Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2006-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.UBUNTU_USN-241-1.NASL
HistoryJan 21, 2006 - 12:00 a.m.

Ubuntu 4.10 / 5.04 / 5.10 : apache2, apache vulnerabilities (USN-241-1)

2006-01-2100:00:00
Ubuntu Security Notice (C) 2006-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.
www.tenable.com
22
JSON

The ‘mod_imap’ module (which provides support for image maps) did not properly escape the ‘referer’ URL which rendered it vulnerable against a cross-site scripting attack. A malicious web page (or HTML email) could trick a user into visiting a site running the vulnerable mod_imap, and employ cross-site-scripting techniques to gather sensitive user information from that site. (CVE-2005-3352)

Hartmut Keil discovered a Denial of Service vulnerability in the SSL module (‘mod_ssl’) that affects SSL-enabled virtual hosts with a customized error page for error 400. By sending a specially crafted request to the server, a remote attacker could crash the server. This only affects Apache 2, and only if the ‘worker’ implementation (apache2-mpm-worker) is used. (CVE-2005-3357).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-241-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(20788);
  script_version("1.19");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2005-3352", "CVE-2005-3357");
  script_xref(name:"USN", value:"241-1");

  script_name(english:"Ubuntu 4.10 / 5.04 / 5.10 : apache2, apache vulnerabilities (USN-241-1)");
  script_summary(english:"Checks dpkg output for updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Ubuntu host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The 'mod_imap' module (which provides support for image maps) did not
properly escape the 'referer' URL which rendered it vulnerable against
a cross-site scripting attack. A malicious web page (or HTML email)
could trick a user into visiting a site running the vulnerable
mod_imap, and employ cross-site-scripting techniques to gather
sensitive user information from that site. (CVE-2005-3352)

Hartmut Keil discovered a Denial of Service vulnerability in the SSL
module ('mod_ssl') that affects SSL-enabled virtual hosts with a
customized error page for error 400. By sending a specially crafted
request to the server, a remote attacker could crash the server. This
only affects Apache 2, and only if the 'worker' implementation
(apache2-mpm-worker) is used. (CVE-2005-3357).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache-dbg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache-perl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache-ssl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache-utils");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache2-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache2-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-perchild");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-prefork");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-threadpool");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-worker");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache2-prefork-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache2-threaded-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:apache2-utils");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapache-mod-perl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapr0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapr0-dev");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:4.10");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:5.04");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:5.10");

  script_set_attribute(attribute:"patch_publication_date", value:"2006/01/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2006/01/21");
  script_set_attribute(attribute:"vuln_publication_date", value:"2005/12/05");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"Ubuntu Security Notice (C) 2006-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.");
  script_family(english:"Ubuntu Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! ereg(pattern:"^(4\.10|5\.04|5\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 4.10 / 5.04 / 5.10", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);

flag = 0;

if (ubuntu_check(osver:"4.10", pkgname:"apache", pkgver:"1.3.31-6ubuntu0.9")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache-common", pkgver:"1.3.31-6ubuntu0.9")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache-dbg", pkgver:"1.3.31-6ubuntu0.9")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache-dev", pkgver:"1.3.31-6ubuntu0.9")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache-doc", pkgver:"1.3.31-6ubuntu0.9")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache-perl", pkgver:"1.3.31-6ubuntu0.9")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache-ssl", pkgver:"1.3.31-6ubuntu0.9")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache-utils", pkgver:"1.3.31-6ubuntu0.9")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache2", pkgver:"2.0.50-12ubuntu4.10")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache2-common", pkgver:"2.0.50-12ubuntu4.10")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache2-doc", pkgver:"2.0.50-12ubuntu4.10")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache2-mpm-perchild", pkgver:"2.0.50-12ubuntu4.10")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache2-mpm-prefork", pkgver:"2.0.50-12ubuntu4.10")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache2-mpm-threadpool", pkgver:"2.0.50-12ubuntu4.10")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache2-mpm-worker", pkgver:"2.0.50-12ubuntu4.10")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache2-prefork-dev", pkgver:"2.0.50-12ubuntu4.10")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"apache2-threaded-dev", pkgver:"2.0.50-12ubuntu4.10")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"libapache-mod-perl", pkgver:"1.29.0.2.0-6ubuntu0.9")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"libapr0", pkgver:"2.0.50-12ubuntu4.10")) flag++;
if (ubuntu_check(osver:"4.10", pkgname:"libapr0-dev", pkgver:"2.0.50-12ubuntu4.10")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"apache", pkgver:"1.3.33-4ubuntu2")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"apache-common", pkgver:"1.3.33-4ubuntu2")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"apache-dbg", pkgver:"1.3.33-4ubuntu2")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"apache-dev", pkgver:"1.3.33-4ubuntu2")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"apache-doc", pkgver:"1.3.33-4ubuntu2")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"apache-perl", pkgver:"1.3.33-4ubuntu2")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"apache-ssl", pkgver:"1.3.33-4ubuntu2")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"apache-utils", pkgver:"1.3.33-4ubuntu2")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"apache2", pkgver:"2.0.53-5ubuntu5.5")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"apache2-common", pkgver:"2.0.53-5ubuntu5.5")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"apache2-doc", pkgver:"2.0.53-5ubuntu5.5")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"apache2-mpm-perchild", pkgver:"2.0.53-5ubuntu5.5")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"apache2-mpm-prefork", pkgver:"2.0.53-5ubuntu5.5")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"apache2-mpm-threadpool", pkgver:"2.0.53-5ubuntu5.5")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"apache2-mpm-worker", pkgver:"2.0.53-5ubuntu5.5")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"apache2-prefork-dev", pkgver:"2.0.53-5ubuntu5.5")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"apache2-threaded-dev", pkgver:"2.0.53-5ubuntu5.5")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"apache2-utils", pkgver:"2.0.53-5ubuntu5.5")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"libapache-mod-perl", pkgver:"1.29.0.3-4ubuntu2")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"libapr0", pkgver:"2.0.53-5ubuntu5.5")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"libapr0-dev", pkgver:"2.0.53-5ubuntu5.5")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"apache", pkgver:"1.3.33-8ubuntu1")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"apache-common", pkgver:"1.3.33-8ubuntu1")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"apache-dbg", pkgver:"1.3.33-8ubuntu1")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"apache-dev", pkgver:"1.3.33-8ubuntu1")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"apache-doc", pkgver:"1.3.33-8ubuntu1")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"apache-perl", pkgver:"1.3.33-8ubuntu1")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"apache-ssl", pkgver:"1.3.33-8ubuntu1")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"apache-utils", pkgver:"1.3.33-8ubuntu1")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"apache2", pkgver:"2.0.54-5ubuntu4")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"apache2-common", pkgver:"2.0.54-5ubuntu4")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"apache2-doc", pkgver:"2.0.54-5ubuntu4")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"apache2-mpm-perchild", pkgver:"2.0.54-5ubuntu4")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"apache2-mpm-prefork", pkgver:"2.0.54-5ubuntu4")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"apache2-mpm-threadpool", pkgver:"2.0.54-5ubuntu4")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"apache2-mpm-worker", pkgver:"2.0.54-5ubuntu4")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"apache2-prefork-dev", pkgver:"2.0.54-5ubuntu4")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"apache2-threaded-dev", pkgver:"2.0.54-5ubuntu4")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"apache2-utils", pkgver:"2.0.54-5ubuntu4")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"libapache-mod-perl", pkgver:"1.29.0.3-8ubuntu1")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"libapr0", pkgver:"2.0.54-5ubuntu4")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"libapr0-dev", pkgver:"2.0.54-5ubuntu4")) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "apache / apache-common / apache-dbg / apache-dev / apache-doc / etc");
}
VendorProductVersionCPE
canonicalubuntu_linuxapachep-cpe:/a:canonical:ubuntu_linux:apache
canonicalubuntu_linuxapache-commonp-cpe:/a:canonical:ubuntu_linux:apache-common
canonicalubuntu_linuxapache-dbgp-cpe:/a:canonical:ubuntu_linux:apache-dbg
canonicalubuntu_linuxapache-devp-cpe:/a:canonical:ubuntu_linux:apache-dev
canonicalubuntu_linuxapache-docp-cpe:/a:canonical:ubuntu_linux:apache-doc
canonicalubuntu_linuxapache-perlp-cpe:/a:canonical:ubuntu_linux:apache-perl
canonicalubuntu_linuxapache-sslp-cpe:/a:canonical:ubuntu_linux:apache-ssl
canonicalubuntu_linuxapache-utilsp-cpe:/a:canonical:ubuntu_linux:apache-utils
canonicalubuntu_linuxapache2p-cpe:/a:canonical:ubuntu_linux:apache2
canonicalubuntu_linuxapache2-commonp-cpe:/a:canonical:ubuntu_linux:apache2-common
Rows per page:
1-10 of 241

Related

openvas 46
nessus 36
ubuntu 1
gentoo 1
centos 2
redhat 2
cert 1
cve 2
ubuntucve 2
httpd 5
seebug 1
debiancve 2
securityvulns 3
freebsd 1
slackware 1
jvn 1
osv 1
debian 1
suse 2
oracle 1
openvas
openvas
Gentoo Security Advisory GLSA 200602-03 (Apache)
2008-09-24 00:00:00
SLES9: Security update for Apache 2
2009-10-10 00:00:00
Gentoo Security Advisory GLSA 200602-03 (Apache)
2008-09-24 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : apache2 (MDKSA-2006:007)
2006-01-15 00:00:00
GLSA-200602-03 : Apache: Multiple vulnerabilities
2006-02-10 00:00:00
HP-UX PHSS_36385 : HP OpenView Network Node Manager (OV NNM) Running Apache, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execute Arbitrary Code (HPSBMA02328 SSRT071293 rev.2)
2007-09-25 00:00:00
ubuntu
ubuntu
Apache vulnerabilities
2006-01-13 00:00:00
gentoo
gentoo
Apache: Multiple vulnerabilities
2006-02-06 00:00:00
centos
centos
httpd, mod_ssl security update
2006-01-05 21:38:50
apache security update
2006-01-30 00:50:54
redhat
redhat
(RHSA-2006:0159) httpd security update
2006-01-05 00:00:00
(RHSA-2006:0158) apache security update
2006-01-17 00:00:00
cert
cert
Apache mod_rewrite contains off-by-one error in ldap scheme handling
2006-07-28 00:00:00
cve
cve
CVE-2005-3352
2005-12-13 20:03:00
CVE-2005-3357
2005-12-31 05:00:00
ubuntucve
ubuntucve
CVE-2005-3357
2005-12-31 00:00:00
CVE-2005-3352
2005-12-13 00:00:00
httpd
httpd
Apache Httpd < 2.2.2 : mod_ssl access control DoS
2005-12-05 00:00:00
Apache Httpd < 2.2.2 : mod_imap Referer Cross-Site Scripting
2005-11-01 00:00:00
Apache Httpd < 2.0.58 : mod_ssl access control DoS
2005-12-05 00:00:00
seebug
seebug
Apache Mod_SSL可定制错误文档拒绝服务漏洞
2006-08-17 00:00:00
debiancve
debiancve
CVE-2005-3357
2005-12-31 05:00:00
CVE-2005-3352
2005-12-13 20:03:00
securityvulns
securityvulns
[OpenPKG-SA-2005.029] OpenPKG Security Advisory &#40;apache&#41;
2005-12-16 00:00:00
About the security content of Security Update 2008-003 / Mac OS X 10.5.3
2008-05-30 00:00:00
Oracle / Sun / MySQL / PeopleSoft applications multiple security vulnerabilities
2013-08-12 00:00:00
freebsd
freebsd
apache -- mod_imap cross-site scripting flaw
2005-11-01 00:00:00
slackware
slackware
[slackware-security] Apache httpd
2006-05-09 22:19:21
jvn
jvn
JVN#06045169 mod_imap cross-site scripting vulnerability
2005-12-15 00:00:00
osv
osv
apache - missing input sanitising
2006-09-04 00:00:00
debian
debian
[SECURITY] [DSA 1167-1] New apache packages fix several vulnerabilities
2006-09-04 15:08:06
suse
suse
remote denial of service in apache,apache2
2006-07-28 14:21:14
cryptographic problems in apache2
2006-09-08 14:34:17
oracle
oracle
Oracle Critical Patch Update - July 2013
2013-07-16 00:00:00
JSON
Related for UBUNTU_USN-241-1.NASL
openvas46nessus36ubuntu1gentoo1centos2redhat2cert1cve2ubuntucve2httpd5seebug1debiancve2securityvulns3freebsd1slackware1jvn1osv1debian1suse2oracle1