Lucene search
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.SOLARIS9_X86_114145.NASLHistoryJul 12, 2004 - 12:00 a.m.
Solaris 9 (x86) : 114145-12
2004-07-1200:00:00
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.
www.tenable.com
19
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
10 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.429 Medium
EPSS
Percentile
97.3%
SunOS 5.9_x86: Apache Security Patch.
Date this patch was last updated by Sun : Mar/05/10
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text in this plugin was
# extracted from the Oracle SunOS Patch Updates.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(13593);
script_version("1.39");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2003-0020", "CVE-2003-0542", "CVE-2003-0987", "CVE-2003-0993", "CVE-2004-0174", "CVE-2004-0492", "CVE-2007-1349");
script_name(english:"Solaris 9 (x86) : 114145-12");
script_summary(english:"Check for patch 114145-12");
script_set_attribute(
attribute:"synopsis",
value:"The remote host is missing Sun Security Patch number 114145-12"
);
script_set_attribute(
attribute:"description",
value:
"SunOS 5.9_x86: Apache Security Patch.
Date this patch was last updated by Sun : Mar/05/10"
);
script_set_attribute(
attribute:"see_also",
value:"http://download.oracle.com/sunalerts/1021709.1.html"
);
script_set_attribute(
attribute:"solution",
value:"You should install this patch for your system to be up-to-date."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_cwe_id(119, 399);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");
script_set_attribute(attribute:"patch_publication_date", value:"2010/03/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/12");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
script_family(english:"Solaris Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("solaris.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114145-12", obsoleted_by:"", package:"SUNWapchu", version:"11.9.0,REV=2002.08.06.16.05") < 0) flag++;
if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114145-12", obsoleted_by:"", package:"SUNWapchd", version:"11.9.0,REV=2002.08.06.16.05") < 0) flag++;
if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114145-12", obsoleted_by:"", package:"SUNWapchS", version:"11.9.0,REV=2002.08.06.16.05") < 0) flag++;
if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114145-12", obsoleted_by:"", package:"SUNWapchr", version:"11.9.0,REV=2002.08.06.16.05") < 0) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report());
else security_hole(0);
exit(0);
}
audit(AUDIT_HOST_NOT, "affected");
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0020
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0542
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0987
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0993
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0174
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0492
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349
download.oracle.com/sunalerts/1021709.1.html
Related
nessus
nessus
Solaris 8 (x86) : 116974-07
2004-10-17 00:00:00
Solaris 8 (sparc) : 116973-07
2004-10-17 00:00:00
Solaris 9 (sparc) : 113146-13
2004-07-12 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200405-22 (Apache)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200405-22 (Apache)
2008-09-24 00:00:00
Slackware: Security Advisory (SSA:2004-133-01)
2012-09-10 00:00:00
slackware
slackware
apache
2004-05-12 16:54:58
apache security update
2003-11-04 16:48:11
gentoo
gentoo
Apache 1.3: Multiple vulnerabilities
2004-05-26 00:00:00
Apache: multiple buffer overflows
2003-10-28 00:00:00
Apache 1.3: Buffer overflow in mod_proxy
2004-06-21 00:00:00
suse
suse
remote file creation in kdelibs/kdelibs3
2004-05-26 11:35:37
remote command execution in cvs
2004-06-09 13:52:11
freebsd
freebsd
Apache 1.3 IP address access control failure on some 64-bit platforms
2004-03-07 00:00:00
apache -- heap overflow in mod_proxy
2004-06-10 00:00:00
mod_perl -- remote DoS in PATH_INFO parsing
2007-03-29 00:00:00
cve
cve
httpd
httpd
Apache Httpd < 1.3.31 : mod_digest nonce checking
2003-12-18 00:00:00
Apache Httpd < 1.3.29 : Local configuration regular expression overflow
2003-08-04 00:00:00
Apache Httpd < 2.0.48 : Local configuration regular expression overflow
2003-08-04 00:00:00
f5
f5
SOL3144 - Apache mod_alias buffer overflow vulnerability - CAN-2003-0542
2007-05-16 00:00:00
K3144 : Apache mod_alias buffer overflow vulnerability CAN-2003-0542
2013-03-28 00:00:00
K5576 : Authentication vulnerability in Apache mod_digest - CAN-2003-0987
2013-03-28 00:00:00
securityvulns
securityvulns
NetSec Security Advisory: Multiple Vulnerabilities Resulting From Use Of Apple OSX HFS+
2005-02-17 00:00:00
[SECURITY] [DSA 525-1] New apache packages fix buffer overflow in mod_proxy
2004-06-26 00:00:00
Apache mod_perl resource exhaustion
2007-04-01 00:00:00
debiancve
debiancve
cvelist
cvelist
altlinux
altlinux
Security fix for the ALT Linux 8 package apache2 version 2.0.40-21
2003-02-24 00:00:00
Security fix for the ALT Linux 9 package apache2 version 2.0.40-21
2003-02-24 00:00:00
Security fix for the ALT Linux 10 package apache2 version 2.0.40-21
2003-02-24 00:00:00
redhat
redhat
(RHSA-2003:360) apache security update
2003-12-10 00:00:00
(RHSA-2004:015) httpd security update
2004-01-13 00:00:00
(RHSA-2007:0395) Low: mod_perl security update
2007-06-14 00:00:00
ubuntucve
ubuntucve
nvd
nvd
cert
cert
osv
osv
apache - buffer overflow
2004-06-24 00:00:00
debian
debian
[SECURITY] [DSA 525-1] New apache packages fix buffer overflow in mod_proxy
2004-06-25 21:04:06
fedora
fedora
[SECURITY] Fedora 7 Update: mod_perl-2.0.3-9.1.fc7
2007-06-09 19:19:09
[SECURITY] Fedora Core 6 Update: mod_perl-2.0.2-6.2.fc6
2007-06-11 19:54:38
[SECURITY] Fedora Core 5 Update: mod_perl-2.0.2-5.2.fc5
2007-06-11 19:54:08
centos
centos
mod_perl security update
2007-06-18 23:45:32
mod_perl security update
2007-06-14 14:57:11
prion
prion
Code injection
2007-03-30 00:19:00
ubuntu
ubuntu
mod_perl vulnerability
2007-07-18 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:15:56
oraclelinux
oraclelinux
Low: mod_perl security update
2007-06-14 00:00:00
seebug
seebug
jetty 6.x - 7.x xss, information disclosure, injection
2014-07-01 00:00:00
jetty 6.x - 7.x xss information disclosure injection
2009-10-26 00:00:00
jetty 6.x - 7.x xss information disclosure injection
2009-10-26 00:00:00
packetstorm
packetstorm
Jetty 6.x / 7.x Information Disclosure / XSS
2009-10-26 00:00:00
exploitpack
exploitpack
jetty 6.x 7.x - Cross-Site Scripting Information Disclosure Injection
2009-10-26 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
10 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.429 Medium
EPSS
Percentile
97.3%
Related for SOLARIS9_X86_114145.NASL