Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2021 Tenable Network Security, Inc.SUSE_11_APACHE2-130225.NASL
HistoryMar 05, 2013 - 12:00 a.m.

SuSE 11.2 Security Update : Apache (SAT Patch Number 7409)

2013-03-0500:00:00
This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.
www.tenable.com
38
JSON

This update fixes the following issues :

  • Denial of Service via special requests in mod_proxy_ajp.
    (CVE-2012-4557)

  • improper LD_LIBRARY_PATH handling. (CVE-2012-0883)

  • filename escaping problem Additionally, some non-security bugs have been fixed:. (CVE-2012-2687)

  • ignore case when checking against SNI server names.
    [bnc#798733]

  • httpd-2.2.x-CVE-2011-3368_CVE-2011-4317-bnc722545.diff reworked to reflect the upstream changes. This will prevent the ‘Invalid URI in request OPTIONS *’ messages in the error log. [bnc#722545]

  • new sysconfig variable APACHE_DISABLE_SSL_COMPRESSION;
    if set to on, OPENSSL_NO_DEFAULT_ZLIB will be inherited to the apache process; openssl will then transparently disable compression. This change affects start script and sysconfig fillup template. Default is on, SSL compression disabled. Please see mod_deflate for compressed transfer at http layer. [bnc#782956]

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from SuSE 11 update information. The text itself is
# copyright (C) Novell, Inc.
#

if (NASL_LEVEL < 3000) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(65023);
  script_version("1.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2011-3368", "CVE-2011-4317", "CVE-2012-0021", "CVE-2012-0883", "CVE-2012-2687", "CVE-2012-4557");

  script_name(english:"SuSE 11.2 Security Update : Apache (SAT Patch Number 7409)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 11 host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update fixes the following issues :

  - Denial of Service via special requests in mod_proxy_ajp.
    (CVE-2012-4557)

  - improper LD_LIBRARY_PATH handling. (CVE-2012-0883)

  - filename escaping problem Additionally, some
    non-security bugs have been fixed:. (CVE-2012-2687)

  - ignore case when checking against SNI server names.
    [bnc#798733]

  - httpd-2.2.x-CVE-2011-3368_CVE-2011-4317-bnc722545.diff
    reworked to reflect the upstream changes. This will
    prevent the 'Invalid URI in request OPTIONS *' messages
    in the error log. [bnc#722545]

  - new sysconfig variable APACHE_DISABLE_SSL_COMPRESSION;
    if set to on, OPENSSL_NO_DEFAULT_ZLIB will be inherited
    to the apache process; openssl will then transparently
    disable compression. This change affects start script
    and sysconfig fillup template. Default is on, SSL
    compression disabled. Please see mod_deflate for
    compressed transfer at http layer. [bnc#782956]"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=722545"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=757710"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=774045"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=777260"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=782956"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=788121"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=793004"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=798733"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2011-3368.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2011-4317.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-0021.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-0883.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-2687.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-4557.html"
  );
  script_set_attribute(attribute:"solution", value:"Apply SAT patch number 7409.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:apache2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:apache2-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:apache2-example-pages");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:apache2-prefork");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:apache2-utils");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:apache2-worker");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/02/25");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/03/05");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);

pl = get_kb_item("Host/SuSE/patchlevel");
if (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, "SuSE 11.2");


flag = 0;
if (rpm_check(release:"SLES11", sp:2, reference:"apache2-2.2.12-1.36.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"apache2-doc-2.2.12-1.36.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"apache2-example-pages-2.2.12-1.36.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"apache2-prefork-2.2.12-1.36.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"apache2-utils-2.2.12-1.36.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"apache2-worker-2.2.12-1.36.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:apache2
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:apache2-doc
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:apache2-example-pages
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:apache2-prefork
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:apache2-utils
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:apache2-worker
novellsuse_linux11cpe:/o:novell:suse_linux:11

References

Related

openvas 50
nessus 49
thn 1
securityvulns 8
f5 7
veracode 3
prion 6
debiancve 6
cve 6
ubuntucve 6
altlinux 9
freebsd 4
redhat 3
centos 2
fedora 3
slackware 1
oraclelinux 2
httpd 8
seebug 7
gentoo 1
packetstorm 2
ubuntu 1
checkpoint_advisories 4
threatpost 1
exploitpack 1
osv 2
debian 4
amazon 1
exploitdb 1
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2013:0389-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2013:0830-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2013:0469-1)
2021-06-09 00:00:00
nessus
nessus
openSUSE Security Update : apache2 (openSUSE-SU-2013:0243-1)
2014-06-13 00:00:00
SUSE SLES10 Security Update : apache2 (SUSE-SU-2013:0469-1)
2015-05-20 00:00:00
Apache 2.2 < 2.2.22 Multiple Vulnerabilities
2012-02-06 00:00:00
thn
thn
New Apache Reverse Proxy Flaw Allows Access to Internal Network
2011-11-27 08:58:00
securityvulns
securityvulns
Apache mod_proxy unauthorized internal network access
2012-01-11 00:00:00
Apache security vulnerabilities
2012-10-01 00:00:00
[ MDVSA-2012:154 ] apache
2012-10-01 00:00:00
f5
f5
SOL15894 - Apache vulnerabilities CVE-2012-4557 and CVE-2012-0021
2014-12-04 00:00:00
K15894 : Apache vulnerabilities CVE-2012-4557 and CVE-2012-0021
2014-12-05 00:00:00
K15889 : Apache HTTP server vulnerabilities CVE-2011-3368, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, and CVE-2012-0053
2015-08-03 00:00:00
veracode
veracode
Unauthorized Reverse Proxy Connection
2020-04-10 01:10:16
Denial Of Service (DoS)
2019-05-02 04:53:00
Information Disclosure
2020-04-10 01:03:06
prion
prion
Design/Logic Flaw
2011-11-30 04:05:00
Design/Logic Flaw
2012-11-30 19:55:00
Directory traversal
2012-04-18 10:33:00
debiancve
debiancve
CVE-2011-4317
2011-11-30 04:05:00
CVE-2012-4557
2012-11-30 19:55:00
CVE-2011-3368
2011-10-05 22:55:00
cve
cve
CVE-2011-4317
2011-11-30 04:05:00
CVE-2012-4557
2012-11-30 19:55:00
CVE-2012-2687
2012-08-22 19:55:00
ubuntucve
ubuntucve
CVE-2011-4317
2011-11-29 00:00:00
CVE-2012-4557
2012-11-30 00:00:00
CVE-2011-3368
2011-10-05 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package apache2 version 2.2.22-alt1
2012-02-02 00:00:00
Security fix for the ALT Linux 9 package apache2 version 2.2.22-alt1
2012-02-02 00:00:00
Security fix for the ALT Linux 10 package apache2 version 2.2.22-alt1
2012-02-02 00:00:00
freebsd
freebsd
apache -- multiple vulnerabilities
2011-10-05 00:00:00
apache22 -- several vulnerabilities
2012-09-13 00:00:00
Apache 1.3 -- mod_proxy reverse proxy exposure
2011-10-05 00:00:00
redhat
redhat
(RHSA-2013:0512) Low: httpd security, bug fix, and enhancement update
2013-02-21 00:00:00
(RHSA-2012:0128) Moderate: httpd security update
2012-02-13 00:00:00
(RHSA-2012:0543) Moderate: httpd security and bug fix update
2012-05-07 18:13:40
centos
centos
httpd, mod_ssl security update
2013-02-27 19:35:19
httpd, mod_ssl security update
2012-02-14 11:13:29
fedora
fedora
[SECURITY] Fedora 15 Update: httpd-2.2.22-1.fc15
2012-03-06 19:30:50
[SECURITY] Fedora 17 Update: httpd-2.2.23-1.fc17
2013-02-12 04:59:23
[SECURITY] Fedora 16 Update: httpd-2.2.22-1.fc16
2012-02-21 01:28:42
slackware
slackware
[slackware-security] httpd
2012-02-10 17:43:57
oraclelinux
oraclelinux
httpd security, bug fix, and enhancement update
2013-02-22 00:00:00
httpd security and bug fix update
2011-10-20 00:00:00
httpd
httpd
Apache Httpd < 2.2.22 : mod_proxy_ajp remote DoS
2012-10-11 00:00:00
Apache Httpd < 2.2.22 : mod_proxy reverse proxy exposure
2011-10-20 00:00:00
Apache Httpd < 1.3-never : mod_proxy reverse proxy exposure
2011-09-16 00:00:00
seebug
seebug
Apache HTTP Server mod_proxy反向代理模式安全限制绕过漏洞
2011-11-25 00:00:00
Apache HTTP Server 'mod_proxy'反向代理信息泄露漏洞
2011-10-08 00:00:00
Apache mod_proxy Reverse Proxy Exposure Vulnerability PoC
2011-10-12 00:00:00
gentoo
gentoo
Apache HTTP Server: Multiple vulnerabilities
2012-06-24 00:00:00
packetstorm
packetstorm
Apache Reverse Proxy Bypass
2011-10-06 00:00:00
Apache mod_proxy Proof Of Concept
2011-10-11 00:00:00
ubuntu
ubuntu
Apache HTTP Server vulnerabilities
2012-02-16 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache HTTPD mod_proxy Security Bypass (CVE-2011-3368)
2012-03-05 00:00:00
Apache HTTPD mod_proxy Information Disclosure (CVE-2011-3368)
2011-11-01 00:00:00
Apache HTTPD mod_log_config Cookie Handling Denial of Service - High Confidence (CVE-2012-0021)
2013-04-23 00:00:00
threatpost
threatpost
New Apache Reverse Proxy Issue Uncovered
2011-11-26 23:41:49
exploitpack
exploitpack
Apache mod_proxy - Reverse Proxy Exposure
2011-10-11 00:00:00
osv
osv
apache2 - multiple issues
2012-02-06 00:00:00
apache2 - several
2012-11-30 00:00:00
debian
debian
[SECURITY] [DSA 2405-1] apache2 security update
2012-02-06 09:06:39
[SECURITY] [DSA 2405-1] apache2 security update
2012-02-06 09:06:39
[SECURITY] [DSA 2579-1] apache2 security update
2012-11-30 13:22:52
amazon
amazon
Medium: httpd
2012-02-16 10:48:00
exploitdb
exploitdb
Apache mod_proxy - Reverse Proxy Exposure
2011-10-11 00:00:00
JSON
Related for SUSE_11_APACHE2-130225.NASL
openvas50nessus49thn1securityvulns8f57veracode3prion6debiancve6cve6ubuntucve6altlinux9freebsd4redhat3centos2fedora3slackware1oraclelinux2httpd8seebug7gentoo1packetstorm2ubuntu1checkpoint_advisories4threatpost1exploitpack1osv2debian4amazon1exploitdb1