Lucene search
Copyright (C) 2011 Greenbone AGOPENVAS:1361412562310835247HistoryJan 04, 2011 - 12:00 a.m.
HP-UX Update for Apache-based Web Server HPSBUX02612
2011-01-0400:00:00
Copyright (C) 2011 Greenbone AG
plugins.openvas.org
15
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 High
AI Score
Confidence
High
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.972 High
EPSS
Percentile
99.8%
The remote host is missing an update for the Apache-based Web Server package(s) announced via the referenced advisory.
# SPDX-FileCopyrightText: 2011 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_xref(name:"URL", value:"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02579879");
script_oid("1.3.6.1.4.1.25623.1.0.835247");
script_version("2024-02-05T05:05:38+0000");
script_tag(name:"last_modification", value:"2024-02-05 05:05:38 +0000 (Mon, 05 Feb 2024)");
script_tag(name:"creation_date", value:"2011-01-04 15:48:51 +0100 (Tue, 04 Jan 2011)");
script_tag(name:"cvss_base", value:"7.1");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:N/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2024-02-02 14:11:43 +0000 (Fri, 02 Feb 2024)");
script_xref(name:"HPSBUX", value:"02612");
script_cve_id("CVE-2010-1452", "CVE-2009-1956", "CVE-2009-1955", "CVE-2009-1891", "CVE-2009-1890", "CVE-2009-1195", "CVE-2009-0023", "CVE-2007-6203", "CVE-2006-3918");
script_name("HP-UX Update for Apache-based Web Server HPSBUX02612");
script_tag(name:"summary", value:"The remote host is missing an update for the Apache-based Web Server package(s) announced via the referenced advisory.");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2011 Greenbone AG");
script_family("HP-UX Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/hp_hp-ux", "ssh/login/hp_pkgrev", re:"ssh/login/release=HPUX(11\.31|11\.23|11\.11)");
script_tag(name:"impact", value:"Local information disclosure, increase of privilege, remote Denial of Service (DoS)");
script_tag(name:"affected", value:"Apache-based Web Server on HP-UX B.11.11, B.11.23 and B.11.31 running Apache-based Web Server prior to
v2.0.63.01 HP-UX Apache-based Web Server v2.0.63.01 is contained in HP-UX
Web Server Suite v.2.32");
script_tag(name:"insight", value:"Potential security vulnerabilities have been identified with HP-UX
Apache-based Web Server. These vulnerabilities could be exploited locally to
disclose information, increase privilege or remotely create a Denial of
Service (DoS).");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-hpux.inc");
release = hpux_get_ssh_release();
if(!release) exit(0);
res = "";
if(release == "HPUX11.31")
{
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPCH32.APACHE", revision:"B.2.0.63.01", rls:"HPUX11.31")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPCH32.APACHE2", revision:"B.2.0.63.01", rls:"HPUX11.31")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPCH32.AUTH_LDAP", revision:"B.2.0.63.01", rls:"HPUX11.31")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPCH32.AUTH_LDAP2", revision:"B.2.0.63.01", rls:"HPUX11.31")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPCH32.MOD_JK", revision:"B.2.0.63.01", rls:"HPUX11.31")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPCH32.MOD_JK2", revision:"B.2.0.63.01", rls:"HPUX11.31")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPCH32.MOD_PERL", revision:"B.2.0.63.01", rls:"HPUX11.31")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPCH32.MOD_PERL2", revision:"B.2.0.63.01", rls:"HPUX11.31")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPCH32.PHP", revision:"B.2.0.63.01", rls:"HPUX11.31")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPCH32.PHP2", revision:"B.2.0.63.01", rls:"HPUX11.31")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPCH32.WEBPROXY", revision:"B.2.0.63.01", rls:"HPUX11.31")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.APACHE", revision:"B.2.0.63.01", rls:"HPUX11.31")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.APACHE2", revision:"B.2.0.63.01", rls:"HPUX11.31")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.AUTH_LDAP", revision:"B.2.0.63.01", rls:"HPUX11.31")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.AUTH_LDAP2", revision:"B.2.0.63.01", rls:"HPUX11.31")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.MOD_JK", revision:"B.2.0.63.01", rls:"HPUX11.31")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.MOD_JK2", revision:"B.2.0.63.01", rls:"HPUX11.31")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.MOD_PERL", revision:"B.2.0.63.01", rls:"HPUX11.31")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.MOD_PERL2", revision:"B.2.0.63.01", rls:"HPUX11.31")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.PHP", revision:"B.2.0.63.01", rls:"HPUX11.31")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.PHP2", revision:"B.2.0.63.01", rls:"HPUX11.31")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.WEBPROXY", revision:"B.2.0.63.01", rls:"HPUX11.31")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
if(release == "HPUX11.23")
{
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPCH32.APACHE", revision:"B.2.0.63.01", rls:"HPUX11.23")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPCH32.APACHE2", revision:"B.2.0.63.01", rls:"HPUX11.23")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPCH32.AUTH_LDAP", revision:"B.2.0.63.01", rls:"HPUX11.23")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPCH32.AUTH_LDAP2", revision:"B.2.0.63.01", rls:"HPUX11.23")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPCH32.MOD_JK", revision:"B.2.0.63.01", rls:"HPUX11.23")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPCH32.MOD_JK2", revision:"B.2.0.63.01", rls:"HPUX11.23")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPCH32.MOD_PERL", revision:"B.2.0.63.01", rls:"HPUX11.23")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPCH32.MOD_PERL2", revision:"B.2.0.63.01", rls:"HPUX11.23")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPCH32.PHP", revision:"B.2.0.63.01", rls:"HPUX11.23")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPCH32.PHP2", revision:"B.2.0.63.01", rls:"HPUX11.23")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPCH32.WEBPROXY", revision:"B.2.0.63.01", rls:"HPUX11.23")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.APACHE", revision:"B.2.0.63.01", rls:"HPUX11.23")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.APACHE2", revision:"B.2.0.63.01", rls:"HPUX11.23")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.AUTH_LDAP", revision:"B.2.0.63.01", rls:"HPUX11.23")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.AUTH_LDAP2", revision:"B.2.0.63.01", rls:"HPUX11.23")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.MOD_JK", revision:"B.2.0.63.01", rls:"HPUX11.23")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.MOD_JK2", revision:"B.2.0.63.01", rls:"HPUX11.23")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.MOD_PERL", revision:"B.2.0.63.01", rls:"HPUX11.23")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.MOD_PERL2", revision:"B.2.0.63.01", rls:"HPUX11.23")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.PHP", revision:"B.2.0.63.01", rls:"HPUX11.23")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.PHP2", revision:"B.2.0.63.01", rls:"HPUX11.23")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.WEBPROXY", revision:"B.2.0.63.01", rls:"HPUX11.23")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
if(release == "HPUX11.11")
{
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.APACHE", revision:"B.2.0.63.01", rls:"HPUX11.11")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.APACHE2", revision:"B.2.0.63.01", rls:"HPUX11.11")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.AUTH_LDAP", revision:"B.2.0.63.01", rls:"HPUX11.11")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.AUTH_LDAP2", revision:"B.2.0.63.01", rls:"HPUX11.11")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.MOD_JK", revision:"B.2.0.63.01", rls:"HPUX11.11")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.MOD_JK2", revision:"B.2.0.63.01", rls:"HPUX11.11")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.MOD_PERL", revision:"B.2.0.63.01", rls:"HPUX11.11")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.MOD_PERL2", revision:"B.2.0.63.01", rls:"HPUX11.11")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.PHP", revision:"B.2.0.63.01", rls:"HPUX11.11")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.PHP2", revision:"B.2.0.63.01", rls:"HPUX11.11")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = ishpuxpkgvuln(pkg:"hpuxwsAPACHE.WEBPROXY", revision:"B.2.0.63.01", rls:"HPUX11.11")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
Related
openvas
openvas
HP-UX Update for Apache-based Web Server HPSBUX02612
2011-01-04 00:00:00
Slackware Advisory SSA:2009-214-01 httpd
2012-09-11 00:00:00
Slackware: Security Advisory (SSA:2009-214-01)
2012-09-10 00:00:00
nessus
nessus
Slackware 12.0 / 12.1 / 12.2 / current : httpd (SSA:2009-214-01)
2009-08-03 00:00:00
Apache 2.2.x < 2.2.12 Multiple Vulnerabilities
2009-08-02 00:00:00
slackware
slackware
freebsd
freebsd
apache22 -- several vulnerabilities
2009-07-28 00:00:00
apr -- multiple vulnerabilities
2009-06-05 00:00:00
apache -- Remote DoS bug in mod_cache and mod_dav
2010-07-21 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package apache2 version 2.2.12-alt1
2009-07-30 00:00:00
Security fix for the ALT Linux 8 package apache2 version 2.2.12-alt1
2009-07-30 00:00:00
Security fix for the ALT Linux 10 package apache2 version 2.2.12-alt1
2009-07-30 00:00:00
ubuntu
ubuntu
Apache vulnerabilities
2009-06-11 00:00:00
apr-util vulnerabilities
2009-06-10 00:00:00
Apache regression
2009-08-19 00:00:00
redhat
redhat
(RHSA-2009:1107) Moderate: apr-util security update
2009-06-16 00:00:00
(RHSA-2009:1108) Moderate: httpd security update
2009-06-16 00:00:00
(RHSA-2009:1156) Important: httpd security update
2009-07-14 00:00:00
gentoo
gentoo
APR Utility Library: Multiple vulnerabilities
2009-07-04 00:00:00
Apache: Multiple vulnerabilities
2009-07-12 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: apr-util-1.2.12-7.fc9
2009-06-24 19:32:52
[SECURITY] Fedora 11 Update: apr-util-1.3.7-1.fc11
2009-06-24 19:36:44
[SECURITY] Fedora 10 Update: apr-util-1.3.7-1.fc10
2009-06-24 19:40:30
securityvulns
securityvulns
Apache apr-util webDav DoS
2009-06-05 00:00:00
[ MDVSA-2009:149 ] apache
2009-07-09 00:00:00
Apache DoS
2009-07-09 00:00:00
oraclelinux
oraclelinux
httpd security update
2009-06-17 00:00:00
apr-util security update
2009-06-16 00:00:00
httpd security update
2009-07-09 00:00:00
centos
centos
httpd, mod_ssl security update
2009-06-17 14:02:38
apr security update
2009-06-19 09:53:07
httpd, mod_ssl security update
2009-07-14 12:16:38
prion
prion
Cross site scripting
2007-12-03 22:46:00
Path traversal
2010-07-28 20:00:00
ubuntucve
ubuntucve
cve
cve
CVE-2007-6203
2007-12-03 22:46:00
CVE-2006-3918
2006-07-28 00:04:00
debiancve
debiancve
CVE-2007-6203
2007-12-03 22:46:00
CVE-2006-3918
2006-07-28 00:04:00
debian
debian
[SECURITY] [DSA 1834-2] New apache/apache2-mpm-itk fix regression
2009-07-30 16:37:19
[SECURITY] [DSA 1834-1] New apache2 packages fix denial of service
2009-07-15 19:01:57
osv
osv
apache2 apache2-mpm-itk - denial of service
2009-07-15 00:00:00
suse
suse
potential code execution in apache2,libapr1
2009-10-26 13:21:56
checkpoint_advisories
checkpoint_advisories
f5
f5
K6669 : Apache HTTP Expect header handling
2013-03-19 00:00:00
httpd
httpd
Apache Httpd < 1.3.35 : Expect header Cross-Site Scripting
2006-05-01 00:00:00
Apache Httpd < 2.2.16 : mod_cache and mod_dav DoS
2010-05-04 00:00:00
packetstorm
packetstorm
ProCheckUp Security Advisory 2007.37
2007-12-02 00:00:00
seebug
seebug
Apache mod_proxyεε代ηζη»ζε‘ζΌζ΄
2009-07-07 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 High
AI Score
Confidence
High
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.972 High
EPSS
Percentile
99.8%
Related for OPENVAS:1361412562310835247