Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2007-0533.NASL
HistoryJun 29, 2007 - 12:00 a.m.

RHEL 3 : httpd (RHSA-2007:0533)

2007-06-2900:00:00
This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
JSON

Updated Apache httpd packages that correct two security issues and two bugs are now available for Red Hat Enterprise Linux 3.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

The Apache HTTP Server is a popular Web server.

A flaw was found in the Apache HTTP Server mod_status module. On sites where the server-status page is publicly accessible and ExtendedStatus is enabled this could lead to a cross-site scripting attack. On Red Hat Enterprise Linux the server-status page is not enabled by default and it is best practice to not make this publicly available.
(CVE-2006-5752)

A flaw was found in the Apache HTTP Server mod_cache module. On sites where caching is enabled, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module. (CVE-2007-1863)

In addition, two bugs were fixed :

  • when the ProxyErrorOverride directive was enabled, responses with 3xx status-codes would be overriden at the proxy. This has been changed so that only 4xx and 5xx responses are overriden.

  • the ‘ProxyTimeout’ directive was not inherited across virtual host definitions.

Users of httpd should upgrade to these updated packages, which contain backported patches to correct these issues. Users should restart Apache after installing this update.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2007:0533. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(25622);
  script_version("1.26");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2006-5752", "CVE-2007-1863");
  script_bugtraq_id(24645, 24649);
  script_xref(name:"RHSA", value:"2007:0533");

  script_name(english:"RHEL 3 : httpd (RHSA-2007:0533)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated Apache httpd packages that correct two security issues and two
bugs are now available for Red Hat Enterprise Linux 3.

This update has been rated as having moderate security impact by the
Red Hat Security Response Team.

The Apache HTTP Server is a popular Web server.

A flaw was found in the Apache HTTP Server mod_status module. On sites
where the server-status page is publicly accessible and ExtendedStatus
is enabled this could lead to a cross-site scripting attack. On Red
Hat Enterprise Linux the server-status page is not enabled by default
and it is best practice to not make this publicly available.
(CVE-2006-5752)

A flaw was found in the Apache HTTP Server mod_cache module. On sites
where caching is enabled, a remote attacker could send a carefully
crafted request that would cause the Apache child process handling
that request to crash. This could lead to a denial of service if using
a threaded Multi-Processing Module. (CVE-2007-1863)

In addition, two bugs were fixed :

* when the ProxyErrorOverride directive was enabled, responses with
3xx status-codes would be overriden at the proxy. This has been
changed so that only 4xx and 5xx responses are overriden.

* the 'ProxyTimeout' directive was not inherited across virtual host
definitions.

Users of httpd should upgrade to these updated packages, which contain
backported patches to correct these issues. Users should restart
Apache after installing this update."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2006-5752"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2007-1863"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2007:0533"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected httpd, httpd-devel and / or mod_ssl packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:httpd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:httpd-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_ssl");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");

  script_set_attribute(attribute:"vuln_publication_date", value:"2007/06/27");
  script_set_attribute(attribute:"patch_publication_date", value:"2007/06/27");
  script_set_attribute(attribute:"plugin_publication_date", value:"2007/06/29");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^3([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 3.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2007:0533";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL3", reference:"httpd-2.0.46-67.ent")) flag++;
  if (rpm_check(release:"RHEL3", reference:"httpd-devel-2.0.46-67.ent")) flag++;
  if (rpm_check(release:"RHEL3", reference:"mod_ssl-2.0.46-67.ent")) flag++;

  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "httpd / httpd-devel / mod_ssl");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxhttpdp-cpe:/a:redhat:enterprise_linux:httpd
redhatenterprise_linuxhttpd-develp-cpe:/a:redhat:enterprise_linux:httpd-devel
redhatenterprise_linuxmod_sslp-cpe:/a:redhat:enterprise_linux:mod_ssl
redhatenterprise_linux3cpe:/o:redhat:enterprise_linux:3

Related

nessus 29
oraclelinux 5
centos 4
redhat 7
openvas 55
altlinux 9
ubuntu 1
securityvulns 3
fedora 5
cvelist 2
veracode 2
debiancve 2
ubuntucve 2
cve 2
httpd 5
freebsd 1
suse 1
checkpoint_advisories 1
prion 1
gentoo 1
vmware 2
oracle 1
nessus
nessus
Scientific Linux Security Update : httpd on SL3.x i386/x86_64
2012-08-01 00:00:00
CentOS 3 : httpd (CESA-2007:0533)
2007-06-29 00:00:00
CentOS 4 : httpd (CESA-2007:0534)
2007-06-27 00:00:00
oraclelinux
oraclelinux
Moderate: httpd security update
2007-06-26 00:00:00
Moderate: httpd security update
2007-06-27 00:00:00
Moderate: httpd security update
2007-06-26 00:00:00
centos
centos
httpd, mod_ssl security update
2007-06-27 15:34:54
httpd, mod_ssl security update
2007-06-27 00:14:54
httpd, mod_ssl security update
2007-06-27 11:06:14
redhat
redhat
(RHSA-2007:0533) Moderate: httpd security update
2007-06-27 00:00:00
(RHSA-2007:0534) Moderate: httpd security update
2007-06-26 00:00:00
(RHSA-2007:0557) Moderate: httpd security update
2007-07-13 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-499-1)
2009-03-23 00:00:00
Ubuntu Update for apache2 vulnerabilities USN-499-1
2009-03-23 00:00:00
Mandriva Update for apache MDKSA-2007:140 (apache)
2009-04-09 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package apache2 version 2.2.4-alt30
2007-07-04 00:00:00
Security fix for the ALT Linux 9 package apache2 version 2.2.4-alt31
2007-07-05 00:00:00
Security fix for the ALT Linux 10 package apache2 version 2.2.4-alt31
2007-07-05 00:00:00
ubuntu
ubuntu
Apache vulnerabilities
2007-08-17 00:00:00
securityvulns
securityvulns
[Full-disclosure] rPSA-2007-0182-1 httpd mod_ssl
2007-09-14 00:00:00
About the security content of Security Update 2008-003 / Mac OS X 10.5.3
2008-05-30 00:00:00
Oracle / Sun / MySQL / PeopleSoft applications multiple security vulnerabilities
2013-08-12 00:00:00
fedora
fedora
[SECURITY] Fedora Core 5 Update: httpd-2.2.2-1.3
2007-07-02 15:01:38
[SECURITY] Fedora Core 6 Update: httpd-2.2.4-2.1.fc6
2007-07-12 22:53:51
[SECURITY] Fedora 7 Update: httpd-2.2.4-4.1.fc7
2007-06-27 03:52:42
cvelist
cvelist
CVE-2006-5752
2007-06-27 17:00:00
CVE-2007-1863
2007-06-27 17:00:00
veracode
veracode
Cross-site Scripting (XSS)
2020-04-10 00:16:40
Denial Of Service (DoS)
2020-04-10 00:16:40
debiancve
debiancve
CVE-2006-5752
2007-06-27 17:30:00
CVE-2007-1863
2007-06-27 17:30:00
ubuntucve
ubuntucve
CVE-2006-5752
2007-06-27 00:00:00
CVE-2007-1863
2007-06-27 00:00:00
cve
cve
CVE-2006-5752
2007-06-27 17:30:00
CVE-2007-1863
2007-06-27 17:30:00
httpd
httpd
Apache Httpd < 2.0.61 : mod_status cross-site scripting
2006-10-19 00:00:00
Apache Httpd < 1.3.39 : mod_status cross-site scripting
2006-10-19 00:00:00
Apache Httpd < 2.2.6 : mod_status cross-site scripting
2006-10-19 00:00:00
freebsd
freebsd
apache -- multiple vulnerabilities
2007-09-07 00:00:00
suse
suse
remote denial of service in apache2
2007-11-19 15:20:20
checkpoint_advisories
checkpoint_advisories
Apache HTTP Server mod_cache Module Denial of Service (CVE-2007-1863)
2008-01-24 00:00:00
prion
prion
Design/Logic Flaw
2007-06-27 17:30:00
gentoo
gentoo
Apache: Multiple vulnerabilities
2007-11-07 00:00:00
vmware
vmware
VMware Hosted products update libpng and Apache HTTP Server
2009-08-20 00:00:00
VMware Hosted products update libpng and Apache HTTP Server
2009-08-20 00:00:00
oracle
oracle
Oracle Critical Patch Update - July 2013
2013-07-16 00:00:00
JSON
Related for REDHAT-RHSA-2007-0533.NASL
nessus29oraclelinux5centos4redhat7openvas55altlinux9ubuntu1securityvulns3fedora5cvelist2veracode2debiancve2ubuntucve2cve2httpd5freebsd1suse1checkpoint_advisories1prion1gentoo1vmware2oracle1