Lucene search

K

CentOS Update for httpd CESA-2011:1392 centos4 x86_64

🗓️ 30 Jul 2012 00:00:00Reported by Copyright (C) 2012 Greenbone AGType 
openvas
 openvas
🔗 plugins.openvas.org👁 23 Views

The remote host is missing an update for the 'httpd' package(s) announced via the referenced advisory. It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, a remote attacker could make the proxy connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to the attacker. This update also fixes the following bug: * The fix for CVE-2011-3192 provided by the RHSA-2011:1245 update introduced regressions in the way httpd handled certain Range HTTP header values. This update corrects those regressions

Show more
Related
Refs
Code
# SPDX-FileCopyrightText: 2012 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_xref(name:"URL", value:"http://lists.centos.org/pipermail/centos-announce/2011-November/018172.html");
  script_oid("1.3.6.1.4.1.25623.1.0.881450");
  script_version("2023-07-10T08:07:43+0000");
  script_tag(name:"last_modification", value:"2023-07-10 08:07:43 +0000 (Mon, 10 Jul 2023)");
  script_tag(name:"creation_date", value:"2012-07-30 17:54:04 +0530 (Mon, 30 Jul 2012)");
  script_cve_id("CVE-2011-3368", "CVE-2011-3192");
  script_tag(name:"cvss_base", value:"7.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_xref(name:"CESA", value:"2011:1392");
  script_name("CentOS Update for httpd CESA-2011:1392 centos4 x86_64");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'httpd'
  package(s) announced via the referenced advisory.");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2012 Greenbone AG");
  script_family("CentOS Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/centos", "ssh/login/rpms", re:"ssh/login/release=CentOS4");
  script_tag(name:"affected", value:"httpd on CentOS 4");
  script_tag(name:"solution", value:"Please install the updated packages.");
  script_tag(name:"insight", value:"The Apache HTTP Server is a popular web server.

  It was discovered that the Apache HTTP Server did not properly validate the
  request URI for proxied requests. In certain configurations, if a reverse
  proxy used the ProxyPassMatch directive, or if it used the RewriteRule
  directive with the proxy flag, a remote attacker could make the proxy
  connect to an arbitrary server, possibly disclosing sensitive information
  from internal web servers not directly accessible to the attacker.
  (CVE-2011-3368)

  Red Hat would like to thank Context Information Security for reporting this
  issue.

  This update also fixes the following bug:

  * The fix for CVE-2011-3192 provided by the RHSA-2011:1245 update
  introduced regressions in the way httpd handled certain Range HTTP header
  values. This update corrects those regressions. (BZ#736593, BZ#736594)

  All httpd users should upgrade to these updated packages, which contain
  backported patches to correct these issues. After installing the updated
  packages, the httpd daemon must be restarted for the update to take effect.");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";

if(release == "CentOS4")
{

  if ((res = isrpmvuln(pkg:"httpd", rpm:"httpd~2.0.52~49.ent.centos4", rls:"CentOS4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"httpd-devel", rpm:"httpd-devel~2.0.52~49.ent.centos4", rls:"CentOS4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"httpd-manual", rpm:"httpd-manual~2.0.52~49.ent.centos4", rls:"CentOS4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"httpd-suexec", rpm:"httpd-suexec~2.0.52~49.ent.centos4", rls:"CentOS4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"mod_ssl", rpm:"mod_ssl~2.0.52~49.ent.centos4", rls:"CentOS4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo