Lucene search
HistoryJul 09, 2012 - 12:00 a.m.
RedHat Update for httpd RHSA-2011:1391-01

2012-07-0900:00:00
plugins.openvas.org
0.974 High
EPSS
Percentile
99.9%
JSON
The remote host is missing an update for the
###############################################################################
# OpenVAS Vulnerability Test
#
# RedHat Update for httpd RHSA-2011:1391-01
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

if(description)
{
  script_xref(name:"URL", value:"https://www.redhat.com/archives/rhsa-announce/2011-October/msg00015.html");
  script_oid("1.3.6.1.4.1.25623.1.0.870617");
  script_version("$Revision: 14114 $");
  script_tag(name:"last_modification", value:"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $");
  script_tag(name:"creation_date", value:"2012-07-09 10:34:25 +0530 (Mon, 09 Jul 2012)");
  script_cve_id("CVE-2011-3348", "CVE-2011-3368", "CVE-2011-3192");
  script_tag(name:"cvss_base", value:"7.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_xref(name:"RHSA", value:"2011:1391-01");
  script_name("RedHat Update for httpd RHSA-2011:1391-01");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'httpd'
  package(s) announced via the referenced advisory.");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2012 Greenbone Networks GmbH");
  script_family("Red Hat Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms", re:"ssh/login/release=RHENT_6");
  script_tag(name:"affected", value:"httpd on Red Hat Enterprise Linux Desktop (v. 6),
  Red Hat Enterprise Linux Server (v. 6),
  Red Hat Enterprise Linux Workstation (v. 6)");
  script_tag(name:"solution", value:"Please Install the Updated Packages.");
  script_tag(name:"insight", value:"The Apache HTTP Server is a popular web server.

  It was discovered that the Apache HTTP Server did not properly validate the
  request URI for proxied requests. In certain configurations, if a reverse
  proxy used the ProxyPassMatch directive, or if it used the RewriteRule
  directive with the proxy flag, a remote attacker could make the proxy
  connect to an arbitrary server, possibly disclosing sensitive information
  from internal web servers not directly accessible to the attacker.
  (CVE-2011-3368)

  It was discovered that mod_proxy_ajp incorrectly returned an 'Internal
  Server Error' response when processing certain malformed HTTP requests,
  which caused the back-end server to be marked as failed in configurations
  where mod_proxy was used in load balancer mode. A remote attacker could
  cause mod_proxy to not send requests to back-end AJP (Apache JServ
  Protocol) servers for the retry timeout period or until all back-end
  servers were marked as failed. (CVE-2011-3348)

  Red Hat would like to thank Context Information Security for reporting the
  CVE-2011-3368 issue.

  This update also fixes the following bug:

  * The fix for CVE-2011-3192 provided by the RHSA-2011:1245 update
  introduced regressions in the way httpd handled certain Range HTTP header
  values. This update corrects those regressions. (BZ#736592)

  All httpd users should upgrade to these updated packages, which contain
  backported patches to correct these issues. After installing the updated
  packages, the httpd daemon must be restarted for the update to take effect.");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release) exit(0);

res = "";

if(release == "RHENT_6")
{

  if ((res = isrpmvuln(pkg:"httpd", rpm:"httpd~2.2.15~9.el6_1.3", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"httpd-debuginfo", rpm:"httpd-debuginfo~2.2.15~9.el6_1.3", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"httpd-devel", rpm:"httpd-devel~2.2.15~9.el6_1.3", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"httpd-tools", rpm:"httpd-tools~2.2.15~9.el6_1.3", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"mod_ssl", rpm:"mod_ssl~2.2.15~9.el6_1.3", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"httpd-manual", rpm:"httpd-manual~2.2.15~9.el6_1.3", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}
References

2011:1391-01
www.redhat.com/archives/rhsa-announce/2011-October/msg00015.html