Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2008-0967.NASL
HistoryNov 12, 2008 - 12:00 a.m.

RHEL 3 / 4 / 5 : httpd (RHSA-2008:0967)

2008-11-1200:00:00
This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17
JSON

Updated httpd packages that resolve several security issues and fix a bug are now available for Red Hat Enterprise Linux 3, 4 and 5.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

The Apache HTTP Server is a popular Web server.

A flaw was found in the mod_proxy Apache module. An attacker in control of a Web server to which requests were being proxied could have caused a limited denial of service due to CPU consumption and stack exhaustion. (CVE-2008-2364)

A flaw was found in the mod_proxy_ftp Apache module. If Apache was configured to support FTP-over-HTTP proxying, a remote attacker could have performed a cross-site scripting attack. (CVE-2008-2939)

In addition, these updated packages fix a bug found in the handling of the โ€˜ProxyRemoteMatchโ€™ directive in the Red Hat Enterprise Linux 4 httpd packages. This bug is not present in the Red Hat Enterprise Linux 3 or Red Hat Enterprise Linux 5 packages.

Users of httpd should upgrade to these updated packages, which contain backported patches to correct these issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2008:0967. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(34751);
  script_version("1.27");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2008-2364", "CVE-2008-2939");
  script_bugtraq_id(29653, 30560);
  script_xref(name:"RHSA", value:"2008:0967");

  script_name(english:"RHEL 3 / 4 / 5 : httpd (RHSA-2008:0967)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated httpd packages that resolve several security issues and fix a
bug are now available for Red Hat Enterprise Linux 3, 4 and 5.

This update has been rated as having moderate security impact by the
Red Hat Security Response Team.

The Apache HTTP Server is a popular Web server.

A flaw was found in the mod_proxy Apache module. An attacker in
control of a Web server to which requests were being proxied could
have caused a limited denial of service due to CPU consumption and
stack exhaustion. (CVE-2008-2364)

A flaw was found in the mod_proxy_ftp Apache module. If Apache was
configured to support FTP-over-HTTP proxying, a remote attacker could
have performed a cross-site scripting attack. (CVE-2008-2939)

In addition, these updated packages fix a bug found in the handling of
the 'ProxyRemoteMatch' directive in the Red Hat Enterprise Linux 4
httpd packages. This bug is not present in the Red Hat Enterprise
Linux 3 or Red Hat Enterprise Linux 5 packages.

Users of httpd should upgrade to these updated packages, which contain
backported patches to correct these issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2008-2364"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2008-2939"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2008:0967"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(79, 399);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:httpd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:httpd-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:httpd-manual");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:httpd-suexec");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_ssl");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4.7");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5.2");

  script_set_attribute(attribute:"vuln_publication_date", value:"2008/06/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2008/11/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2008/11/12");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^(3|4|5)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 3.x / 4.x / 5.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2008:0967";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL3", reference:"httpd-2.0.46-71.ent")) flag++;

  if (rpm_check(release:"RHEL3", reference:"httpd-devel-2.0.46-71.ent")) flag++;

  if (rpm_check(release:"RHEL3", reference:"mod_ssl-2.0.46-71.ent")) flag++;


  if (rpm_check(release:"RHEL4", reference:"httpd-2.0.52-41.ent.2")) flag++;

  if (rpm_check(release:"RHEL4", reference:"httpd-devel-2.0.52-41.ent.2")) flag++;

  if (rpm_check(release:"RHEL4", reference:"httpd-manual-2.0.52-41.ent.2")) flag++;

  if (rpm_check(release:"RHEL4", reference:"httpd-suexec-2.0.52-41.ent.2")) flag++;

  if (rpm_check(release:"RHEL4", reference:"mod_ssl-2.0.52-41.ent.2")) flag++;


  if (rpm_check(release:"RHEL5", cpu:"i386", reference:"httpd-2.2.3-11.el5_2.4")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"httpd-2.2.3-11.el5_2.4")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"httpd-2.2.3-11.el5_2.4")) flag++;

  if (rpm_check(release:"RHEL5", reference:"httpd-devel-2.2.3-11.el5_2.4")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"i386", reference:"httpd-manual-2.2.3-11.el5_2.4")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"httpd-manual-2.2.3-11.el5_2.4")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"httpd-manual-2.2.3-11.el5_2.4")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"i386", reference:"mod_ssl-2.2.3-11.el5_2.4")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"mod_ssl-2.2.3-11.el5_2.4")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"mod_ssl-2.2.3-11.el5_2.4")) flag++;


  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "httpd / httpd-devel / httpd-manual / httpd-suexec / mod_ssl");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxhttpdp-cpe:/a:redhat:enterprise_linux:httpd
redhatenterprise_linuxhttpd-develp-cpe:/a:redhat:enterprise_linux:httpd-devel
redhatenterprise_linuxhttpd-manualp-cpe:/a:redhat:enterprise_linux:httpd-manual
redhatenterprise_linuxhttpd-suexecp-cpe:/a:redhat:enterprise_linux:httpd-suexec
redhatenterprise_linuxmod_sslp-cpe:/a:redhat:enterprise_linux:mod_ssl
redhatenterprise_linux3cpe:/o:redhat:enterprise_linux:3
redhatenterprise_linux4cpe:/o:redhat:enterprise_linux:4
redhatenterprise_linux4.7cpe:/o:redhat:enterprise_linux:4.7
redhatenterprise_linux5cpe:/o:redhat:enterprise_linux:5
redhatenterprise_linux5.2cpe:/o:redhat:enterprise_linux:5.2

Related

openvas 55
nessus 29
oraclelinux 1
centos 1
redhat 2
checkpoint_advisories 4
freebsd 2
cve 2
debiancve 2
prion 2
veracode 2
seebug 3
httpd 4
ubuntucve 2
cert 1
securityvulns 7
fedora 2
ubuntu 1
altlinux 6
packetstorm 1
gentoo 1
kaspersky 1
oracle 1
openvas
openvas
CentOS Update for httpd CESA-2008:0967 centos3 x86_64
2009-02-27 00:00:00
CentOS Update for httpd CESA-2008:0967 centos3 i386
2009-02-27 00:00:00
Mandriva Update for apache MDVSA-2008:195 (apache)
2009-04-09 00:00:00
nessus
nessus
Oracle Linux 3 / 4 / 5 : httpd (ELSA-2008-0967)
2013-07-12 00:00:00
CentOS 3 / 4 / 5 : httpd (CESA-2008:0967)
2009-04-23 00:00:00
Scientific Linux Security Update : httpd on SL3.x, SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
oraclelinux
oraclelinux
httpd security and bug fix update
2008-11-11 00:00:00
centos
centos
httpd, mod_ssl security update
2008-11-11 20:45:50
redhat
redhat
(RHSA-2008:0967) Moderate: httpd security and bug fix update
2008-11-11 00:00:00
(RHSA-2008:0966) Moderate: Red Hat Application Stack v2.2 security and enhancement update
2008-12-04 00:00:00
checkpoint_advisories
checkpoint_advisories
Update protection against Apache HTTP Server mod_proxy_ftp Wildcard Characters Cross Site Scripting
2008-09-19 00:00:00
Update Protection against Apache mod_proxy Interim Responses Denial of Service
2009-01-09 00:00:00
Update Protection against Apache mod_proxy_ftp XSS Vulnerability
2008-09-19 00:00:00
freebsd
freebsd
apache -- Cross-site scripting vulnerability
2008-07-25 00:00:00
apache -- multiple vulnerabilities
2008-06-14 00:00:00
cve
cve
CVE-2008-2939
2008-08-06 18:41:00
CVE-2008-2364
2008-06-13 18:41:00
debiancve
debiancve
CVE-2008-2939
2008-08-06 18:41:00
CVE-2008-2364
2008-06-13 18:41:00
prion
prion
Design/Logic Flaw
2008-06-13 18:41:00
Cross site scripting
2008-08-06 18:41:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:29:44
Cross-Site Scripting (XSS)
2020-04-10 00:29:44
seebug
seebug
Apache mod_proxy_ftpๆจกๅ—้€š้…็ฌฆๅญ—็ฌฆ่ทจ็ซ™่„šๆœฌๆผๆดž
2008-08-08 00:00:00
IBM HTTP Server mod_proxy_ftp ่ทจ็ซ™่„šๆœฌๆผๆดž
2009-02-16 00:00:00
Apache 'mod_proxy_http' Interim Response Denial of Service Vulnerability
2010-05-12 00:00:00
httpd
httpd
Apache Httpd < 2.0.64 : mod_proxy_ftp globbing XSS
2008-07-28 00:00:00
Apache Httpd < 2.2.10 : mod_proxy_ftp globbing XSS
2008-07-28 00:00:00
Apache Httpd < 2.2.9 : mod_proxy_http DoS
2008-05-29 00:00:00
ubuntucve
ubuntucve
CVE-2008-2939
2008-08-06 00:00:00
CVE-2008-2364
2008-06-13 00:00:00
cert
cert
Apache mod_proxy_ftp XSS vulnerability
2008-08-08 00:00:00
securityvulns
securityvulns
Apache mod_proxy_ftp crossite scripting
2008-08-07 00:00:00
Apache HTTP Server mod_proxy_ftp Wildcard Characters Cross-Site Scripting
2008-08-07 00:00:00
Apache multiple DoS conditions
2008-07-12 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: httpd-2.2.9-1.fc8
2008-08-07 23:57:20
[SECURITY] Fedora 9 Update: httpd-2.2.9-1.fc9
2008-08-07 23:48:09
ubuntu
ubuntu
Apache vulnerabilities
2009-03-10 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package apache2 version 2.2.9-alt1
2008-07-08 00:00:00
Security fix for the ALT Linux 9 package apache2 version 2.2.9-alt1
2008-07-08 00:00:00
Security fix for the ALT Linux 8 package apache2 version 2.2.9-alt1
2008-07-08 00:00:00
packetstorm
packetstorm
ProtonMail.ch Header Injection / CSRF
2014-05-30 00:00:00
gentoo
gentoo
Apache: Denial of service
2008-07-09 00:00:00
kaspersky
kaspersky
KLA10066 Multiple vulnerabilities in Apache httpd
2010-10-19 00:00:00
oracle
oracle
Oracle Critical Patch Update - July 2013
2013-07-16 00:00:00
JSON
Related for REDHAT-RHSA-2008-0967.NASL
openvas55nessus29oraclelinux1centos1redhat2checkpoint_advisories4freebsd2cve2debiancve2prion2veracode2seebug3httpd4ubuntucve2cert1securityvulns7fedora2ubuntu1altlinux6packetstorm1gentoo1kaspersky1oracle1