ID OPENVAS:860087 Type openvas Reporter Copyright (C) 2009 Greenbone Networks GmbH Modified 2017-07-10T00:00:00
Description
Check for the Version of httpd
###############################################################################
# OpenVAS Vulnerability Test
#
# Fedora Update for httpd FEDORA-2008-1695
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_affected = "httpd on Fedora 8";
tag_insight = "The Apache HTTP Server is a powerful, efficient, and extensible
web server.";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00562.html");
script_id(860087);
script_version("$Revision: 6623 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $");
script_tag(name:"creation_date", value:"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)");
script_tag(name:"cvss_base", value:"4.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_xref(name: "FEDORA", value: "2008-1695");
script_cve_id("CVE-2007-5000", "CVE-2007-6388", "CVE-2007-6421", "CVE-2007-6422", "CVE-2008-0005");
script_name( "Fedora Update for httpd FEDORA-2008-1695");
script_summary("Check for the Version of httpd");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
script_family("Fedora Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "FC8")
{
if ((res = isrpmvuln(pkg:"httpd", rpm:"httpd~2.2.8~1.fc8", rls:"FC8")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
{"id": "OPENVAS:860087", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for httpd FEDORA-2008-1695", "description": "Check for the Version of httpd", "published": "2009-02-16T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=860087", "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "references": ["2008-1695", "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00562.html"], "cvelist": ["CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "lastseen": "2017-07-25T10:56:00", "viewCount": 0, "enchantments": {"score": {"value": 6.5, "vector": "NONE", "modified": "2017-07-25T10:56:00", "rev": 2}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:850009", "OPENVAS:870034", "OPENVAS:1361412562310870034", "OPENVAS:1361412562310830581", "OPENVAS:1361412562310122617", "OPENVAS:860350", "OPENVAS:830581", "OPENVAS:136141256231060388", "OPENVAS:840304", "OPENVAS:60388"]}, {"type": "slackware", "idList": ["SSA-2008-045-02", "SSA-2008-210-02", "SSA-2008-045-01"]}, {"type": "redhat", "idList": ["RHSA-2008:0004", "RHSA-2008:0005", "RHSA-2008:0009", "RHSA-2008:0006", "RHSA-2008:0008", "RHSA-2008:0007"]}, {"type": "nessus", "idList": ["FEDORA_2008-1711.NASL", "ORACLELINUX_ELSA-2008-0008.NASL", "CENTOS_RHSA-2008-0008.NASL", "MANDRIVA_MDVSA-2008-016.NASL", "SUSE_APACHE2-5126.NASL", "FEDORA_2008-1695.NASL", "SUSE_APACHE2-5125.NASL", "SLACKWARE_SSA_2008-045-01.NASL", "APACHE_2_2_8.NASL", "SUSE_APACHE2-5128.NASL"]}, {"type": "fedora", "idList": ["FEDORA:M1G27PL9027710", "FEDORA:M1G2AYB4027912"]}, {"type": "cve", "idList": ["CVE-2007-5000", "CVE-2007-6388", "CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6422"]}, {"type": "centos", "idList": ["CESA-2008:0005", "CESA-2008:0004-01", "CESA-2008:0008", "CESA-2008:0006"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0008", "ELSA-2008-0005", "ELSA-2008-0006"]}, {"type": "suse", "idList": ["SUSE-SA:2008:021"]}, {"type": "ubuntu", "idList": ["USN-575-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:18846", "SECURITYVULNS:VULN:9450", "SECURITYVULNS:VULN:8559", "SECURITYVULNS:DOC:20904"]}, {"type": "f5", "idList": ["F5:K8186", "SOL8186"]}, {"type": "seebug", "idList": ["SSV:2820"]}, {"type": "vmware", "idList": ["VMSA-2009-0010"]}, {"type": "gentoo", "idList": ["GLSA-200803-19"]}], "modified": "2017-07-25T10:56:00", "rev": 2}, "vulnersScore": 6.5}, "pluginID": "860087", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for httpd FEDORA-2008-1695\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"httpd on Fedora 8\";\ntag_insight = \"The Apache HTTP Server is a powerful, efficient, and extensible\n web server.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00562.html\");\n script_id(860087);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2008-1695\");\n script_cve_id(\"CVE-2007-5000\", \"CVE-2007-6388\", \"CVE-2007-6421\", \"CVE-2007-6422\", \"CVE-2008-0005\");\n script_name( \"Fedora Update for httpd FEDORA-2008-1695\");\n\n script_summary(\"Check for the Version of httpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.8~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks"}
{"openvas": [{"lastseen": "2017-07-24T12:56:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "description": "Check for the Version of apache", "modified": "2017-07-06T00:00:00", "published": "2009-04-09T00:00:00", "id": "OPENVAS:830581", "href": "http://plugins.openvas.org/nasl.php?oid=830581", "type": "openvas", "title": "Mandriva Update for apache MDVSA-2008:016 (apache)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for apache MDVSA-2008:016 (apache)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities were found and fixed in the Apache 2.2.x\n packages:\n\n A flaw found in the mod_imagemap module could lead to a cross-site\n scripting attack on sites where mod_imagemap was enabled and an\n imagemap file was publicly available (CVE-2007-5000).\n \n A flaw found in the mod_status module could lead to a cross-site\n scripting attack on sites where mod_status was enabled and the status\n pages were publicly available (CVE-2007-6388).\n \n A flaw found in the mod_proxy_balancer module could lead to a\n cross-site scripting attack against an authorized user on sites where\n mod_proxy_balancer was enabled (CVE-2007-6421).\n \n Another flaw in the mod_proxy_balancer module was found where,\n on sites with the module enabled, an authorized user could send a\n carefully crafted request that would cause the apache child process\n handling the request to crash, which could lead to a denial of service\n if using a threaded MPM (CVE-2007-6422).\n \n A flaw found in the mod_proxy_ftp module could lead to a cross-site\n scripting attack against web browsers which do not correctly derive\n the response character set following the rules in RFC 2616, on sites\n where the mod_proxy_ftp module was enabled (CVE-2008-0005).\n \n The updated packages have been patched to correct these issues.\";\n\ntag_affected = \"apache on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-01/msg00027.php\");\n script_id(830581);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"MDVSA\", value: \"2008:016\");\n script_cve_id(\"CVE-2007-5000\", \"CVE-2007-6388\", \"CVE-2007-6421\", \"CVE-2007-6422\", \"CVE-2008-0005\");\n script_name( \"Mandriva Update for apache MDVSA-2008:016 (apache)\");\n\n script_summary(\"Check for the Version of apache\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-base\", rpm:\"apache-base~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-htcacheclean\", rpm:\"apache-htcacheclean~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_authn_dbd\", rpm:\"apache-mod_authn_dbd~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_cache\", rpm:\"apache-mod_cache~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dav\", rpm:\"apache-mod_dav~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dbd\", rpm:\"apache-mod_dbd~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_deflate\", rpm:\"apache-mod_deflate~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_disk_cache\", rpm:\"apache-mod_disk_cache~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_file_cache\", rpm:\"apache-mod_file_cache~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_ldap\", rpm:\"apache-mod_ldap~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_mem_cache\", rpm:\"apache-mod_mem_cache~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_proxy\", rpm:\"apache-mod_proxy~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_proxy_ajp\", rpm:\"apache-mod_proxy_ajp~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_ssl\", rpm:\"apache-mod_ssl~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_userdir\", rpm:\"apache-mod_userdir~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-modules\", rpm:\"apache-modules~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-event\", rpm:\"apache-mpm-event~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-itk\", rpm:\"apache-mpm-itk~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-prefork\", rpm:\"apache-mpm-prefork~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-worker\", rpm:\"apache-mpm-worker~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-source\", rpm:\"apache-source~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache\", rpm:\"apache~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-base\", rpm:\"apache-base~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-htcacheclean\", rpm:\"apache-htcacheclean~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_authn_dbd\", rpm:\"apache-mod_authn_dbd~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_cache\", rpm:\"apache-mod_cache~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dav\", rpm:\"apache-mod_dav~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dbd\", rpm:\"apache-mod_dbd~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_deflate\", rpm:\"apache-mod_deflate~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_disk_cache\", rpm:\"apache-mod_disk_cache~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_file_cache\", rpm:\"apache-mod_file_cache~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_ldap\", rpm:\"apache-mod_ldap~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_mem_cache\", rpm:\"apache-mod_mem_cache~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_proxy\", rpm:\"apache-mod_proxy~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_proxy_ajp\", rpm:\"apache-mod_proxy_ajp~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_ssl\", rpm:\"apache-mod_ssl~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_userdir\", rpm:\"apache-mod_userdir~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-modules\", rpm:\"apache-modules~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-prefork\", rpm:\"apache-mpm-prefork~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-worker\", rpm:\"apache-mpm-worker~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-source\", rpm:\"apache-source~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache\", rpm:\"apache~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-base\", rpm:\"apache-base~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-htcacheclean\", rpm:\"apache-htcacheclean~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_authn_dbd\", rpm:\"apache-mod_authn_dbd~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_cache\", rpm:\"apache-mod_cache~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dav\", rpm:\"apache-mod_dav~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dbd\", rpm:\"apache-mod_dbd~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_deflate\", rpm:\"apache-mod_deflate~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_disk_cache\", rpm:\"apache-mod_disk_cache~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_file_cache\", rpm:\"apache-mod_file_cache~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_ldap\", rpm:\"apache-mod_ldap~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_mem_cache\", rpm:\"apache-mod_mem_cache~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_proxy\", rpm:\"apache-mod_proxy~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_proxy_ajp\", rpm:\"apache-mod_proxy_ajp~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_ssl\", rpm:\"apache-mod_ssl~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_userdir\", rpm:\"apache-mod_userdir~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-modules\", rpm:\"apache-modules~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-event\", rpm:\"apache-mpm-event~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-itk\", rpm:\"apache-mpm-itk~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-prefork\", rpm:\"apache-mpm-prefork~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-worker\", rpm:\"apache-mpm-worker~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-source\", rpm:\"apache-source~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache\", rpm:\"apache~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "description": "The remote host is missing an update as announced\nvia advisory SSA:2008-045-01.", "modified": "2019-03-15T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:136141256231060388", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231060388", "type": "openvas", "title": "Slackware Advisory SSA:2008-045-01 httpd", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2008_045_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.60388\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_cve_id(\"CVE-2007-6421\", \"CVE-2007-6422\", \"CVE-2007-6388\", \"CVE-2007-5000\", \"CVE-2008-0005\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2008-045-01 httpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK12\\.0\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2008-045-01\");\n\n script_tag(name:\"insight\", value:\"New httpd packages are available for Slackware 12.0, and -current to\nfix security issues.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2008-045-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"httpd\", ver:\"2.2.8-i486-1_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2017-07-24T12:50:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "description": "The remote host is missing an update as announced\nvia advisory SSA:2008-045-01.", "modified": "2017-07-07T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:60388", "href": "http://plugins.openvas.org/nasl.php?oid=60388", "type": "openvas", "title": "Slackware Advisory SSA:2008-045-01 httpd", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2008_045_01.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New httpd packages are available for Slackware 12.0, and -current to\nfix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2008-045-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2008-045-01\";\n \nif(description)\n{\n script_id(60388);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2007-6421\", \"CVE-2007-6422\", \"CVE-2007-6388\", \"CVE-2007-5000\", \"CVE-2008-0005\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_version(\"$Revision: 6598 $\");\n name = \"Slackware Advisory SSA:2008-045-01 httpd \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"httpd\", ver:\"2.2.8-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-04-09T11:40:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "description": "Check for the Version of apache", "modified": "2018-04-06T00:00:00", "published": "2009-04-09T00:00:00", "id": "OPENVAS:1361412562310830581", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830581", "type": "openvas", "title": "Mandriva Update for apache MDVSA-2008:016 (apache)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for apache MDVSA-2008:016 (apache)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities were found and fixed in the Apache 2.2.x\n packages:\n\n A flaw found in the mod_imagemap module could lead to a cross-site\n scripting attack on sites where mod_imagemap was enabled and an\n imagemap file was publicly available (CVE-2007-5000).\n \n A flaw found in the mod_status module could lead to a cross-site\n scripting attack on sites where mod_status was enabled and the status\n pages were publicly available (CVE-2007-6388).\n \n A flaw found in the mod_proxy_balancer module could lead to a\n cross-site scripting attack against an authorized user on sites where\n mod_proxy_balancer was enabled (CVE-2007-6421).\n \n Another flaw in the mod_proxy_balancer module was found where,\n on sites with the module enabled, an authorized user could send a\n carefully crafted request that would cause the apache child process\n handling the request to crash, which could lead to a denial of service\n if using a threaded MPM (CVE-2007-6422).\n \n A flaw found in the mod_proxy_ftp module could lead to a cross-site\n scripting attack against web browsers which do not correctly derive\n the response character set following the rules in RFC 2616, on sites\n where the mod_proxy_ftp module was enabled (CVE-2008-0005).\n \n The updated packages have been patched to correct these issues.\";\n\ntag_affected = \"apache on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-01/msg00027.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830581\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"MDVSA\", value: \"2008:016\");\n script_cve_id(\"CVE-2007-5000\", \"CVE-2007-6388\", \"CVE-2007-6421\", \"CVE-2007-6422\", \"CVE-2008-0005\");\n script_name( \"Mandriva Update for apache MDVSA-2008:016 (apache)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of apache\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-base\", rpm:\"apache-base~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-htcacheclean\", rpm:\"apache-htcacheclean~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_authn_dbd\", rpm:\"apache-mod_authn_dbd~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_cache\", rpm:\"apache-mod_cache~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dav\", rpm:\"apache-mod_dav~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dbd\", rpm:\"apache-mod_dbd~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_deflate\", rpm:\"apache-mod_deflate~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_disk_cache\", rpm:\"apache-mod_disk_cache~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_file_cache\", rpm:\"apache-mod_file_cache~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_ldap\", rpm:\"apache-mod_ldap~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_mem_cache\", rpm:\"apache-mod_mem_cache~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_proxy\", rpm:\"apache-mod_proxy~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_proxy_ajp\", rpm:\"apache-mod_proxy_ajp~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_ssl\", rpm:\"apache-mod_ssl~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_userdir\", rpm:\"apache-mod_userdir~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-modules\", rpm:\"apache-modules~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-event\", rpm:\"apache-mpm-event~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-itk\", rpm:\"apache-mpm-itk~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-prefork\", rpm:\"apache-mpm-prefork~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-worker\", rpm:\"apache-mpm-worker~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-source\", rpm:\"apache-source~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache\", rpm:\"apache~2.2.4~6.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-base\", rpm:\"apache-base~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-htcacheclean\", rpm:\"apache-htcacheclean~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_authn_dbd\", rpm:\"apache-mod_authn_dbd~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_cache\", rpm:\"apache-mod_cache~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dav\", rpm:\"apache-mod_dav~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dbd\", rpm:\"apache-mod_dbd~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_deflate\", rpm:\"apache-mod_deflate~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_disk_cache\", rpm:\"apache-mod_disk_cache~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_file_cache\", rpm:\"apache-mod_file_cache~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_ldap\", rpm:\"apache-mod_ldap~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_mem_cache\", rpm:\"apache-mod_mem_cache~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_proxy\", rpm:\"apache-mod_proxy~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_proxy_ajp\", rpm:\"apache-mod_proxy_ajp~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_ssl\", rpm:\"apache-mod_ssl~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_userdir\", rpm:\"apache-mod_userdir~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-modules\", rpm:\"apache-modules~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-prefork\", rpm:\"apache-mpm-prefork~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-worker\", rpm:\"apache-mpm-worker~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-source\", rpm:\"apache-source~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache\", rpm:\"apache~2.2.3~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-base\", rpm:\"apache-base~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-htcacheclean\", rpm:\"apache-htcacheclean~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_authn_dbd\", rpm:\"apache-mod_authn_dbd~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_cache\", rpm:\"apache-mod_cache~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dav\", rpm:\"apache-mod_dav~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_dbd\", rpm:\"apache-mod_dbd~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_deflate\", rpm:\"apache-mod_deflate~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_disk_cache\", rpm:\"apache-mod_disk_cache~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_file_cache\", rpm:\"apache-mod_file_cache~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_ldap\", rpm:\"apache-mod_ldap~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_mem_cache\", rpm:\"apache-mod_mem_cache~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_proxy\", rpm:\"apache-mod_proxy~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_proxy_ajp\", rpm:\"apache-mod_proxy_ajp~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_ssl\", rpm:\"apache-mod_ssl~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_userdir\", rpm:\"apache-mod_userdir~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-modules\", rpm:\"apache-modules~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-event\", rpm:\"apache-mpm-event~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-itk\", rpm:\"apache-mpm-itk~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-prefork\", rpm:\"apache-mpm-prefork~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mpm-worker\", rpm:\"apache-mpm-worker~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-source\", rpm:\"apache-source~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache\", rpm:\"apache~2.2.6~8.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-27T10:56:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4465", "CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "description": "Check for the Version of httpd", "modified": "2017-07-12T00:00:00", "published": "2009-03-06T00:00:00", "id": "OPENVAS:870034", "href": "http://plugins.openvas.org/nasl.php?oid=870034", "type": "openvas", "title": "RedHat Update for httpd RHSA-2008:0008-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for httpd RHSA-2008:0008-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache HTTP Server is a popular Web server.\n\n A flaw was found in the mod_imagemap module. On sites where mod_imagemap\n was enabled and an imagemap file was publicly available, a cross-site\n scripting attack was possible. (CVE-2007-5000)\n \n A flaw was found in the mod_autoindex module. On sites where directory\n listings are used, and the "AddDefaultCharset" directive has been removed\n from the configuration, a cross-site scripting attack might have been\n possible against Web browsers which do not correctly derive the response\n character set following the rules in RFC 2616. (CVE-2007-4465)\n \n A flaw was found in the mod_status module. On sites where mod_status was\n enabled and the status pages were publicly available, a cross-site\n scripting attack was possible. (CVE-2007-6388)\n \n A flaw was found in the mod_proxy_balancer module. On sites where\n mod_proxy_balancer was enabled, a cross-site scripting attack against an\n authorized user was possible. (CVE-2007-6421)\n \n A flaw was found in the mod_proxy_balancer module. On sites where\n mod_proxy_balancer was enabled, an authorized user could send a carefully\n crafted request that would cause the Apache child process handling that\n request to crash. This could lead to a denial of service if using a\n threaded Multi-Processing Module. (CVE-2007-6422) \n \n A flaw was found in the mod_proxy_ftp module. On sites where mod_proxy_ftp\n was enabled and a forward proxy was configured, a cross-site scripting\n attack was possible against Web browsers which do not correctly derive the\n response character set following the rules in RFC 2616. (CVE-2008-0005)\n \n Users of Apache httpd should upgrade to these updated packages, which\n contain backported patches to resolve these issues. Users should restart\n httpd after installing this update.\";\n\ntag_affected = \"httpd on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-January/msg00009.html\");\n script_id(870034);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"RHSA\", value: \"2008:0008-01\");\n script_cve_id(\"CVE-2007-4465\", \"CVE-2007-5000\", \"CVE-2007-6388\", \"CVE-2007-6421\", \"CVE-2007-6422\", \"CVE-2008-0005\");\n script_name( \"RedHat Update for httpd RHSA-2008:0008-01\");\n\n script_summary(\"Check for the Version of httpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.3~11.el5_1.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.2.3~11.el5_1.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.3~11.el5_1.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.3~11.el5_1.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.3~11.el5_1.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-04-09T11:40:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4465", "CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "description": "Check for the Version of httpd", "modified": "2018-04-06T00:00:00", "published": "2009-03-06T00:00:00", "id": "OPENVAS:1361412562310870034", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870034", "type": "openvas", "title": "RedHat Update for httpd RHSA-2008:0008-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for httpd RHSA-2008:0008-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache HTTP Server is a popular Web server.\n\n A flaw was found in the mod_imagemap module. On sites where mod_imagemap\n was enabled and an imagemap file was publicly available, a cross-site\n scripting attack was possible. (CVE-2007-5000)\n \n A flaw was found in the mod_autoindex module. On sites where directory\n listings are used, and the "AddDefaultCharset" directive has been removed\n from the configuration, a cross-site scripting attack might have been\n possible against Web browsers which do not correctly derive the response\n character set following the rules in RFC 2616. (CVE-2007-4465)\n \n A flaw was found in the mod_status module. On sites where mod_status was\n enabled and the status pages were publicly available, a cross-site\n scripting attack was possible. (CVE-2007-6388)\n \n A flaw was found in the mod_proxy_balancer module. On sites where\n mod_proxy_balancer was enabled, a cross-site scripting attack against an\n authorized user was possible. (CVE-2007-6421)\n \n A flaw was found in the mod_proxy_balancer module. On sites where\n mod_proxy_balancer was enabled, an authorized user could send a carefully\n crafted request that would cause the Apache child process handling that\n request to crash. This could lead to a denial of service if using a\n threaded Multi-Processing Module. (CVE-2007-6422) \n \n A flaw was found in the mod_proxy_ftp module. On sites where mod_proxy_ftp\n was enabled and a forward proxy was configured, a cross-site scripting\n attack was possible against Web browsers which do not correctly derive the\n response character set following the rules in RFC 2616. (CVE-2008-0005)\n \n Users of Apache httpd should upgrade to these updated packages, which\n contain backported patches to resolve these issues. Users should restart\n httpd after installing this update.\";\n\ntag_affected = \"httpd on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-January/msg00009.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870034\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"RHSA\", value: \"2008:0008-01\");\n script_cve_id(\"CVE-2007-4465\", \"CVE-2007-5000\", \"CVE-2007-6388\", \"CVE-2007-6421\", \"CVE-2007-6422\", \"CVE-2008-0005\");\n script_name( \"RedHat Update for httpd RHSA-2008:0008-01\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of httpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.3~11.el5_1.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.2.3~11.el5_1.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.3~11.el5_1.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.3~11.el5_1.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.3~11.el5_1.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:36:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4465", "CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "description": "Oracle Linux Local Security Checks ELSA-2008-0008", "modified": "2018-09-28T00:00:00", "published": "2015-10-08T00:00:00", "id": "OPENVAS:1361412562310122617", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122617", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2008-0008", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2008-0008.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122617\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:49:28 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2008-0008\");\n script_tag(name:\"insight\", value:\"ELSA-2008-0008 - Moderate: httpd security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2008-0008\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2008-0008.html\");\n script_cve_id(\"CVE-2007-4465\", \"CVE-2007-5000\", \"CVE-2007-6388\", \"CVE-2007-6421\", \"CVE-2007-6422\", \"CVE-2008-0005\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.3~11.el5_1.3.0.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.3~11.el5_1.3.0.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.3~11.el5_1.3.0.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.3~11.el5_1.3.0.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2017-12-12T11:20:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-3918", "CVE-2007-6203", "CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "description": "Check for the Version of apache2,apache", "modified": "2017-12-08T00:00:00", "published": "2009-01-23T00:00:00", "id": "OPENVAS:850009", "href": "http://plugins.openvas.org/nasl.php?oid=850009", "type": "openvas", "title": "SuSE Update for apache2,apache SUSE-SA:2008:021", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2008_021.nasl 8050 2017-12-08 09:34:29Z santu $\n#\n# SuSE Update for apache2,apache SUSE-SA:2008:021\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Various minor bugs have been fixed in the Apache 1 and\n Apache 2 web servers and released as a roll-up update.\n\n Security problems that were fixed include:\n\n - cross site scripting problem when processing the 'Expect' header\n CVE-2006-3918 (Apache 1 only)\n\n - cross site scripting problem in mod_imap CVE-2007-5000\n (Apache 1 and 2)\n\n - cross site scripting problem in mod_status CVE-2007-6388\n (Apache 1 and 2)\n\n - cross site scripting problem in the ftp proxy module CVE-2008-0005\n (Apache 1 and 2)\n\n - cross site scripting problem in the error page for status code 413\n CVE-2007-6203 (Apache 2)\n\n - cross site scripting problem in mod_proxy_balancer\n CVE-2007-6421 (Apache 2)\n\n - A flaw in mod_proxy_balancer allowed attackers to crash apache\n CVE-2007-6422 (Apache 2)\";\n\ntag_impact = \"cross site scripting\";\ntag_affected = \"apache2,apache on SUSE LINUX 10.1, openSUSE 10.2, openSUSE 10.3, SUSE SLES 9, Novell Linux Desktop 9 SDK, Novell Linux Desktop 9, Open Enterprise Server, Novell Linux POS 9, SLE SDK 10 SP1, SUSE Linux Enterprise Server 10 SP1\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850009);\n script_version(\"$Revision: 8050 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 10:34:29 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-23 16:44:26 +0100 (Fri, 23 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"SUSE-SA\", value: \"2008-021\");\n script_cve_id(\"CVE-2006-3918\", \"CVE-2007-5000\", \"CVE-2007-6203\", \"CVE-2007-6388\", \"CVE-2007-6421\", \"CVE-2007-6422\", \"CVE-2008-0005\");\n script_name( \"SuSE Update for apache2,apache SUSE-SA:2008:021\");\n\n script_summary(\"Check for the Version of apache2,apache\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE10.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.4~70.4\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.4~70.4\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.4~70.4\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.4~70.4\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.4~70.4\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-utils\", rpm:\"apache2-utils~2.2.4~70.4\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.4~70.4\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"openSUSE10.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.3~24\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.3~24\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.3~24\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.3~24\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.3~24\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.3~24\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"NLDk9\")\n{\n\n if ((res = isrpmvuln(pkg:\"libapr0\", rpm:\"libapr0~2.0.59~1.8\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.0.59~1.8\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.0.59~1.8\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.0.59~1.8\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.0.59~1.8\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.0.59~1.8\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.0.59~1.8\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"OES\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache\", rpm:\"apache~1.3.29~71.26\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~1.3.29~71.26\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-doc\", rpm:\"apache-doc~1.3.29~71.26\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-example-pages\", rpm:\"apache-example-pages~1.3.29~71.26\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.8.16~71.26\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libapr0\", rpm:\"libapr0~2.0.59~1.8\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.0.59~1.8\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.0.59~1.8\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.0.59~1.8\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.0.59~1.8\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.0.59~1.8\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.0.59~1.8\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLES9\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache\", rpm:\"apache~1.3.29~71.26\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~1.3.29~71.26\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-doc\", rpm:\"apache-doc~1.3.29~71.26\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-example-pages\", rpm:\"apache-example-pages~1.3.29~71.26\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.8.16~71.26\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libapr0\", rpm:\"libapr0~2.0.59~1.8\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.0.59~1.8\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.0.59~1.8\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.0.59~1.8\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.0.59~1.8\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.0.59~1.8\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.0.59~1.8\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"NLDk9SDK\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache\", rpm:\"apache~1.3.29~71.26\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~1.3.29~71.26\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-doc\", rpm:\"apache-doc~1.3.29~71.26\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-example-pages\", rpm:\"apache-example-pages~1.3.29~71.26\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.8.16~71.26\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libapr0\", rpm:\"libapr0~2.0.59~1.8\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.0.59~1.8\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.0.59~1.8\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.0.59~1.8\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.0.59~1.8\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.0.59~1.8\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.0.59~1.8\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"LES10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.3~16.17.3\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.3~16.17.3\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.3~16.17.3\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.3~16.17.3\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.3~16.17.3\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.3~16.17.3\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLESDK10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.3~16.17.3\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.3~16.17.3\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.3~16.17.3\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.3~16.17.3\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.3~16.17.3\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.3~16.17.3\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SL10.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.3~16.17.3\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.3~16.17.3\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.3~16.17.3\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.3~16.17.3\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.3~16.17.3\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.3~16.17.3\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"NLPOS9\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache\", rpm:\"apache~1.3.29~71.26\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~1.3.29~71.26\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-doc\", rpm:\"apache-doc~1.3.29~71.26\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-example-pages\", rpm:\"apache-example-pages~1.3.29~71.26\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.8.16~71.26\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libapr0\", rpm:\"libapr0~2.0.59~1.8\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.0.59~1.8\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.0.59~1.8\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.0.59~1.8\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.0.59~1.8\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.0.59~1.8\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.0.59~1.8\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-12-04T11:29:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-3918", "CVE-2007-4465", "CVE-2008-0005", "CVE-2007-6421", "CVE-2007-3847", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-575-1", "modified": "2017-12-01T00:00:00", "published": "2009-03-23T00:00:00", "id": "OPENVAS:840304", "href": "http://plugins.openvas.org/nasl.php?oid=840304", "type": "openvas", "title": "Ubuntu Update for apache2 vulnerabilities USN-575-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_575_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for apache2 vulnerabilities USN-575-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that Apache did not sanitize the Expect header from\n an HTTP request when it is reflected back in an error message, which\n could result in browsers becoming vulnerable to cross-site scripting\n attacks when processing the output. With cross-site scripting\n vulnerabilities, if a user were tricked into viewing server output\n during a crafted server request, a remote attacker could exploit this\n to modify the contents, or steal confidential data (such as passwords),\n within the same domain. This was only vulnerable in Ubuntu 6.06.\n (CVE-2006-3918)\n\n It was discovered that when configured as a proxy server and using a\n threaded MPM, Apache did not properly sanitize its input. A remote\n attacker could send Apache crafted date headers and cause a denial of\n service via application crash. By default, mod_proxy is disabled in\n Ubuntu. (CVE-2007-3847)\n \n It was discovered that mod_autoindex did not force a character set,\n which could result in browsers becoming vulnerable to cross-site\n scripting attacks when processing the output. (CVE-2007-4465)\n \n It was discovered that mod_imap/mod_imagemap did not force a\n character set, which could result in browsers becoming vulnerable\n to cross-site scripting attacks when processing the output. By\n default, mod_imap/mod_imagemap is disabled in Ubuntu. (CVE-2007-5000)\n \n It was discovered that mod_status when status pages were available,\n allowed for cross-site scripting attacks. By default, mod_status is\n disabled in Ubuntu. (CVE-2007-6388)\n \n It was discovered that mod_proxy_balancer did not sanitize its input,\n which could result in browsers becoming vulnerable to cross-site\n scripting attacks when processing the output. By default,\n mod_proxy_balancer is disabled in Ubuntu. This was only vulnerable\n in Ubuntu 7.04 and 7.10. (CVE-2007-6421)\n \n It was discovered that mod_proxy_balancer could be made to\n dereference a NULL pointer. A remote attacker could send a crafted\n request and cause a denial of service via application crash. By\n default, mod_proxy_balancer is disabled in Ubuntu. This was only\n vulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-6422)\n \n It was discovered that mod_proxy_ftp did not force a character set,\n which could result in browsers becoming vulnerable to cross-site\n scripting attacks when processing the output. By default,\n mod_proxy_ftp is disabled in Ubuntu. (CVE-2008-0005)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-575-1\";\ntag_affected = \"apache2 vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 6.10 ,\n Ubuntu 7.04 ,\n Ubuntu 7.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-575-1/\");\n script_id(840304);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"USN\", value: \"575-1\");\n script_cve_id(\"CVE-2006-3918\", \"CVE-2007-3847\", \"CVE-2007-4465\", \"CVE-2007-5000\", \"CVE-2007-6388\", \"CVE-2007-6421\", \"CVE-2007-6422\", \"CVE-2008-0005\");\n script_name( \"Ubuntu Update for apache2 vulnerabilities USN-575-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU7.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.3-3.2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.3-3.2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.3-3.2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.3-3.2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.3-3.2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.3-3.2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.3-3.2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.3-3.2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-perchild\", ver:\"2.2.3-3.2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-src\", ver:\"2.2.3-3.2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.3-3.2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2-common\", ver:\"2.0.55-4ubuntu2.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-perchild\", ver:\"2.0.55-4ubuntu2.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.0.55-4ubuntu2.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.0.55-4ubuntu2.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.0.55-4ubuntu2.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.0.55-4ubuntu2.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.0.55-4ubuntu2.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.0.55-4ubuntu2.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapr0-dev\", ver:\"2.0.55-4ubuntu2.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapr0\", ver:\"2.0.55-4ubuntu2.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.0.55-4ubuntu2.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2-common\", ver:\"2.0.55-4ubuntu4.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-perchild\", ver:\"2.0.55-4ubuntu4.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.0.55-4ubuntu4.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.0.55-4ubuntu4.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.0.55-4ubuntu4.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.0.55-4ubuntu4.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.0.55-4ubuntu4.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.0.55-4ubuntu4.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapr0-dev\", ver:\"2.0.55-4ubuntu4.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapr0\", ver:\"2.0.55-4ubuntu4.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.0.55-4ubuntu4.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU7.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.4-3ubuntu0.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.4-3ubuntu0.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.4-3ubuntu0.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.4-3ubuntu0.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.4-3ubuntu0.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.4-3ubuntu0.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.4-3ubuntu0.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.4-3ubuntu0.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-mpm-perchild\", ver:\"2.2.4-3ubuntu0.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2-src\", ver:\"2.2.4-3ubuntu0.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.4-3ubuntu0.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0005", "CVE-2007-3304", "CVE-2007-6421", "CVE-2006-5752", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-1862", "CVE-2007-6422", "CVE-2007-1863"], "description": "Check for the Version of httpd", "modified": "2017-07-10T00:00:00", "published": "2009-02-16T00:00:00", "id": "OPENVAS:860350", "href": "http://plugins.openvas.org/nasl.php?oid=860350", "type": "openvas", "title": "Fedora Update for httpd FEDORA-2008-1711", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for httpd FEDORA-2008-1711\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"httpd on Fedora 7\";\ntag_insight = \"The Apache HTTP Server is a powerful, efficient, and extensible\n web server.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00541.html\");\n script_id(860350);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-1711\");\n script_cve_id(\"CVE-2007-5000\", \"CVE-2007-6388\", \"CVE-2007-6421\", \"CVE-2007-6422\", \"CVE-2008-0005\", \"CVE-2007-1863\", \"CVE-2007-3304\", \"CVE-2006-5752\", \"CVE-2007-1862\");\n script_name( \"Fedora Update for httpd FEDORA-2008-1711\");\n\n script_summary(\"Check for the Version of httpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.8~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "redhat": [{"lastseen": "2019-08-13T18:47:10", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5000", "CVE-2007-6388", "CVE-2007-6421", "CVE-2007-6422", "CVE-2008-0005"], "description": "The Apache HTTP Server is a popular and freely-available Web server.\r\n\r\nThese updated httpd packages resolve the following security issues:\r\n\r\nA flaw was found in the mod_imagemap module. On sites where mod_imagemap\r\nwas enabled and an imagemap file was publicly available, a cross-site\r\nscripting attack was possible. (CVE-2007-5000)\r\n\r\nA flaw was found in the mod_status module. On sites where mod_status was\r\nenabled and the status pages were publicly accessible, a cross-site\r\nscripting attack was possible. (CVE-2007-6388)\r\n\r\nA flaw was found in the mod_proxy_balancer module. On sites where\r\nmod_proxy_balancer was enabled, a cross-site scripting attack against an\r\nauthorized user was possible. (CVE-2007-6421)\r\n\r\nA flaw was found in the mod_proxy_balancer module. On sites where\r\nmod_proxy_balancer was enabled, an authorized user could send a carefully\r\ncrafted request that would cause the Apache child process handling that\r\nrequest to crash. This could lead to a denial of service if using a\r\nthreaded Multi-Processing Module. (CVE-2007-6422)\r\n\r\nA flaw was found in the mod_proxy_ftp module. On sites where mod_proxy_ftp\r\nwas enabled and a forward proxy was configured, a cross-site scripting\r\nattack was possible against browsers which do not correctly derive the\r\nresponse character set following the rules in RFC 2616. (CVE-2008-0005)\r\n\r\nUsers of httpd should upgrade to these updated packages, which contain\r\nbackported patches to correct these issues. Users should restart httpd\r\nafter installing this update.", "modified": "2019-03-22T23:44:46", "published": "2008-01-21T05:00:00", "id": "RHSA-2008:0009", "href": "https://access.redhat.com/errata/RHSA-2008:0009", "type": "redhat", "title": "(RHSA-2008:0009) Moderate: httpd security update", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-08-13T18:44:58", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4465", "CVE-2007-5000", "CVE-2007-6388", "CVE-2007-6421", "CVE-2007-6422", "CVE-2008-0005"], "description": "The Apache HTTP Server is a popular Web server.\r\n\r\nA flaw was found in the mod_imagemap module. On sites where mod_imagemap\r\nwas enabled and an imagemap file was publicly available, a cross-site\r\nscripting attack was possible. (CVE-2007-5000)\r\n\r\nA flaw was found in the mod_autoindex module. On sites where directory\r\nlistings are used, and the \"AddDefaultCharset\" directive has been removed\r\nfrom the configuration, a cross-site scripting attack might have been\r\npossible against Web browsers which do not correctly derive the response\r\ncharacter set following the rules in RFC 2616. (CVE-2007-4465)\r\n\r\nA flaw was found in the mod_status module. On sites where mod_status was\r\nenabled and the status pages were publicly available, a cross-site\r\nscripting attack was possible. (CVE-2007-6388)\r\n\r\nA flaw was found in the mod_proxy_balancer module. On sites where\r\nmod_proxy_balancer was enabled, a cross-site scripting attack against an\r\nauthorized user was possible. (CVE-2007-6421)\r\n\r\nA flaw was found in the mod_proxy_balancer module. On sites where\r\nmod_proxy_balancer was enabled, an authorized user could send a carefully\r\ncrafted request that would cause the Apache child process handling that\r\nrequest to crash. This could lead to a denial of service if using a\r\nthreaded Multi-Processing Module. (CVE-2007-6422) \r\n\r\nA flaw was found in the mod_proxy_ftp module. On sites where mod_proxy_ftp\r\nwas enabled and a forward proxy was configured, a cross-site scripting\r\nattack was possible against Web browsers which do not correctly derive the\r\nresponse character set following the rules in RFC 2616. (CVE-2008-0005)\r\n\r\nUsers of Apache httpd should upgrade to these updated packages, which\r\ncontain backported patches to resolve these issues. Users should restart\r\nhttpd after installing this update.", "modified": "2017-09-08T12:20:17", "published": "2008-01-15T05:00:00", "id": "RHSA-2008:0008", "href": "https://access.redhat.com/errata/RHSA-2008:0008", "type": "redhat", "title": "(RHSA-2008:0008) Moderate: httpd security update", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-08-13T18:46:51", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5000", "CVE-2007-6388", "CVE-2008-0005"], "description": "The Apache HTTP Server is a popular Web server.\r\n\r\nA flaw was found in the mod_imagemap module. On sites where mod_imagemap\r\nwas enabled and an imagemap file was publicly available, a cross-site\r\nscripting attack was possible. (CVE-2007-5000)\r\n\r\nA flaw was found in the mod_status module. On sites where mod_status was\r\nenabled and the status pages were publicly accessible, a cross-site\r\nscripting attack was possible. (CVE-2007-6388)\r\n\r\nA flaw was found in the mod_proxy_ftp module. On sites where\r\nmod_proxy_ftp was enabled and a forward proxy was configured, a\r\ncross-site scripting attack was possible against browsers which do not\r\ncorrectly derive the response character set following the rules in RFC\r\n2616. (CVE-2008-0005)\r\n\r\nUsers of httpd should upgrade to these updated packages, which contain\r\nbackported patches to correct these issues. Users should restart httpd\r\nafter installing this update.", "modified": "2019-03-22T23:44:12", "published": "2008-01-15T05:00:00", "id": "RHSA-2008:0007", "href": "https://access.redhat.com/errata/RHSA-2008:0007", "type": "redhat", "title": "(RHSA-2008:0007) Moderate: httpd security update", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-08-13T18:46:39", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4465", "CVE-2007-5000", "CVE-2007-6388", "CVE-2008-0005"], "description": "The Apache HTTP Server is a popular Web server.\r\n\r\nA flaw was found in the mod_imap module. On sites where mod_imap was\r\nenabled and an imagemap file was publicly available, a cross-site scripting\r\nattack was possible. (CVE-2007-5000)\r\n\r\nA flaw was found in the mod_autoindex module. On sites where directory\r\nlistings are used, and the \"AddDefaultCharset\" directive has been removed\r\nfrom the configuration, a cross-site scripting attack was possible against\r\nWeb browsers which do not correctly derive the response character set\r\nfollowing the rules in RFC 2616. (CVE-2007-4465)\r\n\r\nA flaw was found in the mod_status module. On sites where mod_status was\r\nenabled and the status pages were publicly available, a cross-site\r\nscripting attack was possible. (CVE-2007-6388)\r\n\r\nA flaw was found in the mod_proxy_ftp module. On sites where mod_proxy_ftp\r\nwas enabled and a forward proxy was configured, a cross-site scripting\r\nattack was possible against Web browsers which do not correctly derive the\r\nresponse character set following the rules in RFC 2616. (CVE-2008-0005)\r\n\r\nUsers of Apache httpd should upgrade to these updated packages, which\r\ncontain backported patches to resolve these issues. Users should restart\r\nhttpd after installing this update.", "modified": "2017-09-08T11:56:13", "published": "2008-01-15T05:00:00", "id": "RHSA-2008:0006", "href": "https://access.redhat.com/errata/RHSA-2008:0006", "type": "redhat", "title": "(RHSA-2008:0006) Moderate: httpd security update", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-08-13T18:45:25", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4465", "CVE-2007-5000", "CVE-2007-6388", "CVE-2008-0005"], "description": "The Apache HTTP Server is a popular Web server.\r\n\r\nA flaw was found in the mod_imap module. On sites where mod_imap was\r\nenabled and an imagemap file was publicly available, a cross-site scripting\r\nattack was possible. (CVE-2007-5000)\r\n\r\nA flaw was found in the mod_autoindex module. On sites where directory\r\nlistings are used, and the \"AddDefaultCharset\" directive has been removed\r\nfrom the configuration, a cross-site scripting attack was possible against\r\nWeb browsers which did not correctly derive the response character set\r\nfollowing the rules in RFC 2616. (CVE-2007-4465)\r\n\r\nA flaw was found in the mod_status module. On sites where mod_status was\r\nenabled and the status pages were publicly available, a cross-site\r\nscripting attack was possible. (CVE-2007-6388)\r\n\r\nA flaw was found in the mod_proxy_ftp module. On sites where mod_proxy_ftp\r\nwas enabled and a forward proxy was configured, a cross-site scripting\r\nattack was possible against Web browsers which did not correctly derive the\r\nresponse character set following the rules in RFC 2616. (CVE-2008-0005)\r\n\r\nUsers of Apache should upgrade to these updated packages, which contain\r\nbackported patches to resolve these issues. Users should restart Apache\r\nafter installing this update.", "modified": "2018-03-14T19:26:26", "published": "2008-01-15T05:00:00", "id": "RHSA-2008:0004", "href": "https://access.redhat.com/errata/RHSA-2008:0004", "type": "redhat", "title": "(RHSA-2008:0004) Moderate: apache security update", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-08-13T18:45:31", "bulletinFamily": "unix", "cvelist": ["CVE-2007-3847", "CVE-2007-4465", "CVE-2007-5000", "CVE-2007-6388", "CVE-2008-0005"], "description": "The Apache HTTP Server is a popular Web server.\r\n\r\nA flaw was found in the mod_imap module. On sites where mod_imap was\r\nenabled and an imagemap file was publicly available, a cross-site scripting\r\nattack was possible. (CVE-2007-5000)\r\n\r\nA flaw was found in the mod_autoindex module. On sites where directory\r\nlistings are used, and the \"AddDefaultCharset\" directive has been removed\r\nfrom the configuration, a cross-site scripting attack was possible against\r\nWeb browsers which did not correctly derive the response character set\r\nfollowing the rules in RFC 2616. (CVE-2007-4465)\r\n\r\nA flaw was found in the mod_proxy module. On sites where a reverse proxy is\r\nconfigured, a remote attacker could send a carefully crafted request that\r\nwould cause the Apache child process handling that request to crash. On\r\nsites where a forward proxy is configured, an attacker could cause a\r\nsimilar crash if a user could be persuaded to visit a malicious site using\r\nthe proxy. This could lead to a denial of service if using a threaded\r\nMulti-Processing Module. (CVE-2007-3847) \r\n\r\nA flaw was found in the mod_status module. On sites where mod_status was\r\nenabled and the status pages were publicly available, a cross-site\r\nscripting attack was possible. (CVE-2007-6388)\r\n\r\nA flaw was found in the mod_proxy_ftp module. On sites where mod_proxy_ftp\r\nwas enabled and a forward proxy was configured, a cross-site scripting\r\nattack was possible against Web browsers which did not correctly derive the\r\nresponse character set following the rules in RFC 2616. (CVE-2008-0005)\r\n\r\nUsers of Apache httpd should upgrade to these updated packages, which\r\ncontain backported patches to resolve these issues. Users should restart\r\nhttpd after installing this update.", "modified": "2017-07-28T18:43:24", "published": "2008-01-15T05:00:00", "id": "RHSA-2008:0005", "href": "https://access.redhat.com/errata/RHSA-2008:0005", "type": "redhat", "title": "(RHSA-2008:0005) Moderate: httpd security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5000", "CVE-2007-6388", "CVE-2007-6421", "CVE-2007-6422", "CVE-2008-0005"], "description": "The Apache HTTP Server is a powerful, efficient, and extensible web server. ", "modified": "2008-02-16T02:11:16", "published": "2008-02-16T02:11:16", "id": "FEDORA:M1G2AYB4027912", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: httpd-2.2.8-1.fc8", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2006-5752", "CVE-2007-1862", "CVE-2007-1863", "CVE-2007-3304", "CVE-2007-5000", "CVE-2007-6388", "CVE-2007-6421", "CVE-2007-6422", "CVE-2008-0005"], "description": "The Apache HTTP Server is a powerful, efficient, and extensible web server. ", "modified": "2008-02-16T02:08:32", "published": "2008-02-16T02:08:32", "id": "FEDORA:M1G27PL9027710", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: httpd-2.2.8-1.fc7", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2021-01-01T01:09:39", "description": "New httpd packages are available for Slackware 12.0, and -current to\nfix security issues.", "edition": 23, "published": "2008-02-18T00:00:00", "title": "Slackware 12.0 / current : httpd (SSA:2008-045-01)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:slackware:slackware_linux:12.0", "p-cpe:/a:slackware:slackware_linux:httpd", "cpe:/o:slackware:slackware_linux"], "id": "SLACKWARE_SSA_2008-045-01.NASL", "href": "https://www.tenable.com/plugins/nessus/31099", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2008-045-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(31099);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2019/10/25 13:36:21\");\n\n script_cve_id(\"CVE-2007-5000\", \"CVE-2007-6388\", \"CVE-2007-6421\", \"CVE-2007-6422\", \"CVE-2008-0005\");\n script_xref(name:\"SSA\", value:\"2008-045-01\");\n\n script_name(english:\"Slackware 12.0 / current : httpd (SSA:2008-045-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New httpd packages are available for Slackware 12.0, and -current to\nfix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.384474\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?631dcafc\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected httpd package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cwe_id(79, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"12.0\", pkgname:\"httpd\", pkgver:\"2.2.8\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"httpd\", pkgver:\"2.2.8\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-12T10:06:25", "description": "This update includes the latest release of httpd 2.2, which fixes a\nnumber of minor security issues and other bugs. A flaw was found in\nthe mod_imagemap module. On sites where mod_imagemap was enabled and\nan imagemap file was publicly available, a cross-site scripting attack\nwas possible. (CVE-2007-5000) A flaw was found in the mod_status\nmodule. On sites where mod_status was enabled and the status pages\nwere publicly accessible, a cross-site scripting attack was possible.\n(CVE-2007-6388) A flaw was found in the mod_proxy_balancer module. On\nsites where mod_proxy_balancer was enabled, a cross-site scripting\nattack against an authorized user was possible. (CVE-2007-6421) A flaw\nwas found in the mod_proxy_balancer module. On sites where\nmod_proxy_balancer was enabled, an authorized user could send a\ncarefully crafted request that would cause the Apache child process\nhandling that request to crash. This could lead to a denial of service\nif using a threaded Multi-Processing Module. (CVE-2007-6422) A flaw\nwas found in the mod_proxy_ftp module. On sites where mod_proxy_ftp\nwas enabled and a forward proxy was configured, a cross-site scripting\nattack was possible against browsers which do not correctly derive the\nresponse character set following the rules in RFC 2616.\n(CVE-2008-0005)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2008-02-18T00:00:00", "title": "Fedora 8 : httpd-2.2.8-1.fc8 (2008-1695)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "modified": "2008-02-18T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:httpd", "cpe:/o:fedoraproject:fedora:8"], "id": "FEDORA_2008-1695.NASL", "href": "https://www.tenable.com/plugins/nessus/31103", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-1695.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31103);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2007-5000\", \"CVE-2007-6388\", \"CVE-2007-6421\", \"CVE-2007-6422\", \"CVE-2008-0005\");\n script_bugtraq_id(26838, 27234, 27236, 27237);\n script_xref(name:\"FEDORA\", value:\"2008-1695\");\n\n script_name(english:\"Fedora 8 : httpd-2.2.8-1.fc8 (2008-1695)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update includes the latest release of httpd 2.2, which fixes a\nnumber of minor security issues and other bugs. A flaw was found in\nthe mod_imagemap module. On sites where mod_imagemap was enabled and\nan imagemap file was publicly available, a cross-site scripting attack\nwas possible. (CVE-2007-5000) A flaw was found in the mod_status\nmodule. On sites where mod_status was enabled and the status pages\nwere publicly accessible, a cross-site scripting attack was possible.\n(CVE-2007-6388) A flaw was found in the mod_proxy_balancer module. On\nsites where mod_proxy_balancer was enabled, a cross-site scripting\nattack against an authorized user was possible. (CVE-2007-6421) A flaw\nwas found in the mod_proxy_balancer module. On sites where\nmod_proxy_balancer was enabled, an authorized user could send a\ncarefully crafted request that would cause the Apache child process\nhandling that request to crash. This could lead to a denial of service\nif using a threaded Multi-Processing Module. (CVE-2007-6422) A flaw\nwas found in the mod_proxy_ftp module. On sites where mod_proxy_ftp\nwas enabled and a forward proxy was configured, a cross-site scripting\nattack was possible against browsers which do not correctly derive the\nresponse character set following the rules in RFC 2616.\n(CVE-2008-0005)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=419931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=427228\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=427229\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=427230\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=427739\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/007943.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7580974d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected httpd package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(79, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"httpd-2.2.8-1.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-12T10:06:26", "description": "Notes: This update includes the latest release of httpd 2.2, which\nfixes a number of minor security issues and other bugs. A flaw was\nfound in the mod_imagemap module. On sites where mod_imagemap was\nenabled and an imagemap file was publicly available, a cross-site\nscripting attack was possible. (CVE-2007-5000) A flaw was found in the\nmod_status module. On sites where mod_status was enabled and the\nstatus pages were publicly accessible, a cross- site scripting attack\nwas possible. (CVE-2007-6388) A flaw was found in the\nmod_proxy_balancer module. On sites where mod_proxy_balancer was\nenabled, a cross-site scripting attack against an authorized user was\npossible. (CVE-2007-6421) A flaw was found in the mod_proxy_balancer\nmodule. On sites where mod_proxy_balancer was enabled, an authorized\nuser could send a carefully crafted request that would cause the\nApache child process handling that request to crash. This could lead\nto a denial of service if using a threaded Multi- Processing Module.\n(CVE-2007-6422) A flaw was found in the mod_proxy_ftp module. On sites\nwhere mod_proxy_ftp was enabled and a forward proxy was configured, a\ncross-site scripting attack was possible against browsers which do not\ncorrectly derive the response character set following the rules in RFC\n2616. (CVE-2008-0005)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2008-02-18T00:00:00", "title": "Fedora 7 : httpd-2.2.8-1.fc7 (2008-1711)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "modified": "2008-02-18T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:httpd", "cpe:/o:fedoraproject:fedora:7"], "id": "FEDORA_2008-1711.NASL", "href": "https://www.tenable.com/plugins/nessus/31105", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-1711.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31105);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2007-5000\", \"CVE-2007-6388\", \"CVE-2007-6421\", \"CVE-2007-6422\", \"CVE-2008-0005\");\n script_bugtraq_id(26838, 27234, 27236, 27237);\n script_xref(name:\"FEDORA\", value:\"2008-1711\");\n\n script_name(english:\"Fedora 7 : httpd-2.2.8-1.fc7 (2008-1711)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Notes: This update includes the latest release of httpd 2.2, which\nfixes a number of minor security issues and other bugs. A flaw was\nfound in the mod_imagemap module. On sites where mod_imagemap was\nenabled and an imagemap file was publicly available, a cross-site\nscripting attack was possible. (CVE-2007-5000) A flaw was found in the\nmod_status module. On sites where mod_status was enabled and the\nstatus pages were publicly accessible, a cross- site scripting attack\nwas possible. (CVE-2007-6388) A flaw was found in the\nmod_proxy_balancer module. On sites where mod_proxy_balancer was\nenabled, a cross-site scripting attack against an authorized user was\npossible. (CVE-2007-6421) A flaw was found in the mod_proxy_balancer\nmodule. On sites where mod_proxy_balancer was enabled, an authorized\nuser could send a carefully crafted request that would cause the\nApache child process handling that request to crash. This could lead\nto a denial of service if using a threaded Multi- Processing Module.\n(CVE-2007-6422) A flaw was found in the mod_proxy_ftp module. On sites\nwhere mod_proxy_ftp was enabled and a forward proxy was configured, a\ncross-site scripting attack was possible against browsers which do not\ncorrectly derive the response character set following the rules in RFC\n2616. (CVE-2008-0005)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=419931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=427228\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=427229\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=427230\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=427739\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/007922.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d025651e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected httpd package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(79, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 7.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC7\", reference:\"httpd-2.2.8-1.fc7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-07T11:51:49", "description": "A number of vulnerabilities were found and fixed in the Apache 2.2.x\npackages :\n\nA flaw found in the mod_imagemap module could lead to a cross-site\nscripting attack on sites where mod_imagemap was enabled and an\nimagemap file was publically available (CVE-2007-5000).\n\nA flaw found in the mod_status module could lead to a cross-site\nscripting attack on sites where mod_status was enabled and the status\npages were publically available (CVE-2007-6388).\n\nA flaw found in the mod_proxy_balancer module could lead to a\ncross-site scripting attack against an authorized user on sites where\nmod_proxy_balancer was enabled (CVE-2007-6421).\n\nAnother flaw in the mod_proxy_balancer module was found where, on\nsites with the module enabled, an authorized user could send a\ncarefully crafted request that would cause the apache child process\nhandling the request to crash, which could lead to a denial of service\nif using a threaded MPM (CVE-2007-6422).\n\nA flaw found in the mod_proxy_ftp module could lead to a cross-site\nscripting attack against web browsers which do not correctly derive\nthe response character set following the rules in RFC 2616, on sites\nwhere the mod_proxy_ftp module was enabled (CVE-2008-0005).\n\nThe updated packages have been patched to correct these issues.", "edition": 25, "published": "2009-04-23T00:00:00", "title": "Mandriva Linux Security Advisory : apache (MDVSA-2008:016)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "modified": "2009-04-23T00:00:00", "cpe": ["cpe:/o:mandriva:linux:2007", "p-cpe:/a:mandriva:linux:apache-mpm-worker", "p-cpe:/a:mandriva:linux:apache-mod_ssl", "p-cpe:/a:mandriva:linux:apache-mod_ldap", "p-cpe:/a:mandriva:linux:apache-mpm-event", "p-cpe:/a:mandriva:linux:apache-modules", "cpe:/o:mandriva:linux:2007.1", "p-cpe:/a:mandriva:linux:apache-htcacheclean", "p-cpe:/a:mandriva:linux:apache-devel", "p-cpe:/a:mandriva:linux:apache-mod_dav", "p-cpe:/a:mandriva:linux:apache-mod_dbd", "p-cpe:/a:mandriva:linux:apache-mod_mem_cache", "p-cpe:/a:mandriva:linux:apache-mod_proxy", "cpe:/o:mandriva:linux:2008.0", "p-cpe:/a:mandriva:linux:apache-mod_file_cache", "p-cpe:/a:mandriva:linux:apache-mod_authn_dbd", "p-cpe:/a:mandriva:linux:apache-source", "p-cpe:/a:mandriva:linux:apache-base", "p-cpe:/a:mandriva:linux:apache-mod_deflate", "p-cpe:/a:mandriva:linux:apache-mod_proxy_ajp", "p-cpe:/a:mandriva:linux:apache-mod_disk_cache", "p-cpe:/a:mandriva:linux:apache-mpm-itk", "p-cpe:/a:mandriva:linux:apache-mpm-prefork", "p-cpe:/a:mandriva:linux:apache-mod_cache", "p-cpe:/a:mandriva:linux:apache-mod_userdir"], "id": "MANDRIVA_MDVSA-2008-016.NASL", "href": "https://www.tenable.com/plugins/nessus/36524", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:016. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36524);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-5000\", \"CVE-2007-6388\", \"CVE-2007-6421\", \"CVE-2007-6422\", \"CVE-2008-0005\");\n script_xref(name:\"MDVSA\", value:\"2008:016\");\n\n script_name(english:\"Mandriva Linux Security Advisory : apache (MDVSA-2008:016)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of vulnerabilities were found and fixed in the Apache 2.2.x\npackages :\n\nA flaw found in the mod_imagemap module could lead to a cross-site\nscripting attack on sites where mod_imagemap was enabled and an\nimagemap file was publically available (CVE-2007-5000).\n\nA flaw found in the mod_status module could lead to a cross-site\nscripting attack on sites where mod_status was enabled and the status\npages were publically available (CVE-2007-6388).\n\nA flaw found in the mod_proxy_balancer module could lead to a\ncross-site scripting attack against an authorized user on sites where\nmod_proxy_balancer was enabled (CVE-2007-6421).\n\nAnother flaw in the mod_proxy_balancer module was found where, on\nsites with the module enabled, an authorized user could send a\ncarefully crafted request that would cause the apache child process\nhandling the request to crash, which could lead to a denial of service\nif using a threaded MPM (CVE-2007-6422).\n\nA flaw found in the mod_proxy_ftp module could lead to a cross-site\nscripting attack against web browsers which do not correctly derive\nthe response character set following the rules in RFC 2616, on sites\nwhere the mod_proxy_ftp module was enabled (CVE-2008-0005).\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cwe_id(79, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-htcacheclean\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_authn_dbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_dav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_dbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_deflate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_disk_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_file_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_mem_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_proxy_ajp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_userdir\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-event\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-itk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-base-2.2.3-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-devel-2.2.3-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-htcacheclean-2.2.3-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_authn_dbd-2.2.3-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_cache-2.2.3-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_dav-2.2.3-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_dbd-2.2.3-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_deflate-2.2.3-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_disk_cache-2.2.3-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_file_cache-2.2.3-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_ldap-2.2.3-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_mem_cache-2.2.3-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_proxy-2.2.3-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_ssl-2.2.3-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mod_userdir-2.2.3-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-modules-2.2.3-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mpm-prefork-2.2.3-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-mpm-worker-2.2.3-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"apache-source-2.2.3-1.3mdv2007.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-base-2.2.4-6.4mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-devel-2.2.4-6.4mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-htcacheclean-2.2.4-6.4mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_authn_dbd-2.2.4-6.4mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_cache-2.2.4-6.4mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_dav-2.2.4-6.4mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_dbd-2.2.4-6.4mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_deflate-2.2.4-6.4mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_disk_cache-2.2.4-6.4mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_file_cache-2.2.4-6.4mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_ldap-2.2.4-6.4mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_mem_cache-2.2.4-6.4mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_proxy-2.2.4-6.4mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_ssl-2.2.4-6.4mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mod_userdir-2.2.4-6.4mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-modules-2.2.4-6.4mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mpm-event-2.2.4-6.4mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mpm-itk-2.2.4-6.4mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mpm-prefork-2.2.4-6.4mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-mpm-worker-2.2.4-6.4mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"apache-source-2.2.4-6.4mdv2007.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-base-2.2.6-8.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-devel-2.2.6-8.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-htcacheclean-2.2.6-8.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_authn_dbd-2.2.6-8.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_cache-2.2.6-8.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_dav-2.2.6-8.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_dbd-2.2.6-8.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_deflate-2.2.6-8.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_disk_cache-2.2.6-8.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_file_cache-2.2.6-8.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_ldap-2.2.6-8.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_mem_cache-2.2.6-8.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_proxy-2.2.6-8.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_ssl-2.2.6-8.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_userdir-2.2.6-8.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-modules-2.2.6-8.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mpm-event-2.2.6-8.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mpm-itk-2.2.6-8.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mpm-prefork-2.2.6-8.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mpm-worker-2.2.6-8.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-source-2.2.6-8.1mdv2008.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-01T04:35:24", "description": "From Red Hat Security Advisory 2008:0008 :\n\nUpdated Apache httpd packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the mod_imagemap module. On sites where\nmod_imagemap was enabled and an imagemap file was publicly available,\na cross-site scripting attack was possible. (CVE-2007-5000)\n\nA flaw was found in the mod_autoindex module. On sites where directory\nlistings are used, and the 'AddDefaultCharset' directive has been\nremoved from the configuration, a cross-site scripting attack might\nhave been possible against Web browsers which do not correctly derive\nthe response character set following the rules in RFC 2616.\n(CVE-2007-4465)\n\nA flaw was found in the mod_status module. On sites where mod_status\nwas enabled and the status pages were publicly available, a cross-site\nscripting attack was possible. (CVE-2007-6388)\n\nA flaw was found in the mod_proxy_balancer module. On sites where\nmod_proxy_balancer was enabled, a cross-site scripting attack against\nan authorized user was possible. (CVE-2007-6421)\n\nA flaw was found in the mod_proxy_balancer module. On sites where\nmod_proxy_balancer was enabled, an authorized user could send a\ncarefully crafted request that would cause the Apache child process\nhandling that request to crash. This could lead to a denial of service\nif using a threaded Multi-Processing Module. (CVE-2007-6422)\n\nA flaw was found in the mod_proxy_ftp module. On sites where\nmod_proxy_ftp was enabled and a forward proxy was configured, a\ncross-site scripting attack was possible against Web browsers which do\nnot correctly derive the response character set following the rules in\nRFC 2616. (CVE-2008-0005)\n\nUsers of Apache httpd should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. Users should\nrestart httpd after installing this update.", "edition": 26, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 : httpd (ELSA-2008-0008)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4465", "CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:httpd-devel", "p-cpe:/a:oracle:linux:httpd", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:mod_ssl", "p-cpe:/a:oracle:linux:httpd-manual"], "id": "ORACLELINUX_ELSA-2008-0008.NASL", "href": "https://www.tenable.com/plugins/nessus/67633", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0008 and \n# Oracle Linux Security Advisory ELSA-2008-0008 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67633);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2019/10/25 13:36:07\");\n\n script_cve_id(\"CVE-2007-4465\", \"CVE-2007-5000\", \"CVE-2007-6388\", \"CVE-2007-6421\", \"CVE-2007-6422\", \"CVE-2008-0005\");\n script_bugtraq_id(25653, 26838, 27234, 27236, 27237);\n script_xref(name:\"RHSA\", value:\"2008:0008\");\n\n script_name(english:\"Oracle Linux 5 : httpd (ELSA-2008-0008)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0008 :\n\nUpdated Apache httpd packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the mod_imagemap module. On sites where\nmod_imagemap was enabled and an imagemap file was publicly available,\na cross-site scripting attack was possible. (CVE-2007-5000)\n\nA flaw was found in the mod_autoindex module. On sites where directory\nlistings are used, and the 'AddDefaultCharset' directive has been\nremoved from the configuration, a cross-site scripting attack might\nhave been possible against Web browsers which do not correctly derive\nthe response character set following the rules in RFC 2616.\n(CVE-2007-4465)\n\nA flaw was found in the mod_status module. On sites where mod_status\nwas enabled and the status pages were publicly available, a cross-site\nscripting attack was possible. (CVE-2007-6388)\n\nA flaw was found in the mod_proxy_balancer module. On sites where\nmod_proxy_balancer was enabled, a cross-site scripting attack against\nan authorized user was possible. (CVE-2007-6421)\n\nA flaw was found in the mod_proxy_balancer module. On sites where\nmod_proxy_balancer was enabled, an authorized user could send a\ncarefully crafted request that would cause the Apache child process\nhandling that request to crash. This could lead to a denial of service\nif using a threaded Multi-Processing Module. (CVE-2007-6422)\n\nA flaw was found in the mod_proxy_ftp module. On sites where\nmod_proxy_ftp was enabled and a forward proxy was configured, a\ncross-site scripting attack was possible against Web browsers which do\nnot correctly derive the response character set following the rules in\nRFC 2616. (CVE-2008-0005)\n\nUsers of Apache httpd should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. Users should\nrestart httpd after installing this update.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-January/000488.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected httpd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(79, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"httpd-2.2.3-11.el5_1.3.0.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"httpd-devel-2.2.3-11.el5_1.3.0.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"httpd-manual-2.2.3-11.el5_1.3.0.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"mod_ssl-2.2.3-11.el5_1.3.0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / httpd-manual / mod_ssl\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-06T09:25:14", "description": "Updated Apache httpd packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the mod_imagemap module. On sites where\nmod_imagemap was enabled and an imagemap file was publicly available,\na cross-site scripting attack was possible. (CVE-2007-5000)\n\nA flaw was found in the mod_autoindex module. On sites where directory\nlistings are used, and the 'AddDefaultCharset' directive has been\nremoved from the configuration, a cross-site scripting attack might\nhave been possible against Web browsers which do not correctly derive\nthe response character set following the rules in RFC 2616.\n(CVE-2007-4465)\n\nA flaw was found in the mod_status module. On sites where mod_status\nwas enabled and the status pages were publicly available, a cross-site\nscripting attack was possible. (CVE-2007-6388)\n\nA flaw was found in the mod_proxy_balancer module. On sites where\nmod_proxy_balancer was enabled, a cross-site scripting attack against\nan authorized user was possible. (CVE-2007-6421)\n\nA flaw was found in the mod_proxy_balancer module. On sites where\nmod_proxy_balancer was enabled, an authorized user could send a\ncarefully crafted request that would cause the Apache child process\nhandling that request to crash. This could lead to a denial of service\nif using a threaded Multi-Processing Module. (CVE-2007-6422)\n\nA flaw was found in the mod_proxy_ftp module. On sites where\nmod_proxy_ftp was enabled and a forward proxy was configured, a\ncross-site scripting attack was possible against Web browsers which do\nnot correctly derive the response character set following the rules in\nRFC 2616. (CVE-2008-0005)\n\nUsers of Apache httpd should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. Users should\nrestart httpd after installing this update.", "edition": 29, "published": "2010-01-06T00:00:00", "title": "CentOS 5 : httpd (CESA-2008:0008)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4465", "CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "modified": "2010-01-06T00:00:00", "cpe": ["p-cpe:/a:centos:centos:mod_ssl", "p-cpe:/a:centos:centos:httpd-manual", "p-cpe:/a:centos:centos:httpd", "p-cpe:/a:centos:centos:httpd-devel", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2008-0008.NASL", "href": "https://www.tenable.com/plugins/nessus/43666", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0008 and \n# CentOS Errata and Security Advisory 2008:0008 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43666);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-4465\", \"CVE-2007-5000\", \"CVE-2007-6388\", \"CVE-2007-6421\", \"CVE-2007-6422\", \"CVE-2008-0005\");\n script_bugtraq_id(25653, 26838, 27234, 27236, 27237);\n script_xref(name:\"RHSA\", value:\"2008:0008\");\n\n script_name(english:\"CentOS 5 : httpd (CESA-2008:0008)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated Apache httpd packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the mod_imagemap module. On sites where\nmod_imagemap was enabled and an imagemap file was publicly available,\na cross-site scripting attack was possible. (CVE-2007-5000)\n\nA flaw was found in the mod_autoindex module. On sites where directory\nlistings are used, and the 'AddDefaultCharset' directive has been\nremoved from the configuration, a cross-site scripting attack might\nhave been possible against Web browsers which do not correctly derive\nthe response character set following the rules in RFC 2616.\n(CVE-2007-4465)\n\nA flaw was found in the mod_status module. On sites where mod_status\nwas enabled and the status pages were publicly available, a cross-site\nscripting attack was possible. (CVE-2007-6388)\n\nA flaw was found in the mod_proxy_balancer module. On sites where\nmod_proxy_balancer was enabled, a cross-site scripting attack against\nan authorized user was possible. (CVE-2007-6421)\n\nA flaw was found in the mod_proxy_balancer module. On sites where\nmod_proxy_balancer was enabled, an authorized user could send a\ncarefully crafted request that would cause the Apache child process\nhandling that request to crash. This could lead to a denial of service\nif using a threaded Multi-Processing Module. (CVE-2007-6422)\n\nA flaw was found in the mod_proxy_ftp module. On sites where\nmod_proxy_ftp was enabled and a forward proxy was configured, a\ncross-site scripting attack was possible against Web browsers which do\nnot correctly derive the response character set following the rules in\nRFC 2616. (CVE-2008-0005)\n\nUsers of Apache httpd should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. Users should\nrestart httpd after installing this update.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-January/014614.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8e9cb3f9\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-January/014615.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?74513c14\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected httpd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(79, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"httpd-2.2.3-11.el5_1.centos.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"httpd-devel-2.2.3-11.el5_1.centos.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"httpd-manual-2.2.3-11.el5_1.centos.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"mod_ssl-2.2.3-11.el5_1.centos.3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / httpd-manual / mod_ssl\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-01T04:56:10", "description": "Updated Apache httpd packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the mod_imagemap module. On sites where\nmod_imagemap was enabled and an imagemap file was publicly available,\na cross-site scripting attack was possible. (CVE-2007-5000)\n\nA flaw was found in the mod_autoindex module. On sites where directory\nlistings are used, and the 'AddDefaultCharset' directive has been\nremoved from the configuration, a cross-site scripting attack might\nhave been possible against Web browsers which do not correctly derive\nthe response character set following the rules in RFC 2616.\n(CVE-2007-4465)\n\nA flaw was found in the mod_status module. On sites where mod_status\nwas enabled and the status pages were publicly available, a cross-site\nscripting attack was possible. (CVE-2007-6388)\n\nA flaw was found in the mod_proxy_balancer module. On sites where\nmod_proxy_balancer was enabled, a cross-site scripting attack against\nan authorized user was possible. (CVE-2007-6421)\n\nA flaw was found in the mod_proxy_balancer module. On sites where\nmod_proxy_balancer was enabled, an authorized user could send a\ncarefully crafted request that would cause the Apache child process\nhandling that request to crash. This could lead to a denial of service\nif using a threaded Multi-Processing Module. (CVE-2007-6422)\n\nA flaw was found in the mod_proxy_ftp module. On sites where\nmod_proxy_ftp was enabled and a forward proxy was configured, a\ncross-site scripting attack was possible against Web browsers which do\nnot correctly derive the response character set following the rules in\nRFC 2616. (CVE-2008-0005)\n\nUsers of Apache httpd should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. Users should\nrestart httpd after installing this update.", "edition": 28, "published": "2008-01-15T00:00:00", "title": "RHEL 5 : httpd (RHSA-2008:0008)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4465", "CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:mod_ssl", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:httpd", "cpe:/o:redhat:enterprise_linux:5.1", "p-cpe:/a:redhat:enterprise_linux:httpd-manual", "p-cpe:/a:redhat:enterprise_linux:httpd-devel"], "id": "REDHAT-RHSA-2008-0008.NASL", "href": "https://www.tenable.com/plugins/nessus/29977", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0008. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(29977);\n script_version (\"1.28\");\n script_cvs_date(\"Date: 2019/10/25 13:36:13\");\n\n script_cve_id(\"CVE-2007-4465\", \"CVE-2007-5000\", \"CVE-2007-6388\", \"CVE-2007-6421\", \"CVE-2007-6422\", \"CVE-2008-0005\");\n script_bugtraq_id(25653, 26838, 27234, 27236, 27237);\n script_xref(name:\"RHSA\", value:\"2008:0008\");\n\n script_name(english:\"RHEL 5 : httpd (RHSA-2008:0008)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated Apache httpd packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the mod_imagemap module. On sites where\nmod_imagemap was enabled and an imagemap file was publicly available,\na cross-site scripting attack was possible. (CVE-2007-5000)\n\nA flaw was found in the mod_autoindex module. On sites where directory\nlistings are used, and the 'AddDefaultCharset' directive has been\nremoved from the configuration, a cross-site scripting attack might\nhave been possible against Web browsers which do not correctly derive\nthe response character set following the rules in RFC 2616.\n(CVE-2007-4465)\n\nA flaw was found in the mod_status module. On sites where mod_status\nwas enabled and the status pages were publicly available, a cross-site\nscripting attack was possible. (CVE-2007-6388)\n\nA flaw was found in the mod_proxy_balancer module. On sites where\nmod_proxy_balancer was enabled, a cross-site scripting attack against\nan authorized user was possible. (CVE-2007-6421)\n\nA flaw was found in the mod_proxy_balancer module. On sites where\nmod_proxy_balancer was enabled, an authorized user could send a\ncarefully crafted request that would cause the Apache child process\nhandling that request to crash. This could lead to a denial of service\nif using a threaded Multi-Processing Module. (CVE-2007-6422)\n\nA flaw was found in the mod_proxy_ftp module. On sites where\nmod_proxy_ftp was enabled and a forward proxy was configured, a\ncross-site scripting attack was possible against Web browsers which do\nnot correctly derive the response character set following the rules in\nRFC 2616. (CVE-2008-0005)\n\nUsers of Apache httpd should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. Users should\nrestart httpd after installing this update.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-4465\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5000\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6388\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0005\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0008\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(79, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/01/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0008\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"httpd-2.2.3-11.el5_1.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"httpd-2.2.3-11.el5_1.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"httpd-2.2.3-11.el5_1.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"httpd-devel-2.2.3-11.el5_1.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"httpd-manual-2.2.3-11.el5_1.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"httpd-manual-2.2.3-11.el5_1.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"httpd-manual-2.2.3-11.el5_1.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"mod_ssl-2.2.3-11.el5_1.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"mod_ssl-2.2.3-11.el5_1.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"mod_ssl-2.2.3-11.el5_1.3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / httpd-manual / mod_ssl\");\n }\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-01T06:29:25", "description": "This update fixes multiple bugs in apache :\n\n - cross site scripting problem in mod_imap (CVE-2007-5000)\n\n - cross site scripting problem in mod_status\n (CVE-2007-6388)\n\n - cross site scripting problem in the ftp proxy module\n (CVE-2008-0005)\n\n - cross site scripting problem in the error page for\n status code 413 (CVE-2007-6203)\n\n - cross site scripting problem in mod_proxy_balancer\n (CVE-2007-6421)\n\n - A flaw in mod_proxy_balancer allowed attackers to crash\n apache (CVE-2007-6422)", "edition": 24, "published": "2008-04-04T00:00:00", "title": "openSUSE 10 Security Update : apache2 (apache2-5125)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6203", "CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-example-pages", "p-cpe:/a:novell:opensuse:apache2-worker", "p-cpe:/a:novell:opensuse:apache2-prefork", "cpe:/o:novell:opensuse:10.1", "p-cpe:/a:novell:opensuse:apache2", "p-cpe:/a:novell:opensuse:apache2-devel"], "id": "SUSE_APACHE2-5125.NASL", "href": "https://www.tenable.com/plugins/nessus/31765", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update apache2-5125.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(31765);\n script_version (\"1.13\");\n script_cvs_date(\"Date: 2019/10/25 13:36:32\");\n\n script_cve_id(\"CVE-2007-5000\", \"CVE-2007-6203\", \"CVE-2007-6388\", \"CVE-2007-6421\", \"CVE-2007-6422\", \"CVE-2008-0005\");\n\n script_name(english:\"openSUSE 10 Security Update : apache2 (apache2-5125)\");\n script_summary(english:\"Check for the apache2-5125 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes multiple bugs in apache :\n\n - cross site scripting problem in mod_imap (CVE-2007-5000)\n\n - cross site scripting problem in mod_status\n (CVE-2007-6388)\n\n - cross site scripting problem in the ftp proxy module\n (CVE-2008-0005)\n\n - cross site scripting problem in the error page for\n status code 413 (CVE-2007-6203)\n\n - cross site scripting problem in mod_proxy_balancer\n (CVE-2007-6421)\n\n - A flaw in mod_proxy_balancer allowed attackers to crash\n apache (CVE-2007-6422)\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cwe_id(79, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-example-pages\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/04/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"apache2-2.2.3-16.17.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"apache2-devel-2.2.3-16.17.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"apache2-example-pages-2.2.3-16.17.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"apache2-prefork-2.2.3-16.17.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"apache2-worker-2.2.3-16.17.3\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2 / apache2-devel / apache2-example-pages / apache2-prefork / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-01T06:29:25", "description": "This update fixes multiple bugs in apache :\n\n - cross-site scripting problem in mod_imap.\n (CVE-2007-5000)\n\n - cross-site scripting problem in mod_status.\n (CVE-2007-6388)\n\n - cross-site scripting problem in the ftp proxy module.\n (CVE-2008-0005)\n\n - cross-site scripting problem in the error page for\n status code 413. (CVE-2007-6203)\n\n - cross-site scripting problem in mod_proxy_balancer.\n (CVE-2007-6421)\n\n - A flaw in mod_proxy_balancer allowed attackers to crash\n apache. (CVE-2007-6422)", "edition": 23, "published": "2008-04-04T00:00:00", "title": "SuSE 10 Security Update : Apache 2 (ZYPP Patch Number 5128)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6203", "CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_APACHE2-5128.NASL", "href": "https://www.tenable.com/plugins/nessus/31768", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(31768);\n script_version (\"1.17\");\n script_cvs_date(\"Date: 2019/10/25 13:36:32\");\n\n script_cve_id(\"CVE-2007-5000\", \"CVE-2007-6203\", \"CVE-2007-6388\", \"CVE-2007-6421\", \"CVE-2007-6422\", \"CVE-2008-0005\");\n\n script_name(english:\"SuSE 10 Security Update : Apache 2 (ZYPP Patch Number 5128)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes multiple bugs in apache :\n\n - cross-site scripting problem in mod_imap.\n (CVE-2007-5000)\n\n - cross-site scripting problem in mod_status.\n (CVE-2007-6388)\n\n - cross-site scripting problem in the ftp proxy module.\n (CVE-2008-0005)\n\n - cross-site scripting problem in the error page for\n status code 413. (CVE-2007-6203)\n\n - cross-site scripting problem in mod_proxy_balancer.\n (CVE-2007-6421)\n\n - A flaw in mod_proxy_balancer allowed attackers to crash\n apache. (CVE-2007-6422)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5000.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-6203.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-6388.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-6421.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-6422.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-0005.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5128.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cwe_id(79, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/04/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"apache2-2.2.3-16.17.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"apache2-devel-2.2.3-16.17.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"apache2-doc-2.2.3-16.17.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"apache2-example-pages-2.2.3-16.17.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"apache2-prefork-2.2.3-16.17.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"apache2-worker-2.2.3-16.17.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-01T06:29:25", "description": "This update fixes multiple bugs in apache :\n\n - cross site scripting problem in mod_imap (CVE-2007-5000)\n\n - cross site scripting problem in mod_status\n (CVE-2007-6388)\n\n - cross site scripting problem in the ftp proxy module\n (CVE-2008-0005)\n\n - cross site scripting problem in the error page for\n status code 413 (CVE-2007-6203)\n\n - cross site scripting problem in mod_proxy_balancer\n (CVE-2007-6421)\n\n - A flaw in mod_proxy_balancer allowed attackers to crash\n apache (CVE-2007-6422)", "edition": 24, "published": "2008-04-04T00:00:00", "title": "openSUSE 10 Security Update : apache2 (apache2-5126)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6203", "CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-example-pages", "cpe:/o:novell:opensuse:10.2", "p-cpe:/a:novell:opensuse:apache2-worker", "p-cpe:/a:novell:opensuse:apache2-prefork", "p-cpe:/a:novell:opensuse:apache2", "p-cpe:/a:novell:opensuse:apache2-devel"], "id": "SUSE_APACHE2-5126.NASL", "href": "https://www.tenable.com/plugins/nessus/31766", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update apache2-5126.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(31766);\n script_version (\"1.13\");\n script_cvs_date(\"Date: 2019/10/25 13:36:32\");\n\n script_cve_id(\"CVE-2007-5000\", \"CVE-2007-6203\", \"CVE-2007-6388\", \"CVE-2007-6421\", \"CVE-2007-6422\", \"CVE-2008-0005\");\n\n script_name(english:\"openSUSE 10 Security Update : apache2 (apache2-5126)\");\n script_summary(english:\"Check for the apache2-5126 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes multiple bugs in apache :\n\n - cross site scripting problem in mod_imap (CVE-2007-5000)\n\n - cross site scripting problem in mod_status\n (CVE-2007-6388)\n\n - cross site scripting problem in the ftp proxy module\n (CVE-2008-0005)\n\n - cross site scripting problem in the error page for\n status code 413 (CVE-2007-6203)\n\n - cross site scripting problem in mod_proxy_balancer\n (CVE-2007-6421)\n\n - A flaw in mod_proxy_balancer allowed attackers to crash\n apache (CVE-2007-6422)\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cwe_id(79, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-example-pages\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/04/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.2\", reference:\"apache2-2.2.3-24\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"apache2-devel-2.2.3-24\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"apache2-example-pages-2.2.3-24\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"apache2-prefork-2.2.3-24\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"apache2-worker-2.2.3-24\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2 / apache2-devel / apache2-example-pages / apache2-prefork / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "slackware": [{"lastseen": "2020-10-25T16:36:16", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5000", "CVE-2007-6388", "CVE-2007-6421", "CVE-2007-6422", "CVE-2008-0005"], "description": "New httpd packages are available for Slackware 12.0, and -current to\nfix security issues.\n\nMore details about this issue may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005\n\n\nHere are the details from the Slackware 12.0 ChangeLog:\n\npatches/packages/httpd-2.2.8-i486-1.tgz: Upgraded to httpd-2.2.8.\n This fixes security and other bugs.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/httpd-2.2.8-i486-1_slack12.0.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/httpd-2.2.8-i486-1.tgz\n\n\nMD5 signatures:\n\nSlackware 12.0 package:\nc545e2e9ef2d01a584c972cb13246f7d httpd-2.2.8-i486-1_slack12.0.tgz\n\nSlackware -current package:\n0901cc439d6d6e7c7ed6d1920e49920f httpd-2.2.8-i486-1.tgz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg httpd-2.2.8-i486-1_slack12.0.tgz\n\nThen, restart httpd:\n > sh /etc/rc.d/rc.httpd restart", "modified": "2008-02-15T01:22:54", "published": "2008-02-15T01:22:54", "id": "SSA-2008-045-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.384474", "type": "slackware", "title": "[slackware-security] httpd", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-10-25T16:36:01", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5000", "CVE-2007-6388"], "description": "New httpd packages are available for Slackware 12.0, 12.1, and -current to\nfix XSS security issues.\n\nMore details about this issue may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n\n\nHere are the details from the Slackware 12.1 ChangeLog:\n\npatches/packages/httpd-2.2.9-i486-1_slack12.1.tgz:\n Upgraded to httpd-2.2.9.\n This release fixes flaws which could allow XSS attacks.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/httpd-2.2.9-i486-1_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/httpd-2.2.9-i486-1_slack12.1.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/httpd-2.2.9-i486-1.tgz\n\n\nMD5 signatures:\n\nSlackware 12.0 package:\nde480cc77306436c441eae8c5450daa7 httpd-2.2.9-i486-1_slack12.0.tgz\n\nSlackware 12.1 package:\n18cd55af955029755736260e79670ef2 httpd-2.2.9-i486-1_slack12.1.tgz\n\nSlackware -current package:\n76ae52c1809ec33619129096d67ce10a httpd-2.2.9-i486-1.tgz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg httpd-2.2.9-i486-1_slack12.1.tgz\n\nThen, restart httpd:\n > sh /etc/rc.d/rc.httpd restart", "modified": "2008-07-29T05:31:49", "published": "2008-07-29T05:31:49", "id": "SSA-2008-210-02", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.370728", "type": "slackware", "title": "[slackware-security] httpd", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-10-25T16:36:16", "bulletinFamily": "unix", "cvelist": ["CVE-2007-3847", "CVE-2007-5000", "CVE-2007-6388"], "description": "New apache 1.3.41 packages are available for Slackware 8.1, 9.0, 9.1,\n10.0, 10.1, 10.2, and 11.0 to fix security issues.\n\nA new matching mod_ssl package is also provided.\n\nMore details about the issues may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n\n\nHere are the details from the Slackware 11.0 ChangeLog:\n\npatches/packages/apache-1.3.41-i486-1_slack11.0.tgz:\n Upgraded to apache-1.3.41, the last regular release of the\n Apache 1.3.x series, and a security bugfix-only release.\n For more information about the security issues fixed, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n (* Security fix *)\npatches/packages/mod_ssl-2.8.31_1.3.41-i486-1_slack11.0.tgz:\n Upgraded to mod_ssl-2.8.31-1.3.41 to work with apache_1.3.41.\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated packages for Slackware 8.1:\nftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/apache-1.3.41-i386-1_slack8.1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/mod_ssl-2.8.31_1.3.41-i386-1_slack8.1.tgz\n\nUpdated packages for Slackware 9.0:\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/apache-1.3.41-i386-1_slack9.0.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/mod_ssl-2.8.31_1.3.41-i386-1_slack9.0.tgz\n\nUpdated packages for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/apache-1.3.41-i486-1_slack9.1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/mod_ssl-2.8.31_1.3.41-i486-1_slack9.1.tgz\n\nUpdated packages for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/apache-1.3.41-i486-1_slack10.0.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/mod_ssl-2.8.31_1.3.41-i486-1_slack10.0.tgz\n\nUpdated packages for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/apache-1.3.41-i486-1_slack10.1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/mod_ssl-2.8.31_1.3.41-i486-1_slack10.1.tgz\n\nUpdated packages for Slackware 10.2:\nftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/apache-1.3.41-i486-1_slack10.2.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/mod_ssl-2.8.31_1.3.41-i486-1_slack10.2.tgz\n\nUpdated packages for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/apache-1.3.41-i486-1_slack11.0.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/mod_ssl-2.8.31_1.3.41-i486-1_slack11.0.tgz\n\n\nMD5 signatures:\n\nSlackware 8.1 packages:\n6cc8d3c128d52a3d27ca37b7456ff1fe apache-1.3.41-i386-1_slack8.1.tgz\n9ae1dcb8bb7b9bc88fde88d16212e734 mod_ssl-2.8.31_1.3.41-i386-1_slack8.1.tgz\n\nSlackware 9.0 packages:\nc26a86befaa00c1111b49c22d9e85cd8 apache-1.3.41-i386-1_slack9.0.tgz\n774d1613a29bba8b96c0b446d63ddc39 mod_ssl-2.8.31_1.3.41-i386-1_slack9.0.tgz\n\nSlackware 9.1 packages:\n5f80ea085bbca07a22b1110e7e292d8a apache-1.3.41-i486-1_slack9.1.tgz\n7f4979e63af16c53557700f4df7b86d1 mod_ssl-2.8.31_1.3.41-i486-1_slack9.1.tgz\n\nSlackware 10.0 packages:\n5147add3bc234f7615db078ce2a8cab1 apache-1.3.41-i486-1_slack10.0.tgz\n329cc9a783d7dd7d31bdec5f4c8a4a23 mod_ssl-2.8.31_1.3.41-i486-1_slack10.0.tgz\n\nSlackware 10.1 packages:\n4ee6b38b92e8c8ccf6b31f7361d78b71 apache-1.3.41-i486-1_slack10.1.tgz\na3f9efb14872870944e641376adadbff mod_ssl-2.8.31_1.3.41-i486-1_slack10.1.tgz\n\nSlackware 10.2 packages:\n4c797d094998917086c3b5930e5a5c02 apache-1.3.41-i486-1_slack10.2.tgz\n283b72160550a9fc3edd628f4efa460f mod_ssl-2.8.31_1.3.41-i486-1_slack10.2.tgz\n\nSlackware 11.0 packages:\n7698a1518b7d0d423c807e76e2714e87 apache-1.3.41-i486-1_slack11.0.tgz\n3a18465e0e2bc2dfe1d1be2c94c38a90 mod_ssl-2.8.31_1.3.41-i486-1_slack11.0.tgz\n\n\nInstallation instructions:\n\nFirst, stop apache:\n\n > apachectl stop\n\nThen, upgrade the packages:\n\n > upgradepkg apache-1.3.41-i486-1_slack11.0.tgz mod_ssl-2.8.31_1.3.41-i486-1_slack11.0.tgz\n\nFinally, restart apache:\n\n > apachectl start\n\nOr, if you use mod_ssl:\n\n > apachectl startssl", "modified": "2008-02-15T01:23:13", "published": "2008-02-15T01:23:13", "id": "SSA-2008-045-02", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.595748", "type": "slackware", "title": "[slackware-security] apache", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2020-10-03T11:45:55", "description": "Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) ss, (2) wr, or (3) rr parameters, or (4) the URL.", "edition": 5, "cvss3": {}, "published": "2008-01-08T19:46:00", "title": "CVE-2007-6421", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6421"], "modified": "2018-10-30T16:25:00", "cpe": ["cpe:/a:apache:http_server:2.2", "cpe:/a:apache:http_server:2.2.1", "cpe:/a:apache:http_server:-", "cpe:/a:apache:http_server:2.2.4", "cpe:/a:apache:http_server:2.2.6", "cpe:/a:apache:http_server:2.2.2", "cpe:/a:apache:http_server:2.2.3"], "id": "CVE-2007-6421", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6421", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:45:55", "description": "The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb variable.", "edition": 5, "cvss3": {}, "published": "2008-01-08T18:46:00", "title": "CVE-2007-6422", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6422"], "modified": "2018-10-30T16:25:00", "cpe": ["cpe:/a:apache:http_server:2.2", "cpe:/a:apache:http_server:2.2.1", "cpe:/a:apache:http_server:-", "cpe:/a:apache:http_server:2.2.4", "cpe:/a:apache:http_server:2.2.6", "cpe:/a:apache:http_server:2.2.2", "cpe:/a:apache:http_server:2.2.3"], "id": "CVE-2007-6422", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6422", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:45:55", "description": "Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", "edition": 5, "cvss3": {}, "published": "2008-01-08T18:46:00", "title": "CVE-2007-6388", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6388"], "modified": "2018-10-30T16:25:00", "cpe": ["cpe:/a:apache:http_server:1.3.33", "cpe:/a:apache:http_server:2.0.40", "cpe:/a:apache:http_server:2.0.39", "cpe:/a:apache:http_server:1.3.27", "cpe:/a:apache:http_server:1.3.3", "cpe:/a:apache:http_server:1.3.24", "cpe:/a:apache:http_server:1.3.22", "cpe:/a:apache:http_server:2.2", "cpe:/a:apache:http_server:2.0.56", "cpe:/a:apache:http_server:2.2.1", "cpe:/a:apache:http_server:2.0.38", "cpe:/a:apache:http_server:2.0.35", "cpe:/a:apache:http_server:2.0.49", "cpe:/a:apache:http_server:-", "cpe:/a:apache:http_server:2.0.53", "cpe:/a:apache:http_server:2.0.50", "cpe:/a:apache:http_server:2.2.4", "cpe:/a:apache:http_server:2.0.58", "cpe:/a:apache:http_server:1.3.6", "cpe:/a:apache:http_server:1.3.30", "cpe:/a:apache:http_server:2.0.59", "cpe:/a:apache:http_server:2.0.55", "cpe:/a:apache:http_server:2.0.57", "cpe:/a:apache:http_server:1.3.39", "cpe:/a:apache:http_server:1.3.28", "cpe:/a:apache:http_server:2.0.48", "cpe:/a:apache:http_server:2.0.46", "cpe:/a:apache:http_server:2.2.6", "cpe:/a:apache:http_server:1.3.1", "cpe:/a:apache:http_server:2.0.45", "cpe:/a:apache:http_server:1.3.25", "cpe:/a:apache:http_server:2.0.41", "cpe:/a:apache:http_server:1.3.5", "cpe:/a:apache:http_server:1.3.37", "cpe:/a:apache:http_server:2.0.44", "cpe:/a:apache:http_server:1.3.4", "cpe:/a:apache:http_server:1.3.12", "cpe:/a:apache:http_server:1.3.7", "cpe:/a:apache:http_server:1.3.8", "cpe:/a:apache:http_server:2.2.2", "cpe:/a:apache:http_server:1.3.26", "cpe:/a:apache:http_server:1.3.11", "cpe:/a:apache:http_server:1.3.38", "cpe:/a:apache:http_server:2.0.37", "cpe:/a:apache:http_server:2.0.61", "cpe:/a:apache:http_server:1.3.31", "cpe:/a:apache:http_server:2.0.54", "cpe:/a:apache:http_server:1.3.32", "cpe:/a:apache:http_server:2.0.43", "cpe:/a:apache:http_server:2.0.47", "cpe:/a:apache:http_server:2.0.36", "cpe:/a:apache:http_server:2.0.42", "cpe:/a:apache:http_server:1.3.2", "cpe:/a:apache:http_server:1.3.23", "cpe:/a:apache:http_server:2.0.60", "cpe:/a:apache:http_server:1.3.29", "cpe:/a:apache:http_server:2.0.52", "cpe:/a:apache:http_server:2.2.3", "cpe:/a:apache:http_server:2.0.51", "cpe:/a:apache:http_server:1.3.9"], "id": "CVE-2007-6388", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6388", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:apache:http_server:1.3.33:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.22:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.51:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.29:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.53:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.37:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.30:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.43:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.60:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.24:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.31:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.39:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.57:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.56:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.42:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.58:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.28:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.23:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.54:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.25:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.61:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.32:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.59:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.38:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.55:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.45:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.4:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:45:54", "description": "Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", "edition": 5, "cvss3": {}, "published": "2007-12-13T18:46:00", "title": "CVE-2007-5000", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-5000"], "modified": "2018-10-30T16:25:00", "cpe": ["cpe:/a:apache:http_server:1.3.33", "cpe:/a:apache:http_server:2.0.40", "cpe:/a:apache:http_server:2.0.39", "cpe:/a:apache:http_server:1.3.27", "cpe:/a:apache:http_server:1.3.24", "cpe:/a:apache:http_server:1.3.22", "cpe:/a:apache:http_server:2.2", "cpe:/a:apache:http_server:2.0.56", "cpe:/a:apache:http_server:2.2.1", "cpe:/a:apache:http_server:2.0.38", "cpe:/a:apache:http_server:2.0.35", "cpe:/a:apache:http_server:2.0.49", "cpe:/a:apache:http_server:-", "cpe:/a:apache:http_server:2.0.53", "cpe:/a:apache:http_server:2.0.50", "cpe:/a:apache:http_server:2.2.4", "cpe:/a:apache:http_server:2.0.58", "cpe:/a:apache:http_server:1.3.6", "cpe:/a:apache:http_server:1.3.30", "cpe:/a:apache:http_server:2.0.59", "cpe:/a:apache:http_server:2.0.55", "cpe:/a:apache:http_server:2.0.57", "cpe:/a:apache:http_server:1.3.28", "cpe:/a:apache:http_server:2.0.48", "cpe:/a:apache:http_server:2.0.46", "cpe:/a:apache:http_server:2.2.6", "cpe:/a:apache:http_server:1.3.1", "cpe:/a:apache:http_server:2.0.45", "cpe:/a:apache:http_server:1.3.25", "cpe:/a:apache:http_server:2.0.41", "cpe:/a:apache:http_server:1.3.5", "cpe:/a:apache:http_server:1.3.37", "cpe:/a:apache:http_server:2.0.44", "cpe:/a:apache:http_server:1.3.4", "cpe:/a:apache:http_server:1.3.0", "cpe:/a:apache:http_server:1.3.12", "cpe:/a:apache:http_server:1.3.7", "cpe:/a:apache:http_server:1.3.8", "cpe:/a:apache:http_server:2.2.2", "cpe:/a:apache:http_server:1.3.26", "cpe:/a:apache:http_server:1.3.11", "cpe:/a:apache:http_server:2.0.37", "cpe:/a:apache:http_server:2.0.61", "cpe:/a:apache:http_server:1.3.31", "cpe:/a:apache:http_server:2.0.54", "cpe:/a:apache:http_server:1.3.32", "cpe:/a:apache:http_server:2.0.43", "cpe:/a:apache:http_server:2.0.47", "cpe:/a:apache:http_server:2.0.36", "cpe:/a:apache:http_server:2.0.42", "cpe:/a:apache:http_server:1.3.23", "cpe:/a:apache:http_server:2.0.60", "cpe:/a:apache:http_server:1.3.29", "cpe:/a:apache:http_server:2.0.52", "cpe:/a:apache:http_server:2.2.3", "cpe:/a:apache:http_server:2.0.51", "cpe:/a:apache:http_server:1.3.9"], "id": "CVE-2007-5000", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5000", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:apache:http_server:1.3.33:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.22:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.51:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.29:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.53:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.37:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.30:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.43:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.60:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.24:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.31:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.57:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.56:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.42:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.58:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.28:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.23:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.54:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.25:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.61:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.32:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.59:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.55:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.45:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:1.3.4:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:50:56", "description": "mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.", "edition": 5, "cvss3": {}, "published": "2008-01-12T00:46:00", "title": "CVE-2008-0005", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0005"], "modified": "2018-10-15T21:56:00", "cpe": ["cpe:/a:apache:http_server:2.0", "cpe:/a:apache:http_server:1.3"], "id": "CVE-2008-0005", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0005", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:apache:http_server:1.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*"]}], "centos": [{"lastseen": "2019-12-20T18:26:52", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4465", "CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "description": "**CentOS Errata and Security Advisory** CESA-2008:0008\n\n\nThe Apache HTTP Server is a popular Web server.\r\n\r\nA flaw was found in the mod_imagemap module. On sites where mod_imagemap\r\nwas enabled and an imagemap file was publicly available, a cross-site\r\nscripting attack was possible. (CVE-2007-5000)\r\n\r\nA flaw was found in the mod_autoindex module. On sites where directory\r\nlistings are used, and the \"AddDefaultCharset\" directive has been removed\r\nfrom the configuration, a cross-site scripting attack might have been\r\npossible against Web browsers which do not correctly derive the response\r\ncharacter set following the rules in RFC 2616. (CVE-2007-4465)\r\n\r\nA flaw was found in the mod_status module. On sites where mod_status was\r\nenabled and the status pages were publicly available, a cross-site\r\nscripting attack was possible. (CVE-2007-6388)\r\n\r\nA flaw was found in the mod_proxy_balancer module. On sites where\r\nmod_proxy_balancer was enabled, a cross-site scripting attack against an\r\nauthorized user was possible. (CVE-2007-6421)\r\n\r\nA flaw was found in the mod_proxy_balancer module. On sites where\r\nmod_proxy_balancer was enabled, an authorized user could send a carefully\r\ncrafted request that would cause the Apache child process handling that\r\nrequest to crash. This could lead to a denial of service if using a\r\nthreaded Multi-Processing Module. (CVE-2007-6422) \r\n\r\nA flaw was found in the mod_proxy_ftp module. On sites where mod_proxy_ftp\r\nwas enabled and a forward proxy was configured, a cross-site scripting\r\nattack was possible against Web browsers which do not correctly derive the\r\nresponse character set following the rules in RFC 2616. (CVE-2008-0005)\r\n\r\nUsers of Apache httpd should upgrade to these updated packages, which\r\ncontain backported patches to resolve these issues. Users should restart\r\nhttpd after installing this update.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2008-January/026652.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-January/026653.html\n\n**Affected packages:**\nhttpd\nhttpd-devel\nhttpd-manual\nmod_ssl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2008-0008.html", "edition": 3, "modified": "2008-01-16T22:06:47", "published": "2008-01-16T22:06:46", "href": "http://lists.centos.org/pipermail/centos-announce/2008-January/026653.html", "id": "CESA-2008:0008", "title": "httpd, mod_ssl security update", "type": "centos", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-12-20T18:25:40", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4465", "CVE-2008-0005", "CVE-2007-6388", "CVE-2007-5000"], "description": "**CentOS Errata and Security Advisory** CESA-2008:0006\n\n\nThe Apache HTTP Server is a popular Web server.\r\n\r\nA flaw was found in the mod_imap module. On sites where mod_imap was\r\nenabled and an imagemap file was publicly available, a cross-site scripting\r\nattack was possible. (CVE-2007-5000)\r\n\r\nA flaw was found in the mod_autoindex module. On sites where directory\r\nlistings are used, and the \"AddDefaultCharset\" directive has been removed\r\nfrom the configuration, a cross-site scripting attack was possible against\r\nWeb browsers which do not correctly derive the response character set\r\nfollowing the rules in RFC 2616. (CVE-2007-4465)\r\n\r\nA flaw was found in the mod_status module. On sites where mod_status was\r\nenabled and the status pages were publicly available, a cross-site\r\nscripting attack was possible. (CVE-2007-6388)\r\n\r\nA flaw was found in the mod_proxy_ftp module. On sites where mod_proxy_ftp\r\nwas enabled and a forward proxy was configured, a cross-site scripting\r\nattack was possible against Web browsers which do not correctly derive the\r\nresponse character set following the rules in RFC 2616. (CVE-2008-0005)\r\n\r\nUsers of Apache httpd should upgrade to these updated packages, which\r\ncontain backported patches to resolve these issues. Users should restart\r\nhttpd after installing this update.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2008-January/026645.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-January/026646.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-January/026648.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-January/026651.html\n\n**Affected packages:**\nhttpd\nhttpd-devel\nhttpd-manual\nhttpd-suexec\nmod_ssl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2008-0006.html", "edition": 4, "modified": "2008-01-16T05:08:37", "published": "2008-01-15T13:48:01", "href": "http://lists.centos.org/pipermail/centos-announce/2008-January/026645.html", "id": "CESA-2008:0006", "title": "httpd, mod_ssl security update", "type": "centos", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-12-20T18:25:27", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4465", "CVE-2008-0005", "CVE-2007-6388", "CVE-2007-5000"], "description": "**CentOS Errata and Security Advisory** CESA-2008:0004-01\n\n\nThe Apache HTTP Server is a popular Web server.\r\n\r\nA flaw was found in the mod_imap module. On sites where mod_imap was\r\nenabled and an imagemap file was publicly available, a cross-site scripting\r\nattack was possible. (CVE-2007-5000)\r\n\r\nA flaw was found in the mod_autoindex module. On sites where directory\r\nlistings are used, and the \"AddDefaultCharset\" directive has been removed\r\nfrom the configuration, a cross-site scripting attack was possible against\r\nWeb browsers which did not correctly derive the response character set\r\nfollowing the rules in RFC 2616. (CVE-2007-4465)\r\n\r\nA flaw was found in the mod_status module. On sites where mod_status was\r\nenabled and the status pages were publicly available, a cross-site\r\nscripting attack was possible. (CVE-2007-6388)\r\n\r\nA flaw was found in the mod_proxy_ftp module. On sites where mod_proxy_ftp\r\nwas enabled and a forward proxy was configured, a cross-site scripting\r\nattack was possible against Web browsers which did not correctly derive the\r\nresponse character set following the rules in RFC 2616. (CVE-2008-0005)\r\n\r\nUsers of Apache should upgrade to these updated packages, which contain\r\nbackported patches to resolve these issues. Users should restart Apache\r\nafter installing this update.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2008-January/026649.html\n\n**Affected packages:**\napache\napache-devel\napache-manual\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 5, "modified": "2008-01-16T02:42:35", "published": "2008-01-16T02:42:35", "href": "http://lists.centos.org/pipermail/centos-announce/2008-January/026649.html", "id": "CESA-2008:0004-01", "title": "apache security update", "type": "centos", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-12-20T18:26:29", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4465", "CVE-2008-0005", "CVE-2007-3847", "CVE-2007-6388", "CVE-2007-5000"], "description": "**CentOS Errata and Security Advisory** CESA-2008:0005\n\n\nThe Apache HTTP Server is a popular Web server.\r\n\r\nA flaw was found in the mod_imap module. On sites where mod_imap was\r\nenabled and an imagemap file was publicly available, a cross-site scripting\r\nattack was possible. (CVE-2007-5000)\r\n\r\nA flaw was found in the mod_autoindex module. On sites where directory\r\nlistings are used, and the \"AddDefaultCharset\" directive has been removed\r\nfrom the configuration, a cross-site scripting attack was possible against\r\nWeb browsers which did not correctly derive the response character set\r\nfollowing the rules in RFC 2616. (CVE-2007-4465)\r\n\r\nA flaw was found in the mod_proxy module. On sites where a reverse proxy is\r\nconfigured, a remote attacker could send a carefully crafted request that\r\nwould cause the Apache child process handling that request to crash. On\r\nsites where a forward proxy is configured, an attacker could cause a\r\nsimilar crash if a user could be persuaded to visit a malicious site using\r\nthe proxy. This could lead to a denial of service if using a threaded\r\nMulti-Processing Module. (CVE-2007-3847) \r\n\r\nA flaw was found in the mod_status module. On sites where mod_status was\r\nenabled and the status pages were publicly available, a cross-site\r\nscripting attack was possible. (CVE-2007-6388)\r\n\r\nA flaw was found in the mod_proxy_ftp module. On sites where mod_proxy_ftp\r\nwas enabled and a forward proxy was configured, a cross-site scripting\r\nattack was possible against Web browsers which did not correctly derive the\r\nresponse character set following the rules in RFC 2616. (CVE-2008-0005)\r\n\r\nUsers of Apache httpd should upgrade to these updated packages, which\r\ncontain backported patches to resolve these issues. Users should restart\r\nhttpd after installing this update.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2008-January/026643.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-January/026644.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-January/026647.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-January/026650.html\n\n**Affected packages:**\nhttpd\nhttpd-devel\nmod_ssl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2008-0005.html", "edition": 4, "modified": "2008-01-16T05:02:46", "published": "2008-01-15T12:48:29", "href": "http://lists.centos.org/pipermail/centos-announce/2008-January/026643.html", "id": "CESA-2008:0005", "title": "httpd, mod_ssl security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:34:11", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4465", "CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "description": " [2.2.3-12.el5_1.3.0.1]\n - use oracle index page oracle_index.html, update vstring and distro\n \n [2.2.3-12.el5_1.3]\n - further update to backport for CVE-2007-6421 (#427240)\n \n [2.2.3-12.el5_1.2]\n - updated backport for CVE-2007-6421 (#427240)\n \n [2.2.3-11.el5_1.1]\n - add security fixes for CVE-2007-6388, CVE-2007-6421\n and CVE-2007-6422 (#427240)\n - add security fix for CVE-2007-4465, CVE-2007-5000 (#421631)\n - add security fix for mod_proxy_ftp UTF-7 XSS (#427745) ", "edition": 4, "modified": "2008-01-15T00:00:00", "published": "2008-01-15T00:00:00", "id": "ELSA-2008-0008", "href": "http://linux.oracle.com/errata/ELSA-2008-0008.html", "title": "Moderate: httpd security update ", "type": "oraclelinux", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:38:06", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4465", "CVE-2008-0005", "CVE-2007-6388", "CVE-2007-5000"], "description": " [2.0.52-38.ent.2.0.1]\n - use oracle index page oracle_index.html\n - updated string and distro in specfile\n \n [2.0.52-38.ent.2]\n - add security fix for CVE-2007-6388 (#427236)\n - add security fix for mod_proxy_ftp UTF-7 XSS (#427743)\n \n [2.0.52-38.ent.1]\n - add security fixes for CVE-2007-4465, CVE-2007-5000 (#421611) ", "edition": 4, "modified": "2008-01-15T00:00:00", "published": "2008-01-15T00:00:00", "id": "ELSA-2008-0006", "href": "http://linux.oracle.com/errata/ELSA-2008-0006.html", "title": "Moderate: httpd security update ", "type": "oraclelinux", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:34:56", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4465", "CVE-2007-3847", "CVE-2007-6388", "CVE-2007-5000"], "description": " [2.0.46-70.ent.0.1]\n - use oracle index page oracle_index.html and logo removal\n - add apr-configure.patch\n \n [2.0.46-70.ent]\n - add security fix for CVE-2007-6388 (#427235)\n - add security fix for mod_proxy_ftp UTF-7 XSS (#427742)\n \n [2.0.46-69.ent]\n - add security fix for CVE-2007-3847 (#250759)\n - add security fixes for CVE-2007-4465, CVE-2007-5000 (#421601) ", "edition": 4, "modified": "2008-01-15T00:00:00", "published": "2008-01-15T00:00:00", "id": "ELSA-2008-0005", "href": "http://linux.oracle.com/errata/ELSA-2008-0005.html", "title": "Moderate: httpd security update ", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2016-09-04T12:14:44", "bulletinFamily": "unix", "cvelist": ["CVE-2006-3918", "CVE-2007-6203", "CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "description": "Various minor bugs have been fixed in the Apache 1 and Apache 2 web servers and released as a roll-up update.\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2008-04-04T16:29:16", "published": "2008-04-04T16:29:16", "id": "SUSE-SA:2008:021", "href": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html", "type": "suse", "title": "cross site scripting in apache2,apache", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "ubuntu": [{"lastseen": "2020-07-08T23:31:57", "bulletinFamily": "unix", "cvelist": ["CVE-2006-3918", "CVE-2007-4465", "CVE-2008-0005", "CVE-2007-6421", "CVE-2007-3847", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-6422"], "description": "It was discovered that Apache did not sanitize the Expect header from \nan HTTP request when it is reflected back in an error message, which \ncould result in browsers becoming vulnerable to cross-site scripting \nattacks when processing the output. With cross-site scripting \nvulnerabilities, if a user were tricked into viewing server output \nduring a crafted server request, a remote attacker could exploit this \nto modify the contents, or steal confidential data (such as passwords), \nwithin the same domain. This was only vulnerable in Ubuntu 6.06. \n(CVE-2006-3918)\n\nIt was discovered that when configured as a proxy server and using a \nthreaded MPM, Apache did not properly sanitize its input. A remote \nattacker could send Apache crafted date headers and cause a denial of \nservice via application crash. By default, mod_proxy is disabled in \nUbuntu. (CVE-2007-3847)\n\nIt was discovered that mod_autoindex did not force a character set, \nwhich could result in browsers becoming vulnerable to cross-site \nscripting attacks when processing the output. (CVE-2007-4465)\n\nIt was discovered that mod_imap/mod_imagemap did not force a \ncharacter set, which could result in browsers becoming vulnerable \nto cross-site scripting attacks when processing the output. By \ndefault, mod_imap/mod_imagemap is disabled in Ubuntu. (CVE-2007-5000)\n\nIt was discovered that mod_status when status pages were available, \nallowed for cross-site scripting attacks. By default, mod_status is \ndisabled in Ubuntu. (CVE-2007-6388)\n\nIt was discovered that mod_proxy_balancer did not sanitize its input, \nwhich could result in browsers becoming vulnerable to cross-site \nscripting attacks when processing the output. By default, \nmod_proxy_balancer is disabled in Ubuntu. This was only vulnerable \nin Ubuntu 7.04 and 7.10. (CVE-2007-6421)\n\nIt was discovered that mod_proxy_balancer could be made to \ndereference a NULL pointer. A remote attacker could send a crafted \nrequest and cause a denial of service via application crash. By \ndefault, mod_proxy_balancer is disabled in Ubuntu. This was only \nvulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-6422)\n\nIt was discovered that mod_proxy_ftp did not force a character set, \nwhich could result in browsers becoming vulnerable to cross-site \nscripting attacks when processing the output. By default, \nmod_proxy_ftp is disabled in Ubuntu. (CVE-2008-0005)", "edition": 5, "modified": "2008-02-04T00:00:00", "published": "2008-02-04T00:00:00", "id": "USN-575-1", "href": "https://ubuntu.com/security/notices/USN-575-1", "title": "Apache vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:28", "bulletinFamily": "software", "cvelist": ["CVE-2007-6423", "CVE-2008-0005", "CVE-2007-6421", "CVE-2007-6388", "CVE-2007-6422", "CVE-2007-6420"], "description": "mod_proxy_balancer \u0441rossite scripting, crossite requests forgery, memory corruption, DoS, mod_proxy_ftp and mod_status, mod_negotiation - crossite scripting.", "edition": 1, "modified": "2008-01-24T00:00:00", "published": "2008-01-24T00:00:00", "id": "SECURITYVULNS:VULN:8559", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8559", "title": "Apache multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:28", "bulletinFamily": "software", "cvelist": ["CVE-2007-6388", "CVE-2007-5000"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c01607570\r\nVersion: 1\r\n\r\nHPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site\r\nScripting (XSS)\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible.\r\n\r\nRelease Date: 2008-11-19\r\nLast Updated: 2008-11-19\r\n\r\nPotential Security Impact: Remote cross site scripting (XSS)\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nPotential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV\r\nNNM). The vulnerabilities could be exploited remotely to allow cross site scripting (XSS).\r\n\r\nReferences: CVE-2007-6388, CVE-2007-5000\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nHP OpenView Network Node Manager (OV NNM) v7.01, v7.51, v7.53 running on HP-UX, Linux, and Solaris\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics \r\n===============================================\r\nReference Base Vector Base Score \r\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\r\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\r\n===============================================\r\nInformation on CVSS is documented in HP Customer Notice: HPSN-2008-002.\r\n\r\nRESOLUTION\r\n\r\nHP has made patches available to resolve the vulnerabilities.\r\n\r\nThe patches are available from http://itrc.hp.com \r\n\r\nOV NNM v7.53 \r\n===========\r\nOperating_System - HP-UX (IA)\r\nResolved in Patch - PHSS_38148 or subsequent\r\n \r\nOperating_System - HP-UX (PA)\r\nResolved in Patch - PHSS_38147 or subsequent\r\n \r\nOperating_System - Linux RedHatAS2.1 \r\nResolved in Patch - LXOV_00085 or subsequent\r\n \r\nOperating_System - Linux RedHat4AS-x86_64 \r\nResolved in Patch - LXOV_00086 or subsequent\r\n \r\nOperating_System - Solaris\r\nResolved in Patch - PSOV_03514 or subsequent\r\n \r\nOV NNM v7.51 \r\n===========\r\nUpgrade to NNM v7.53 and install the patches listed above. \r\n\r\nOV NNM v7.01 \r\n===========\r\nOperating_System - HP-UX (PA)\r\nResolved in Patch - PHSS_38761 or subsequent\r\n \r\nOperating_System - Solaris\r\nResolved in Patch - PSOV_03516 or subsequent\r\n \r\n\r\nMANUAL ACTIONS: Yes - NonUpdate \r\nApply the appropriate file as described in the Resolution. \r\n\r\nPRODUCT SPECIFIC INFORMATION \r\n\r\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX\r\nSecurity Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions\r\nthat may apply to a specific HP-UX system. It can also download patches and create a depot\r\nautomatically. For more information see https://www.hp.com/go/swa \r\n\r\nThe following text is for use by the HP-UX Software Assistant.\r\n\r\nAFFECTED VERSIONS (for HP-UX)\r\n\r\nFor HP-UX OV NNM 7.53 \r\nHP-UX B.11.31 \r\nHP-UX B.11.23 (IA) \r\n============= \r\nOVNNMgr.OVNNM-RUN \r\naction: install PHSS_38148 or subsequent \r\nURL: http://itrc.hp.com \r\n\r\nHP-UX B.11.23 (PA) \r\nHP-UX B.11.11 \r\n============= \r\nOVNNMgr.OVNNM-RUN \r\naction: install PHSS_38147 or subsequent \r\nURL: http://itrc.hp.com \r\n\r\nFor HP-UX OV NNM 7.51 \r\nHP-UX B.11.31 \r\nHP-UX B.11.23 \r\nHP-UX B.11.11 \r\n============= \r\nOVNNMgr.OVNNM-RUN \r\naction: upgrade NNM v7.51 to NNM v7.53 and apply the appropriate patches \r\n\r\nFor HP-UX OV NNM 7.01 \r\nHP-UX B.11.00 \r\nHP-UX B.11.11 \r\n============= \r\nOVNNMgr.OVNNM-RUN \r\naction: install PHSS_38761 or subsequent \r\nURL: http://itrc.hp.com \r\n\r\nEND AFFECTED VERSIONS (for HP-UX)\r\n\r\nHISTORY \r\nVersion:1 (rev.1) - 19 November 2008 Initial release \r\n\r\nThird Party Security Patches: Third party security patches that are to be installed on systems\r\nrunning HP software products should be applied in accordance with the customer's patch management\r\npolicy. \r\n\r\nSupport: For further information, contact normal HP Services support channel.\r\n\r\nReport: To report a potential security vulnerability with any HP supported product, send Email to:\r\nsecurity-alert@hp.com \r\nIt is strongly recommended that security related information being communicated to HP be encrypted\r\nusing PGP, especially exploit information. \r\nTo get the security-alert PGP key, please send an e-mail message as follows:\r\n To: security-alert@hp.com \r\n Subject: get key\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \r\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC\r\nOn the web page: ITRC security bulletins and patch sign-up \r\nUnder Step1: your ITRC security bulletins and patches \r\n - check ALL categories for which alerts are required and continue.\r\nUnder Step2: your ITRC operating systems \r\n - verify your operating system selections are checked and save.\r\n\r\n\r\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \r\nLog in on the web page: Subscriber's choice for Business: sign-in. \r\nOn the web page: Subscriber's Choice: your profile summary - use Edit Profile to update\r\nappropriate sections.\r\n\r\n\r\nTo review previously published Security Bulletins visit:\r\nhttp://www.itrc.hp.com/service/cki/secBullArchive.do \r\n\r\n\r\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th\r\nand 6th characters of the Bulletin number in the title: \r\n\r\nGN = HP General SW\r\nMA = HP Management Agents\r\nMI = Misc. 3rd Party SW\r\nMP = HP MPE/iX\r\nNS = HP NonStop Servers\r\nOV = HP OpenVMS\r\nPI = HP Printing & Imaging\r\nST = HP Storage SW\r\nTL = HP Trusted Linux\r\nTU = HP Tru64 UNIX\r\nUX = HP-UX\r\nVV = HP VirtualVault\r\n \r\nSystem management and security procedures must be reviewed frequently to maintain system\r\nintegrity. HP is continually reviewing and enhancing the security features of software products to\r\nprovide customers with current secure solutions.\r\n\r\n\r\n"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of\r\nthe affected HP products the important security information contained in this Bulletin. HP\r\nrecommends that all users determine the applicability of this information to their individual\r\nsituations and take appropriate action. HP does not warrant that this information is necessarily\r\naccurate or complete for all user situations and, consequently, HP will not be responsible for any\r\ndamages resulting from user's use or disregard of the information provided in this Bulletin. To the\r\nextent permitted by law, HP disclaims all warranties, either express or implied, including the\r\nwarranties of merchantability and fitness for a particular purpose, title and non-infringement."\r\n\r\n\u00a9Copyright 2008 Hewlett-Packard Development Company, L.P. \r\n\r\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions\r\ncontained herein. The information provided is provided "as is" without warranty of any kind. To the\r\nextent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable\r\nfor incidental, special or consequential damages including downtime cost; lost profits; damages\r\nrelating to the procurement of substitute products or services; or damages for loss of data, or\r\nsoftware restoration. The information in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks\r\nof Hewlett-Packard Company in the United States and other countries. Other product and company\r\nnames mentioned herein may be trademarks of their respective owners.\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: PGP 8.1\r\n\r\niQA/AwUBSSQhVOAfOvwtKn1ZEQIlVQCg4n4fABzC24c9qQ5gz68oPLMVKI0AoMbs\r\nA2UIaH3YB7z+o42Tm7Eg7ahn\r\n=lskD\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2008-11-21T00:00:00", "published": "2008-11-21T00:00:00", "id": "SECURITYVULNS:DOC:20904", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20904", "title": "[security bulletin] HPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS)", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:09:31", "bulletinFamily": "software", "cvelist": ["CVE-2007-6388", "CVE-2007-5000"], "description": "No description provided", "edition": 1, "modified": "2008-11-21T00:00:00", "published": "2008-11-21T00:00:00", "id": "SECURITYVULNS:VULN:9450", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9450", "title": "HP OpenView Network Node Manager crossite scripting", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:24", "bulletinFamily": "software", "cvelist": ["CVE-2007-6423", "CVE-2007-6421", "CVE-2007-6422", "CVE-2007-6420"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n[Apache2 CSRF, XSS, Memory Corruption and Denial of Service Vulnerability ]\r\n\r\nAuthor: sp3x\r\n\r\nDate:\r\n- - Written: 06.12.2007\r\n- - Public: 09.01.2008\r\n\r\nSecurityReason Research\r\nSecurityAlert Id: 48\r\n\r\nCVE: CVE-2007-6420\r\n CVE-2007-6421\r\n CVE-2007-6422\r\n CVE-2007-6423\r\n\r\nSecurityRisk: Low\r\n\r\nAffected Software: Apache 2.2.x (mod_proxy_balancer)\r\nAdvisory URL:\r\nhttp://securityreason.com/achievement_securityalert/48\r\nVendor: http://httpd.apache.org\r\n\r\n- --- 0.Description ---\r\n\r\nThe Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT. The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards.\r\n\r\nApache has been the most popular web server on the Internet since April 1996. The November 2005 Netcraft Web Server Survey found that more than 70% of the web sites on the Internet are using Apache, thus making it more widely used than all other web servers combined.\r\n\r\nmod_proxy_balancer : http://httpd.apache.org/docs/2.2/mod/mod_proxy_balancer.html\r\n\r\n- From apache site : "Balancer manager enables dynamic update of balancer members. You can use balancer manager to change the balance factor or a particular member, or put it in the off line mode"\r\n\r\nbalancer-manager is an administrative interface which should only be accessible to trusted users. Due to the fact the SecurityRisk is Low.\r\n\r\n- --- 1. Apache2 Cross-Site Request Forgery (CSRF) Vulnerability ---\r\n\r\nDuring the fact that all actions are performed by GET method there exist "CSRF" .\r\n\r\nThe balancer-manager should use POST for requests which have side-effects \r\nwhich would significantly mitigate the "CSRF" issue.\r\n\r\n- --- 2. Apache2 HTML Injection (XSS) Vulnerability ---\r\n\r\n- --- First XSS ---\r\n\r\nThe HTML Injection (XSS) vulnerability exist in "mod_proxy_balancer.c" .\r\n\r\nBy Enabling Balancer Manager Support we can trigger XSS vulnerability . \r\n\r\nInput passed to the :\r\n"ss" - called ""StickySession Identifier", \r\n"wr" - called "Route",\r\n"rr" - called "Route Redirect", \r\nparametrs in balancer-manager are not properly sanitised leading to execute arbitrary HTML and script code in a victim's browser.\r\n\r\n- --- Second XSS ---\r\n\r\nInput passed in the URL to "balancer-mamanger" is not properly sanitised leading to execute arbitrary HTML and script code in a victim's browser.\r\n\r\n\r\n- --- 3. Apache2 Denial of Service Vulnerability ---\r\n\r\nThe Denial of Service is caused due to an error in the "balancer_handler()" function that manages the loadfactors and member status. When attacker input invalid "bb" variable while editing worker settings leads to "Denial of Service Vulnerability".\r\n\r\n- --- 4. Apache2 Memory Corruption ---\r\n\r\nThe Memory corruption is caused due to an error in the "mod_proxy_balancer" when attacker input in the URL 7390 or 7506 or 7622 "A" chars.\r\n\r\nOnly for Windows.\r\n\r\n- --- 4. Exploit ---\r\n\r\nSecurityReason is not going to release a exploit to the general public.\r\nExploit was provided and tested for Apache Team .\r\n\r\n- --- 5. How to fix ---\r\n\r\nUpdate to Apache 2.2.7-dev\r\n\r\nhttp://httpd.apache.org/security/vulnerabilities_22.html\r\n\r\n- --- 6. References ---\r\n\r\nCSRF : http://www.owasp.org/index.php/Testing_for_CSRF\r\n\r\n- --- 7. Greets ---\r\n\r\nFor: Maksymilian Arciemowicz ( cXIb8O3 ), Infospec, pi3, p_e_a, mpp\r\n\r\n- --- 8. Contact ---\r\n\r\nAuthor: sp3x\r\nEmail: sp3x [at] securityreason [dot] com\r\nGPG: http://securityreason.com/key/sp3x.gpg\r\nhttp://securityreason.com\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.2.7 (GNU/Linux)\r\n\r\niD8DBQFHhUo6haZ93YsJSwQRAuYmAKCF5gOZ4P804moV5ybi8yjpbnvqNwCeNr9O\r\n+2Taez4t5p+5O7BZ9Yol2eg=\r\n=v0YB\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2008-01-12T00:00:00", "published": "2008-01-12T00:00:00", "id": "SECURITYVULNS:DOC:18846", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:18846", "title": "SecurityReason - Apache2 CSRF, XSS, Memory Corruption and Denial of Service Vulnerability", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "f5": [{"lastseen": "2017-06-08T00:16:24", "bulletinFamily": "software", "cvelist": ["CVE-2007-5000"], "edition": 1, "description": "", "modified": "2016-01-09T02:30:00", "published": "2007-12-28T03:00:00", "href": "https://support.f5.com/csp/article/K8186", "id": "F5:K8186", "title": "Cross-site scripting vulnerability in Apache mod_imap CVE-2007-5000", "type": "f5", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2016-09-26T17:23:16", "bulletinFamily": "software", "cvelist": ["CVE-2007-5000"], "edition": 1, "description": "F5 Product Development has determined the likelihood of exploitation is low for the cross-site scripting (XSS) vulnerability disclosed in CVE-2007-5000. Exploiting this vulnerability would require an administrator of an F5 device to interact with a web page crafted by an attacker. Possible attacks could include recovering that administrator or operator's password to the BIG-IP.\n\n**Note**: The BIG-IP system ships with the **mod_imap** module, however the BIG-IP Configuration utility does not use or rely on **mod_imap**.\n\nInformation about this advisory is available at the following location:\n\n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000>\n\nF5 Product Development tracked this issue as CR59618 and it was fixed in BIG-IP 9.3.0 and 9.4.0. For information about upgrading, refer to the BIG-IP LTM, GTM, ASM, Link Controller, and WebAccelerator release notes.\n\n**Workaround**\n\nIf you are using a vulnerable version and upgrading is not an immediate option, you can disable **mod_imap** by performing the following procedure:\n\n 1. Log in to the command line.\n 2. Change directories to the **/config/httpd/conf** directory by typing the following command: \n \ncd /config/httpd/conf\n 3. Open the **httpd.conf **file with a file editor and comment out the **mod_imap** entry by inserting **#** at the beginning of the following line: \n \n#LoadModule imap_module modules/mod_imap.so\n 4. Save the **httpd.conf** file.\n 5. Restart the **httpd** daemon by typing the following command: \n \nbigstart restart httpd\n", "modified": "2013-03-19T00:00:00", "published": "2007-12-27T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/8000/100/sol8186.html", "id": "SOL8186", "title": "SOL8186 - Cross-site scripting vulnerability in Apache mod_imap CVE-2007-5000", "type": "f5", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "seebug": [{"lastseen": "2017-11-19T21:49:23", "description": "BUGTRAQ ID: 27236\r\nCVE ID:CVE-2007-6420\r\nCVE-2007-6421\r\nCVE-2007-6422\r\nCVE-2007-6423\r\nCNCVE ID:CNCVE-20076420\r\nCNCVE-20076421\r\nCNCVE-20076422\r\nCNCVE-20076423\r\n\r\nApache HTTP Server\u662f\u4e00\u6b3e\u5f00\u653e\u6e90\u7801\u7684WEB\u670d\u52a1\u7a0b\u5e8f\u3002\r\nApache HTTP Server\u5305\u542b\u7684mod_proxy_balancer\u6a21\u5757\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u95ee\u9898\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u8fdb\u884c\u8de8\u7ad9\u811a\u672c\uff0cCSRF\uff0c\u62d2\u7edd\u670d\u52a1\u7b49\u653b\u51fb\u3002\r\n1\uff0c\u7531\u4e8e\u6240\u6709\u884c\u4e3a\u901a\u8fc7GET\u8bbf\u95ee\u6267\u884c\uff0c\u5b58\u5728\u201cCSRF\u201d\u653b\u51fb\u3002\r\n2\uff0c"mod_proxy_balancer.c"\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u95ee\u9898\uff0c\u8f93\u5165\u4f20\u9012\u7ed9\uff1a\r\n"ss" - \u4e3a""StickySession Identifier",\r\n"wr" - \u4e3a"Route",\r\n"rr" - \u4e3a"Route Redirect"\uff0c\r\n\u53c2\u6570\u6ca1\u6709\u8fdb\u884c\u4efb\u4f55\u8fc7\u6ee4\u53ef\u5bfc\u81f4\u4efb\u610fHTML\u548c\u811a\u672c\u4ee3\u7801\u6267\u884c\u3002\r\n\u53e6\u5916\u5bf9"balancer-mamanger"\u53c2\u6570\u7f3a\u5c11\u8fc7\u6ee4\uff0c\u4e5f\u53ef\u5bfc\u81f4\u4efb\u610fHTML\u548c\u811a\u672c\u4ee3\u7801\u6267\u884c\u3002\r\n3\uff0c\u7ba1\u7406\u8d1f\u8d23loadfactors\u548cmember\u72b6\u6001\u7684"balancer_handler()"\u5b58\u5728\u9519\u8bef\uff0c\u5f53\u7f16\u8f91\u5de5\u4f5c\u8bbe\u7f6e\u4f7f\u653b\u51fb\u8005\u8f93\u5165\u975e\u6cd5"b"\u53d8\u91cf\u53ef\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\r\n4\uff0c\u5f53\u5728URL\u4e2d\u8f93\u51657390 or 7506\u62167622 "A"\u5b57\u7b26\u65f6\u4f1a\u7531\u4e8e"mod_proxy_balancer"\u9519\u8bef\u800c\u5bfc\u81f4\u5185\u5b58\u7834\u574f\u3002\r\n\n\nApache Software Foundation Apache 2.2.6 \r\nApache Software Foundation Apache 2.2.5 \r\nApache Software Foundation Apache 2.2.4 \r\nApache Software Foundation Apache 2.2.3 \r\nApache Software Foundation Apache 2.2.2 \r\nApache Software Foundation Apache 2.2 .0\r\nApache Software Foundation Apache 2.2.6-dev\r\nApache Software Foundation Apache 2.2.5-dev\n \u5382\u5546\u89e3\u51b3\u65b9\u6848\r\nApache 2.2.7-dev\u5df2\u7ecf\u4fee\u6b63\u6b64\u6f0f\u6d1e\uff1a\r\n<a href=http://www.apache.org/ target=_blank>http://www.apache.org/</a>", "published": "2008-01-14T00:00:00", "title": "Apache 'mod_proxy_balancer'\u5b58\u5728\u591a\u4e2a\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2007-6420", "CVE-2007-6421", "CVE-2007-6422", "CVE-2007-6423"], "modified": "2008-01-14T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-2820", "id": "SSV:2820", "sourceData": "", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "sourceHref": ""}], "vmware": [{"lastseen": "2019-11-06T16:05:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0040", "CVE-2008-0005", "CVE-2007-3304", "CVE-2006-5752", "CVE-2007-3847", "CVE-2007-6388", "CVE-2007-5000", "CVE-2007-1863"], "description": "a. Third Party Library libpng Updated to 1.2.35 \n \nSeveral flaws were discovered in the way third party library libpng \nhandled uninitialized pointers. An attacker could create a PNG image \nfile in such a way, that when loaded by an application linked to \nlibpng, it could cause the application to crash or execute arbitrary \ncode at the privilege level of the user that runs the application. \nThe Common Vulnerabilities and Exposures project (cve.mitre.org) \nhas assigned the name CVE-2009-0040 to this issue. \nThe following table lists what action remediates the vulnerability \n(column 4) if a solution is available. \n\n", "edition": 4, "modified": "2010-11-08T00:00:00", "published": "2009-08-20T00:00:00", "id": "VMSA-2009-0010", "href": "https://www.vmware.com/security/advisories/VMSA-2009-0010.html", "title": "VMware Hosted products update libpng and Apache HTTP Server", "type": "vmware", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:04", "bulletinFamily": "unix", "cvelist": ["CVE-2007-6203", "CVE-2008-0005", "CVE-2008-0455", "CVE-2008-0456", "CVE-2007-6422"], "description": "### Background\n\nThe Apache HTTP server is one of the most popular web servers on the Internet. \n\n### Description\n\nAdrian Pastor and Amir Azam (ProCheckUp) reported that the HTTP Method specifier header is not properly sanitized when the HTTP return code is \"413 Request Entity too large\" (CVE-2007-6203). The mod_proxy_balancer module does not properly check the balancer name before using it (CVE-2007-6422). The mod_proxy_ftp does not define a charset in its answers (CVE-2008-0005). Stefano Di Paola (Minded Security) reported that filenames are not properly sanitized within the mod_negotiation module (CVE-2008-0455, CVE-2008-0456). \n\n### Impact\n\nA remote attacker could entice a user to visit a malicious URL or send specially crafted HTTP requests (i.e using Adobe Flash) to perform Cross-Site Scripting and HTTP response splitting attacks, or conduct a Denial of Service attack on the vulnerable web server. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Apache users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-servers/apache-2.2.8\"", "edition": 1, "modified": "2008-03-12T00:00:00", "published": "2008-03-11T00:00:00", "id": "GLSA-200803-19", "href": "https://security.gentoo.org/glsa/200803-19", "type": "gentoo", "title": "Apache: Multiple vulnerabilities", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}]}
