Lucene search

K
openvasCopyright (c) 2012 Greenbone Networks GmbHOPENVAS:881450
HistoryJul 30, 2012 - 12:00 a.m.

CentOS Update for httpd CESA-2011:1392 centos4 x86_64

2012-07-3000:00:00
Copyright (c) 2012 Greenbone Networks GmbH
plugins.openvas.org
15

0.974 High

EPSS

Percentile

99.9%

Check for the Version of httpd

###############################################################################
# OpenVAS Vulnerability Test
#
# CentOS Update for httpd CESA-2011:1392 centos4 x86_64
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "The Apache HTTP Server is a popular web server.

  It was discovered that the Apache HTTP Server did not properly validate the
  request URI for proxied requests. In certain configurations, if a reverse
  proxy used the ProxyPassMatch directive, or if it used the RewriteRule
  directive with the proxy flag, a remote attacker could make the proxy
  connect to an arbitrary server, possibly disclosing sensitive information
  from internal web servers not directly accessible to the attacker.
  (CVE-2011-3368)
  
  Red Hat would like to thank Context Information Security for reporting this
  issue.
  
  This update also fixes the following bug:
  
  * The fix for CVE-2011-3192 provided by the RHSA-2011:1245 update
  introduced regressions in the way httpd handled certain Range HTTP header
  values. This update corrects those regressions. (BZ#736593, BZ#736594)
  
  All httpd users should upgrade to these updated packages, which contain
  backported patches to correct these issues. After installing the updated
  packages, the httpd daemon must be restarted for the update to take effect.";

tag_affected = "httpd on CentOS 4";
tag_solution = "Please Install the Updated Packages.";



if(description)
{
  script_xref(name : "URL" , value : "http://lists.centos.org/pipermail/centos-announce/2011-November/018172.html");
  script_id(881450);
  script_version("$Revision: 8253 $");
  script_tag(name:"last_modification", value:"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $");
  script_tag(name:"creation_date", value:"2012-07-30 17:54:04 +0530 (Mon, 30 Jul 2012)");
  script_cve_id("CVE-2011-3368", "CVE-2011-3192");
  script_tag(name:"cvss_base", value:"7.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_xref(name: "CESA", value: "2011:1392");
  script_name("CentOS Update for httpd CESA-2011:1392 centos4 x86_64");

  script_tag(name: "summary" , value: "Check for the Version of httpd");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2012 Greenbone Networks GmbH");
  script_family("CentOS Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/centos", "ssh/login/rpms");
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");

res = "";
if(release == NULL){
  exit(0);
}

if(release == "CentOS4")
{

  if ((res = isrpmvuln(pkg:"httpd", rpm:"httpd~2.0.52~49.ent.centos4", rls:"CentOS4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"httpd-devel", rpm:"httpd-devel~2.0.52~49.ent.centos4", rls:"CentOS4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"httpd-manual", rpm:"httpd-manual~2.0.52~49.ent.centos4", rls:"CentOS4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"httpd-suexec", rpm:"httpd-suexec~2.0.52~49.ent.centos4", rls:"CentOS4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"mod_ssl", rpm:"mod_ssl~2.0.52~49.ent.centos4", rls:"CentOS4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}