: 384426 562d9db8c2d0c08e8ef3a5ac3c066991\n http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_arm.deb\n Size/MD5 checksum: 841502 b59f5bd9cd60afad9511e8d32234b605\n http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_arm.deb\n Size/MD5 checksum: 8986156 f297c94b1571043f0758a114f4cffacb\n http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_arm.deb\n Size/MD5 checksum: 496134 3b1126c47884892ab32dabd4ee7fa724\n http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_arm.deb\n Size/MD5 checksum: 489830 06f770b97e273e91684b90b98cb9416c\n http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_arm.deb\n Size/MD5 checksum: 479416 e1de8c552383fab6a73a2a2a33033392\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_hppa.deb\n Size/MD5 checksum: 406792 500ae39ef6507daec78c6cb98fc5fa6b\n http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_hppa.deb\n Size/MD5 checksum: 905596 ba4e1b726c573a28cabe4f192ec47a7e\n http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_hppa.deb\n Size/MD5 checksum: 9100666 3afce64bfeb0d49d87acbebfad937aa2\n http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_hppa.deb\n Size/MD5 checksum: 536310 0ed71b8af8923bbe73743f87a5b0d15d\n http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_hppa.deb\n Size/MD5 checksum: 518938 f60b6a4fe07eddc4ae9ad2907e9a10de\n http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_hppa.deb\n Size/MD5 checksum: 508866 e7166be9bedc95e600b8e6f99c6a0773\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_i386.deb\n Size/MD5 checksum: 386824 316be5f99dbce3d7a99b423bf6aad4f0\n http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_i386.deb\n Size/MD5 checksum: 860258 a5739eae75197bcdfefb3f88357046fa\n http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_i386.deb\n Size/MD5 checksum: 9125070 44dac7aa9af92c2d35805600d9942f56\n http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_i386.deb\n Size/MD5 checksum: 505036 d3507dbad7cc29b5d5f48838d37788f2\n http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_i386.deb\n Size/MD5 checksum: 493906 6cddd1409210e44d146e562437fe9b0e\n http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_i386.deb\n Size/MD5 checksum: 486920 7a4ebd8d698d8b27d86cde501b2e37ea\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_ia64.deb\n Size/MD5 checksum: 463582 d6727fb64033b7e9e5fec02c99ddccb4\n http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_ia64.deb\n Size/MD5 checksum: 972070 993bc5598b3f8d3b323d7142f0af068a\n http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_ia64.deb\n Size/MD5 checksum: 9356472 4f04357801f9adf640b923ba55141d06\n http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_ia64.deb\n Size/MD5 checksum: 627670 67723ecb16c6354f9917cfb2994688ce\n http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_ia64.deb\n Size/MD5 checksum: 586218 9d531536098a6132db6e5e55c8c61f7d\n http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_ia64.deb\n Size/MD5 checksum: 532970 2b4d80404ec866768b13eea9cccba0c8\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_m68k.deb\n Size/MD5 checksum: 371224 11e27383df4c492e780b602b5a691177\n http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_m68k.deb\n Size/MD5 checksum: 847290 bda6118d92b6f4266a68e5c769915d77\n http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_m68k.deb\n Size/MD5 checksum: 8973936 d5f3af955891e755a6f82ad2ddc4251f\n http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_m68k.deb\n Size/MD5 checksum: 448792 7cc02085c7a8854f7f99bf0486db8ef1\n http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_m68k.deb\n Size/MD5 checksum: 477488 9f1961a7b2298f33ca700f65b598a575\n http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_m68k.deb\n Size/MD5 checksum: 489430 2db034e4701a55c718919dad83f2c570\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_mips.deb\n Size/MD5 checksum: 403474 c2078bea81d4674b94cc6928c818d91f\n http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_mips.deb\n Size/MD5 checksum: 851594 7adcef101424558b208e458a7f26e5bb\n http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_mips.deb\n Size/MD5 checksum: 9049020 ad184b1edc27be6777add8a2dcee59bb\n http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_mips.deb\n Size/MD5 checksum: 485348 b067dad315f0eb43e35ef310ffcd8f11\n http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_mips.deb\n Size/MD5 checksum: 510036 11237943a107b9e5aab03b164946f192\n http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_mips.deb\n Size/MD5 checksum: 443674 cb61d4a7fb04bdfb149e91e6f162e3a5\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_mipsel.deb\n Size/MD5 checksum: 403812 544f672fc2fcc2386f0dfc52270370c2\n http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_mipsel.deb\n Size/MD5 checksum: 850096 1c86bed17e26ab9a0d7fabde05f54496\n http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_mipsel.deb\n Size/MD5 checksum: 9054440 6dfa3da28646f6ef2cda58e6583bd42a\n http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_mipsel.deb\n Size/MD5 checksum: 485576 1e22bdda682380f75e383ef6daa9810d\n http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_mipsel.deb\n Size/MD5 checksum: 510906 e8cc83ab983be776b2b8d5efa966cc93\n http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_mipsel.deb\n Size/MD5 checksum: 443550 df9c83e96b60d05415de5e7437c85c4d\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_powerpc.deb\n Size/MD5 checksum: 398792 fde3379aa1722e4928b0dcebacde8cd3\n http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_powerpc.deb\n Size/MD5 checksum: 921430 1752e1761d599f75bec0a5440a0c5000\n http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_powerpc.deb\n Size/MD5 checksum: 9252778 6598265b624c8081d067b51a4a2bd7b2\n http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_powerpc.deb\n Size/MD5 checksum: 515538 bed60fc9b7535fb76df1dc47b3b75d31\n http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_powerpc.deb\n Size/MD5 checksum: 510564 c6d6fa3c927fba3205d4d8cd7255f946\n http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_powerpc.deb\n Size/MD5 checksum: 490806 bd21c1a2c18c159f9be20147bd56a033\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_s390.deb\n Size/MD5 checksum: 403296 cdb74b97915f5bba992d43aa5072bf69\n http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_s390.deb\n Size/MD5 checksum: 868460 0af306030af56192e6a4a0ddbc857fbd\n http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_s390.deb\n Size/MD5 checksum: 9183208 92aa1ac6e882540971f228ccb7b8581e\n http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_s390.deb\n Size/MD5 checksum: 490244 d70328a7357a3f0d0f4750ac44f14b7a\n http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_s390.deb\n Size/MD5 checksum: 514702 ceb61f369cccf94aa44aa43675eaf715\n http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_s390.deb\n Size/MD5 checksum: 460598 505caef969194a36e151a2ad11436c09\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_sparc.deb\n Size/MD5 checksum: 385712 1b7269518bb8477b617e80e4441e346c\n http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_sparc.deb\n Size/MD5 checksum: 849494 119987a73dc8781ba2f11db3b38fa32d\n http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_sparc.deb\n Size/MD5 checksum: 9046496 53bb97f85c73563d247165532dac13c5\n http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_sparc.deb\n Size/MD5 checksum: 504378 ca133fd06dd62da415ef8382453cf657\n http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_sparc.deb\n Size/MD5 checksum: 492194 b97d2a3cd2d95a8b77dc9ab54f52bd13\n http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_sparc.deb\n Size/MD5 checksum: 490386 1dca7784debdba341f27d1b388bb0eb2\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n", "edition": 3, "modified": "2006-09-04T00:00:00", "published": "2006-09-04T00:00:00", "id": "DEBIAN:DSA-1167-1:158F8", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00257.html", "title": "[SECURITY] [DSA 1167-1] New apache packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}]}