[security bulletin] HPSBOV02506 SSRT090244 rev.1 - HP Secure Web Server for OpenVMS (based on Apache) CSWS, Remote Denial of Service (DoS), Unauthorized Disclosure of Information, Unauthorized Modification of Information
2010-03-31T00:00:00
ID SECURITYVULNS:DOC:23496 Type securityvulns Reporter Securityvulns Modified 2010-03-31T00:00:00
Description
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02002308
Version: 1
HPSBOV02506 SSRT090244 rev.1 - HP Secure Web Server for OpenVMS (based on Apache) CSWS, Remote Denial of Service (DoS), Unauthorized Disclosure of Information,
Unauthorized Modification of Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-03-23
Last Updated: 2010-03-23
Potential Security Impact: Remote Denial of Service (DoS), unauthorized disclosure of information, unauthorized modification of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Multiple security vulnerabilities have been identified with the HP Secure Web Server for OpenVMS (based on Apache) CSWS. The vulnerabilities could be remotely
exploited resulting in a Denial of Service (DoS), unauthorized disclosure of information, or unauthorized modification of information.
References: CVE-2009-3094, CVE-2009-3095
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP Secure Web Server for OpenVMS (based on Apache) CSWS V2.1-1.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score
CVE-2009-3094 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4
CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following patch kits available to resolve the vulnerability.
Patch kit installation instructions are provided in the file SSRT090244 Apache CVE-2009-3094, CVE-2009-3095.txt .
The patch kits and installation instructions are available from the following location using ftp:
The patch images will be provided in the next regularly scheduled update of CSWS 2.1-1.
PRODUCT SPECIFIC INFORMATION
None
HISTORY
Version:1 (rev.1) - 23 March 2010 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the
customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information.
To get the security-alert PGP key, please send an e-mail message as follows:
To: security-alert@hp.com
Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email:
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC
On the web page: ITRC security bulletins and patch sign-up
Under Step1: your ITRC security bulletins and patches
-check ALL categories for which alerts are required and continue.
Under Step2: your ITRC operating systems
-verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php
Log in on the web page: Subscriber's choice for Business: sign-in.
On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
The Software Product Category that this Security Bulletin
relates to is represented by the 5th and 6th characters
of the Bulletin number in the title:
GN = HP General SW
MA = HP Management Agents
MI = Misc. 3rd Party SW
MP = HP MPE/iX
NS = HP NonStop Servers
OV = HP OpenVMS
PI = HP Printing & Imaging
ST = HP Storage SW
TL = HP Trusted Linux
TU = HP Tru64 UNIX
UX = HP-UX
VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features
of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information
contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action.
HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages
resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or
implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2009 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without
warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or
consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or
software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products
referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be
trademarks of their respective owners.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
{"id": "SECURITYVULNS:DOC:23496", "bulletinFamily": "software", "title": "[security bulletin] HPSBOV02506 SSRT090244 rev.1 - HP Secure Web Server for OpenVMS (based on Apache) CSWS, Remote Denial of Service (DoS), Unauthorized Disclosure of Information, Unauthorized Modification of Information", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c02002308\r\nVersion: 1\r\n\r\nHPSBOV02506 SSRT090244 rev.1 - HP Secure Web Server for OpenVMS (based on Apache) CSWS, Remote Denial of Service (DoS), Unauthorized Disclosure of Information,\r\nUnauthorized Modification of Information\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible.\r\n\r\nRelease Date: 2010-03-23\r\nLast Updated: 2010-03-23\r\n\r\nPotential Security Impact: Remote Denial of Service (DoS), unauthorized disclosure of information, unauthorized modification of information\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nMultiple security vulnerabilities have been identified with the HP Secure Web Server for OpenVMS (based on Apache) CSWS. The vulnerabilities could be remotely\r\nexploited resulting in a Denial of Service (DoS), unauthorized disclosure of information, or unauthorized modification of information.\r\n\r\nReferences: CVE-2009-3094, CVE-2009-3095\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nHP Secure Web Server for OpenVMS (based on Apache) CSWS V2.1-1.\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2009-3094 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\r\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP has made the following patch kits available to resolve the vulnerability.\r\nPatch kit installation instructions are provided in the file SSRT090244 Apache CVE-2009-3094, CVE-2009-3095.txt .\r\nThe patch kits and installation instructions are available from the following location using ftp:\r\n\r\n Host Account Password\r\n ftp.usa.hp.com ewt01 Welcome1\r\n\r\nCSWS version 2.1-1 patch kits are available for both ALPHA and ITANIUM platforms.\r\n\r\nItanium Images\r\n mod_proxy.exe_ia64\r\n mod_proxy_ftp.exe_ia64\r\n\r\nAlpha Images\r\n mod_proxy.exe_axp\r\n mod_proxy_ftp.exe_axp\r\n\r\nThe patch images will be provided in the next regularly scheduled update of CSWS 2.1-1.\r\n\r\nPRODUCT SPECIFIC INFORMATION\r\nNone\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 23 March 2010 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the\r\ncustomer's patch management policy.\r\n\r\nSupport: For further information, contact normal HP Services support channel.\r\n\r\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\r\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information.\r\nTo get the security-alert PGP key, please send an e-mail message as follows:\r\n To: security-alert@hp.com\r\n Subject: get key\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\r\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC\r\nOn the web page: ITRC security bulletins and patch sign-up\r\nUnder Step1: your ITRC security bulletins and patches\r\n -check ALL categories for which alerts are required and continue.\r\nUnder Step2: your ITRC operating systems\r\n -verify your operating system selections are checked and save.\r\n\r\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\r\nLog in on the web page: Subscriber's choice for Business: sign-in.\r\nOn the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.\r\n\r\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\r\n\r\n* The Software Product Category that this Security Bulletin\r\nrelates to is represented by the 5th and 6th characters\r\nof the Bulletin number in the title:\r\n\r\nGN = HP General SW\r\nMA = HP Management Agents\r\nMI = Misc. 3rd Party SW\r\nMP = HP MPE/iX\r\nNS = HP NonStop Servers\r\nOV = HP OpenVMS\r\nPI = HP Printing & Imaging\r\nST = HP Storage SW\r\nTL = HP Trusted Linux\r\nTU = HP Tru64 UNIX\r\nUX = HP-UX\r\nVV = HP VirtualVault\r\n\r\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features\r\nof software products to provide customers with current secure solutions.\r\n\r\n"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information\r\ncontained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action.\r\nHP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages\r\nresulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or\r\nimplied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."\r\n\r\nCopyright 2009 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without\r\nwarranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or\r\nconsequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or\r\nsoftware restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products\r\nreferenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 (GNU/Linux)\r\n\r\niEYEARECAAYFAkupHKUACgkQ4B86/C0qfVkQwQCePmzcNikMnO+Yl0XoAxIJisjF\r\nMyoAnAnFiY2qnDFOkjlYCdjtLd3YBIeZ\r\n=Ag54\r\n-----END PGP SIGNATURE-----", "published": "2010-03-31T00:00:00", "modified": "2010-03-31T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:23496", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2009-3094", "CVE-2009-3095"], "type": "securityvulns", "lastseen": "2018-08-31T11:10:34", "edition": 1, "viewCount": 9, "enchantments": {"score": {"value": 6.4, "vector": "NONE"}, "dependencies": {"references": [{"type": "centos", "idList": ["CESA-2009:1579", "CESA-2009:1580"]}, {"type": "cve", "idList": ["CVE-2009-3094", "CVE-2009-3095"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1934-1:46132", "DEBIAN:DSA-1934-1:699DB"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2009-3094", "DEBIANCVE:CVE-2009-3095"]}, {"type": "f5", "idList": ["F5:K22234807", "F5:K80080243", "SOL22234807", "SOL80080243"]}, {"type": "fedora", "idList": ["FEDORA:59B0310F861", "FEDORA:8A43D110815", "FEDORA:F1AD728EDBF"]}, {"type": "httpd", "idList": ["HTTPD:8A9EA6A1EAB14616DF1ADA0F0A9A83AC", "HTTPD:8ADBA65FA3C1159D891E4B039CB4BFA5", "HTTPD:A79620D4A49D1F0D9BE6A18FD0CA234C", "HTTPD:FF76CF8F03BE59B7AD0119034B0022DB"]}, {"type": "kaspersky", "idList": ["KLA10066"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/LINUXRPM-RHSA-2010-0602/"]}, {"type": "nessus", "idList": ["5196.PRM", "5489.PRM", "800574.PRM", "APACHE_2_0_64.NASL", "APACHE_2_2_14.NASL", "CENTOS_RHSA-2009-1579.NASL", "CENTOS_RHSA-2009-1580.NASL", "DEBIAN_DSA-1934.NASL", "FEDORA_2009-12604.NASL", "FEDORA_2009-12606.NASL", "FEDORA_2009-12747.NASL", "MACOSX_10_6_3.NASL", "MACOSX_SECUPD2010-002.NASL", "MANDRIVA_MDVSA-2009-240.NASL", "MANDRIVA_MDVSA-2009-323.NASL", "ORACLELINUX_ELSA-2009-1579.NASL", "ORACLELINUX_ELSA-2009-1580.NASL", "REDHAT-RHSA-2009-1579.NASL", "REDHAT-RHSA-2009-1580.NASL", "SLACKWARE_SSA_2010-024-01.NASL", "SL_20091111_HTTPD_ON_SL3_X.NASL", "SUSE9_12526.NASL", "SUSE_11_0_APACHE2-091020.NASL", "SUSE_11_1_APACHE2-091020.NASL", "SUSE_11_APACHE2-091020.NASL", "SUSE_APACHE2-6571.NASL", "SUSE_APACHE2-6572.NASL", "SUSE_APACHE2-6576.NASL", "UBUNTU_USN-860-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:102039", "OPENVAS:1361412562310102039", "OPENVAS:1361412562310122420", "OPENVAS:136141256231064945", "OPENVAS:136141256231064950", "OPENVAS:136141256231066070", "OPENVAS:136141256231066074", "OPENVAS:136141256231066081", "OPENVAS:136141256231066106", "OPENVAS:136141256231066240", "OPENVAS:136141256231066241", "OPENVAS:136141256231066274", "OPENVAS:136141256231066275", "OPENVAS:136141256231066414", "OPENVAS:136141256231066498", "OPENVAS:136141256231066557", "OPENVAS:136141256231066780", "OPENVAS:1361412562310835233", "OPENVAS:1361412562310861746", "OPENVAS:1361412562310880691", "OPENVAS:1361412562310880706", "OPENVAS:1361412562310880739", "OPENVAS:1361412562310900841", "OPENVAS:1361412562310900842", "OPENVAS:64945", "OPENVAS:64950", "OPENVAS:66070", "OPENVAS:66074", "OPENVAS:66081", "OPENVAS:66106", "OPENVAS:66240", "OPENVAS:66241", "OPENVAS:66274", "OPENVAS:66275", "OPENVAS:66414", "OPENVAS:66498", "OPENVAS:66557", "OPENVAS:66780", "OPENVAS:835233", "OPENVAS:861746", "OPENVAS:880691", "OPENVAS:880706", "OPENVAS:880739", "OPENVAS:900841", "OPENVAS:900842"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1579", "ELSA-2009-1580"]}, {"type": "redhat", "idList": ["RHSA-2009:1461", "RHSA-2009:1579", "RHSA-2009:1580", "RHSA-2010:0011"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:22493", "SECURITYVULNS:VULN:10253"]}, {"type": "seebug", "idList": ["SSV:12626", "SSV:12628", "SSV:12673"]}, {"type": "slackware", "idList": ["SSA-2010-024-01"]}, {"type": "suse", "idList": ["SUSE-SA:2009:050"]}, {"type": "threatpost", "idList": ["THREATPOST:4F867C686B7E31697E158FBD04A5DD35"]}, {"type": "ubuntu", "idList": ["USN-860-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-3094", "UB:CVE-2009-3095"]}]}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2009:1579", "CESA-2009:1580"]}, {"type": "cve", "idList": ["CVE-2009-3094", "CVE-2009-3095"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1934-1:699DB"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2009-3094"]}, {"type": "f5", "idList": ["F5:K22234807", "SOL22234807", "SOL80080243"]}, {"type": "fedora", "idList": ["FEDORA:F1AD728EDBF"]}, {"type": "httpd", "idList": ["HTTPD:FF76CF8F03BE59B7AD0119034B0022DB"]}, {"type": "kaspersky", "idList": ["KLA10066"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/LINUXRPM-RHSA-2010-0602/"]}, {"type": "nessus", "idList": ["FEDORA_2009-12747.NASL", "MANDRIVA_MDVSA-2009-323.NASL", "REDHAT-RHSA-2009-1580.NASL", "SUSE_11_0_APACHE2-091020.NASL", "SUSE_11_1_APACHE2-091020.NASL", "SUSE_APACHE2-6576.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231066240", "OPENVAS:66074", "OPENVAS:66557"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1579"]}, {"type": "redhat", "idList": ["RHSA-2009:1579"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:22493"]}, {"type": "seebug", "idList": ["SSV:12628"]}, {"type": "suse", "idList": ["SUSE-SA:2009:050"]}, {"type": "ubuntu", "idList": ["USN-860-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-3094"]}]}, "exploitation": null, "vulnersScore": 6.4}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1647589307, "score": 0}}
{"nessus": [{"lastseen": "2021-08-19T13:06:50", "description": "Multiple vulnerabilities was discovered and corrected in apache :\n\nThe ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command (CVE-2009-3094).\n\nThe mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes (CVE-2009-3095).\n\nThis update provides a solution to these vulnerabilities.", "cvss3": {"score": null, "vector": null}, "published": "2009-09-23T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : apache (MDVSA-2009:240)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:apache-base", "p-cpe:/a:mandriva:linux:apache-devel", "p-cpe:/a:mandriva:linux:apache-htcacheclean", "p-cpe:/a:mandriva:linux:apache-mod_authn_dbd", "p-cpe:/a:mandriva:linux:apache-mod_cache", "p-cpe:/a:mandriva:linux:apache-mod_dav", "p-cpe:/a:mandriva:linux:apache-mod_dbd", "p-cpe:/a:mandriva:linux:apache-mod_deflate", "p-cpe:/a:mandriva:linux:apache-mod_disk_cache", "p-cpe:/a:mandriva:linux:apache-mod_file_cache", "p-cpe:/a:mandriva:linux:apache-mod_ldap", "p-cpe:/a:mandriva:linux:apache-mod_mem_cache", "p-cpe:/a:mandriva:linux:apache-mod_proxy", "p-cpe:/a:mandriva:linux:apache-mod_proxy_ajp", "p-cpe:/a:mandriva:linux:apache-mod_ssl", "p-cpe:/a:mandriva:linux:apache-mod_userdir", "p-cpe:/a:mandriva:linux:apache-modules", "p-cpe:/a:mandriva:linux:apache-mpm-event", "p-cpe:/a:mandriva:linux:apache-mpm-itk", "p-cpe:/a:mandriva:linux:apache-mpm-peruser", "p-cpe:/a:mandriva:linux:apache-mpm-prefork", "p-cpe:/a:mandriva:linux:apache-mpm-worker", "p-cpe:/a:mandriva:linux:apache-source", "cpe:/o:mandriva:linux:2008.1", "cpe:/o:mandriva:linux:2009.0", "cpe:/o:mandriva:linux:2009.1"], "id": "MANDRIVA_MDVSA-2009-240.NASL", "href": "https://www.tenable.com/plugins/nessus/41049", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:240. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41049);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\");\n script_bugtraq_id(36254, 36260);\n script_xref(name:\"MDVSA\", value:\"2009:240\");\n\n script_name(english:\"Mandriva Linux Security Advisory : apache (MDVSA-2009:240)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities was discovered and corrected in apache :\n\nThe ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the\nmod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13\nallows remote FTP servers to cause a denial of service (NULL pointer\ndereference and child process crash) via a malformed reply to an EPSV\ncommand (CVE-2009-3094).\n\nThe mod_proxy_ftp module in the Apache HTTP Server allows remote\nattackers to bypass intended access restrictions and send arbitrary\ncommands to an FTP server via vectors related to the embedding of\nthese commands in the Authorization HTTP header, as demonstrated by a\ncertain module in VulnDisco Pack Professional 8.11. NOTE: as of\n20090903, this disclosure has no actionable information. However,\nbecause the VulnDisco Pack author is a reliable researcher, the issue\nis being assigned a CVE identifier for tracking purposes\n(CVE-2009-3095).\n\nThis update provides a solution to these vulnerabilities.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-htcacheclean\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_authn_dbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_dav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_dbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_deflate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_disk_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_file_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_mem_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_proxy_ajp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_userdir\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-event\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-itk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-peruser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apache-base-2.2.8-6.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apache-devel-2.2.8-6.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apache-htcacheclean-2.2.8-6.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apache-mod_authn_dbd-2.2.8-6.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apache-mod_cache-2.2.8-6.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apache-mod_dav-2.2.8-6.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apache-mod_dbd-2.2.8-6.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apache-mod_deflate-2.2.8-6.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apache-mod_disk_cache-2.2.8-6.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apache-mod_file_cache-2.2.8-6.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apache-mod_ldap-2.2.8-6.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apache-mod_mem_cache-2.2.8-6.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apache-mod_proxy-2.2.8-6.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apache-mod_proxy_ajp-2.2.8-6.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apache-mod_ssl-2.2.8-6.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apache-mod_userdir-2.2.8-6.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apache-modules-2.2.8-6.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apache-mpm-event-2.2.8-6.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apache-mpm-itk-2.2.8-6.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apache-mpm-prefork-2.2.8-6.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apache-mpm-worker-2.2.8-6.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"apache-source-2.2.8-6.6mdv2008.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-base-2.2.9-12.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-devel-2.2.9-12.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-htcacheclean-2.2.9-12.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_authn_dbd-2.2.9-12.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_cache-2.2.9-12.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_dav-2.2.9-12.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_dbd-2.2.9-12.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_deflate-2.2.9-12.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_disk_cache-2.2.9-12.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_file_cache-2.2.9-12.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_ldap-2.2.9-12.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_mem_cache-2.2.9-12.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_proxy-2.2.9-12.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_proxy_ajp-2.2.9-12.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_ssl-2.2.9-12.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_userdir-2.2.9-12.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-modules-2.2.9-12.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mpm-event-2.2.9-12.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mpm-itk-2.2.9-12.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mpm-peruser-2.2.9-12.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mpm-prefork-2.2.9-12.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mpm-worker-2.2.9-12.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-source-2.2.9-12.4mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-base-2.2.11-10.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-devel-2.2.11-10.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-htcacheclean-2.2.11-10.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_authn_dbd-2.2.11-10.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_cache-2.2.11-10.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_dav-2.2.11-10.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_dbd-2.2.11-10.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_deflate-2.2.11-10.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_disk_cache-2.2.11-10.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_file_cache-2.2.11-10.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_ldap-2.2.11-10.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_mem_cache-2.2.11-10.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_proxy-2.2.11-10.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_proxy_ajp-2.2.11-10.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_ssl-2.2.11-10.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mod_userdir-2.2.11-10.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-modules-2.2.11-10.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mpm-event-2.2.11-10.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mpm-itk-2.2.11-10.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mpm-peruser-2.2.11-10.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mpm-prefork-2.2.11-10.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-mpm-worker-2.2.11-10.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"apache-source-2.2.11-10.5mdv2009.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:05:29", "description": "New httpd packages are available for Slackware 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-01-25T00:00:00", "type": "nessus", "title": "Slackware 12.0 / 12.1 / 12.2 / 13.0 / current : httpd (SSA:2010-024-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:httpd", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:12.1", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:13.0"], "id": "SLACKWARE_SSA_2010-024-01.NASL", "href": "https://www.tenable.com/plugins/nessus/44120", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2010-024-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44120);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\");\n script_bugtraq_id(36254, 36260);\n script_xref(name:\"SSA\", value:\"2010-024-01\");\n\n script_name(english:\"Slackware 12.0 / 12.1 / 12.2 / 13.0 / current : httpd (SSA:2010-024-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New httpd packages are available for Slackware 12.0, 12.1, 12.2,\n13.0, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.451468\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c708ebd6\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected httpd package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"12.0\", pkgname:\"httpd\", pkgver:\"2.2.14\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"httpd\", pkgver:\"2.2.14\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"httpd\", pkgver:\"2.2.14\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"httpd\", pkgver:\"2.2.14\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"httpd\", pkgver:\"2.2.14\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"httpd\", pkgver:\"2.2.14\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"httpd\", pkgver:\"2.2.14\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:17:31", "description": "This update contains the latest stable release of Apache httpd. Three security fixes are included, along with several minor bug fixes. A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handle session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session (for example, an HTTPS connection to a website). This could force the server to process an attacker's request as if authenticated using the victim's credentials. This update partially mitigates this flaw for SSL sessions to HTTP servers using mod_ssl by rejecting client-requested renegotiation.\n(CVE-2009-3555) Note: This update does not fully resolve the issue for HTTPS servers. An attack is still possible in configurations that require a server-initiated renegotiation A NULL pointer dereference flaw was found in the Apache mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service. (CVE-2009-3094) A second flaw was found in the Apache mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server. (CVE-2009-3095) See the upstream changes file for further information: http://www.apache.org/dist/httpd/CHANGES_2.2.14\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-07-01T00:00:00", "type": "nessus", "title": "Fedora 11 : httpd-2.2.14-1.fc11 (2009-12747)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:httpd", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2009-12747.NASL", "href": "https://www.tenable.com/plugins/nessus/47168", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-12747.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47168);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\");\n script_bugtraq_id(36254, 36260, 36935);\n script_xref(name:\"FEDORA\", value:\"2009-12747\");\n\n script_name(english:\"Fedora 11 : httpd-2.2.14-1.fc11 (2009-12747)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update contains the latest stable release of Apache httpd. Three\nsecurity fixes are included, along with several minor bug fixes. A\nflaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A\nman-in-the-middle attacker could use this flaw to prefix arbitrary\nplain text to a client's session (for example, an HTTPS connection to\na website). This could force the server to process an attacker's\nrequest as if authenticated using the victim's credentials. This\nupdate partially mitigates this flaw for SSL sessions to HTTP servers\nusing mod_ssl by rejecting client-requested renegotiation.\n(CVE-2009-3555) Note: This update does not fully resolve the issue for\nHTTPS servers. An attack is still possible in configurations that\nrequire a server-initiated renegotiation A NULL pointer dereference\nflaw was found in the Apache mod_proxy_ftp module. A malicious FTP\nserver to which requests are being proxied could use this flaw to\ncrash an httpd child process via a malformed reply to the EPSV or PASV\ncommands, resulting in a limited denial of service. (CVE-2009-3094) A\nsecond flaw was found in the Apache mod_proxy_ftp module. In a reverse\nproxy configuration, a remote attacker could use this flaw to bypass\nintended access restrictions by creating a carefully-crafted HTTP\nAuthorization header, allowing the attacker to send arbitrary commands\nto the FTP server. (CVE-2009-3095) See the upstream changes file for\nfurther information: http://www.apache.org/dist/httpd/CHANGES_2.2.14\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.apache.org/dist/httpd/CHANGES_2.2.14\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=521619\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=522209\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-February/035949.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?38502bbc\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected httpd package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/09/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"httpd-2.2.14-1.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:54:31", "description": "From Red Hat Security Advisory 2009:1579 :\n\nUpdated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 and 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handle session renegotiation.\nA man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session (for example, an HTTPS connection to a website). This could force the server to process an attacker's request as if authenticated using the victim's credentials. This update partially mitigates this flaw for SSL sessions to HTTP servers using mod_ssl by rejecting client-requested renegotiation.\n(CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers.\nAn attack is still possible in configurations that require a server-initiated renegotiation. Refer to the following Knowledgebase article for further information:\nhttp://kbase.redhat.com/faq/docs/DOC-20491\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service. (CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 3 / 5 : httpd (ELSA-2009-1579)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:httpd", "p-cpe:/a:oracle:linux:httpd-devel", "p-cpe:/a:oracle:linux:httpd-manual", "p-cpe:/a:oracle:linux:mod_ssl", "cpe:/o:oracle:linux:3", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2009-1579.NASL", "href": "https://www.tenable.com/plugins/nessus/67958", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1579 and \n# Oracle Linux Security Advisory ELSA-2009-1579 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67958);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_bugtraq_id(36254, 36260, 36935);\n script_xref(name:\"RHSA\", value:\"2009:1579\");\n\n script_name(english:\"Oracle Linux 3 / 5 : httpd (ELSA-2009-1579)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1579 :\n\nUpdated httpd packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 3 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer\nSecurity/Secure Sockets Layer) protocols handle session renegotiation.\nA man-in-the-middle attacker could use this flaw to prefix arbitrary\nplain text to a client's session (for example, an HTTPS connection to\na website). This could force the server to process an attacker's\nrequest as if authenticated using the victim's credentials. This\nupdate partially mitigates this flaw for SSL sessions to HTTP servers\nusing mod_ssl by rejecting client-requested renegotiation.\n(CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers.\nAn attack is still possible in configurations that require a\nserver-initiated renegotiation. Refer to the following Knowledgebase\narticle for further information:\nhttp://kbase.redhat.com/faq/docs/DOC-20491\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\nmodule. A malicious FTP server to which requests are being proxied\ncould use this flaw to crash an httpd child process via a malformed\nreply to the EPSV or PASV commands, resulting in a limited denial of\nservice. (CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a\nreverse proxy configuration, a remote attacker could use this flaw to\nbypass intended access restrictions by creating a carefully-crafted\nHTTP Authorization header, allowing the attacker to send arbitrary\ncommands to the FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-November/001243.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-November/001245.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected httpd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 264, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/09/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"httpd-2.0.46-77.0.1.ent\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"httpd-2.0.46-77.0.1.ent\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"httpd-devel-2.0.46-77.0.1.ent\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"httpd-devel-2.0.46-77.0.1.ent\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"mod_ssl-2.0.46-77.0.1.ent\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"mod_ssl-2.0.46-77.0.1.ent\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"httpd-2.2.3-31.0.1.el5_4.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"httpd-devel-2.2.3-31.0.1.el5_4.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"httpd-manual-2.2.3-31.0.1.el5_4.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"mod_ssl-2.2.3-31.0.1.el5_4.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / httpd-manual / mod_ssl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:06:15", "description": "According to its banner, the version of Apache 2.2 installed on the remote host is older than 2.2.14. Such versions are potentially affected by multiple vulnerabilities : \n\n - Faulty error handling in the Solaris pollset support (Event Port backend) which could trigger hangs in the prefork and event MPMs on that platform (CVE-2009-2699)\n\n - The 'ap_proxy_ftp_handler' function in 'modules/proxy/proxy_ftp.c in the 'mod_proxy_ftp' module allows remote FTP servers to cause a denial-of-service via a malformed reply to an EPSV command. (CVE-2009-3094)\n\n - The 'mod_proxy_ftp' module allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server. (CVE-2009-3095)\n\nNNM cannot determine whether the affected module is in use.", "cvss3": {"score": 5.6, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2009-10-06T00:00:00", "type": "nessus", "title": "Apache < 2.2.14 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2699", "CVE-2009-3094", "CVE-2009-3095"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*"], "id": "5196.PRM", "href": "https://www.tenable.com/plugins/nnm/5196", "sourceData": "Binary data 5196.prm", "cvss": {"score": 5.1, "vector": "CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-16T02:44:03", "description": "According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.14. It is, therefore, potentially affected by multiple vulnerabilities :\n\n - Faulty error handling in the Solaris pollset support could lead to a denial of service. (CVE-2009-2699)\n\n - The 'mod_proxy_ftp' module allows remote attackers to bypass intended access restrictions. (CVE-2009-3095)\n\n - The 'ap_proxy_ftp_handler' function in 'modules/proxy/proxy_ftp.c' in the 'mod_proxy_ftp' module allows remote FTP servers to cause a denial of service. (CVE-2009-3094)\n\nNote that the remote web server may not actually be affected by these vulnerabilities as Nessus did not try to determine whether the affected modules are in use or check for the issues themselves.", "cvss3": {"score": 7.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2009-10-07T00:00:00", "type": "nessus", "title": "Apache 2.2.x < 2.2.14 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2699", "CVE-2009-3094", "CVE-2009-3095"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:apache:http_server"], "id": "APACHE_2_2_14.NASL", "href": "https://www.tenable.com/plugins/nessus/42052", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42052);\n script_cvs_date(\"Date: 2018/11/15 20:50:25\");\n script_version(\"1.32\");\n\n script_cve_id(\"CVE-2009-2699\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n script_bugtraq_id(36254, 36260, 36596);\n script_xref(name:\"Secunia\", value:\"36549\");\n\n script_name(english:\"Apache 2.2.x < 2.2.14 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version in Server response header.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n \"The remote web server is affected by multiple vulnerabilities.\"\n );\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Apache 2.2.x running on the \nremote host is prior to 2.2.14. It is, therefore, potentially affected\nby multiple vulnerabilities :\n\n - Faulty error handling in the Solaris pollset support \n could lead to a denial of service. (CVE-2009-2699)\n\n - The 'mod_proxy_ftp' module allows remote attackers to \n bypass intended access restrictions. (CVE-2009-3095)\n\n - The 'ap_proxy_ftp_handler' function in \n 'modules/proxy/proxy_ftp.c' in the 'mod_proxy_ftp' \n module allows remote FTP servers to cause a \n denial of service. (CVE-2009-3094)\n\nNote that the remote web server may not actually be affected by these\nvulnerabilities as Nessus did not try to determine whether the affected\nmodules are in use or check for the issues themselves.\" );\n\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/advisories/17947\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/advisories/17959\");\n # http://web.archive.org/web/20100106104919/http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0154\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e470f137\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bz.apache.org/bugzilla/show_bug.cgi?id=47645\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c34c4eda\");\n\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache version 2.2.14 or later. Alternatively, ensure that\nthe affected modules are not in use.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 264);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/10/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:http_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"apache_http_version.nasl\");\n script_require_keys(\"installed_sw/Apache\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"http.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"audit.inc\");\ninclude(\"install_func.inc\");\n\nget_install_count(app_name:\"Apache\", exit_if_zero:TRUE);\nport = get_http_port(default:80);\ninstall = get_single_install(app_name:\"Apache\", port:port, exit_if_unknown_ver:TRUE);\n\n# Check if we could get a version first, then check if it was\n# backported\nversion = get_kb_item_or_exit('www/apache/'+port+'/version', exit_code:1);\nbackported = get_kb_item_or_exit('www/apache/'+port+'/backported', exit_code:1);\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"Apache\");\nsource = get_kb_item_or_exit('www/apache/'+port+'/source', exit_code:1);\n\n# Check if the version looks like either ServerTokens Major/Minor\n# was used\nif (version =~ '^2(\\\\.2)?$') exit(1, \"The banner from the Apache server listening on port \"+port+\" - \"+source+\" - is not granular enough to make a determination.\");\nif (version !~ \"^\\d+(\\.\\d+)*$\") exit(1, \"The version of Apache listening on port \" + port + \" - \" + version + \" - is non-numeric and, therefore, cannot be used to make a determination.\");\nif (version =~ '^2\\\\.2' && ver_compare(ver:version, fix:'2.2.14') == -1)\n{\n if (report_verbosity > 0)\n {\n report = \n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 2.2.14\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"Apache\", port, install[\"version\"]);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:06:15", "description": "According to its banner, the version of Apache 2.2 installed on the remote host is older than 2.2.14. Such versions are potentially affected by multiple vulnerabilities : \n\n - Faulty error handling in the Solaris pollset support (Event Port backend) which could trigger hangs in the prefork and event MPMs on that platform (CVE-2009-2699)\n\n - The 'ap_proxy_ftp_handler' function in 'modules/proxy/proxy_ftp.c in the 'mod_proxy_ftp' module allows remote FTP servers to cause a denial-of-service via a malformed reply to an EPSV command. (CVE-2009-3094)\n\n - The 'mod_proxy_ftp' module allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server. (CVE-2009-3095)\n", "cvss3": {"score": null, "vector": null}, "published": "2009-10-06T00:00:00", "type": "nessus", "title": "Apache < 2.2.14 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2699", "CVE-2009-3094", "CVE-2009-3095"], "modified": "2009-10-06T00:00:00", "cpe": [], "id": "800574.PRM", "href": "https://www.tenable.com/plugins/lce/800574", "sourceData": "Binary data 800574.prm", "cvss": {"score": 5.1, "vector": "CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:05:48", "description": "This update contains the latest stable release of Apache httpd. Three security fixes are included, along with several minor bug fixes. A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handle session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session (for example, an HTTPS connection to a website). This could force the server to process an attacker's request as if authenticated using the victim's credentials. This update partially mitigates this flaw for SSL sessions to HTTP servers using mod_ssl by rejecting client-requested renegotiation.\n(CVE-2009-3555) Note: This update does not fully resolve the issue for HTTPS servers. An attack is still possible in configurations that require a server-initiated renegotiation A NULL pointer dereference flaw was found in the Apache mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service. (CVE-2009-3094) A second flaw was found in the Apache mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server. (CVE-2009-3095) See the upstream changes file for further information: http://www.apache.org/dist/httpd/CHANGES_2.2.14\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-12-18T00:00:00", "type": "nessus", "title": "Fedora 12 : httpd-2.2.14-1.fc12 (2009-12606)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:httpd", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2009-12606.NASL", "href": "https://www.tenable.com/plugins/nessus/43329", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-12606.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43329);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_bugtraq_id(36254, 36260, 36935);\n script_xref(name:\"FEDORA\", value:\"2009-12606\");\n\n script_name(english:\"Fedora 12 : httpd-2.2.14-1.fc12 (2009-12606)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update contains the latest stable release of Apache httpd. Three\nsecurity fixes are included, along with several minor bug fixes. A\nflaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A\nman-in-the-middle attacker could use this flaw to prefix arbitrary\nplain text to a client's session (for example, an HTTPS connection to\na website). This could force the server to process an attacker's\nrequest as if authenticated using the victim's credentials. This\nupdate partially mitigates this flaw for SSL sessions to HTTP servers\nusing mod_ssl by rejecting client-requested renegotiation.\n(CVE-2009-3555) Note: This update does not fully resolve the issue for\nHTTPS servers. An attack is still possible in configurations that\nrequire a server-initiated renegotiation A NULL pointer dereference\nflaw was found in the Apache mod_proxy_ftp module. A malicious FTP\nserver to which requests are being proxied could use this flaw to\ncrash an httpd child process via a malformed reply to the EPSV or PASV\ncommands, resulting in a limited denial of service. (CVE-2009-3094) A\nsecond flaw was found in the Apache mod_proxy_ftp module. In a reverse\nproxy configuration, a remote attacker could use this flaw to bypass\nintended access restrictions by creating a carefully-crafted HTTP\nAuthorization header, allowing the attacker to send arbitrary commands\nto the FTP server. (CVE-2009-3095) See the upstream changes file for\nfurther information: http://www.apache.org/dist/httpd/CHANGES_2.2.14\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.apache.org/dist/httpd/CHANGES_2.2.14\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=521619\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=522209\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-December/032753.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ffcb15a6\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected httpd package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 264, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"httpd-2.2.14-1.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:06:01", "description": "Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. The flaw is with TLS renegotiation and potentially affects any software that supports this feature. Attacks against the HTTPS protocol are known, with the severity of the issue depending on the safeguards used in the web application. Until the TLS protocol and underlying libraries are adjusted to defend against this vulnerability, a partial, temporary workaround has been applied to Apache that disables client initiated TLS renegotiation. This update does not protect against server initiated TLS renegotiation when using SSLVerifyClient and SSLCipherSuite on a per Directory or Location basis. Users can defend againt server inititiated TLS renegotiation attacks by adjusting their Apache configuration to use SSLVerifyClient and SSLCipherSuite only on the server or virtual host level. (CVE-2009-3555)\n\nIt was discovered that mod_proxy_ftp in Apache did not properly sanitize its input when processing replies to EPASV and PASV commands.\nAn attacker could use this to cause a denial of service in the Apache child process. (CVE-2009-3094)\n\nAnother flaw was discovered in mod_proxy_ftp. If Apache is configured as a reverse proxy, an attacker could send a crafted HTTP header to bypass intended access controls and send arbitrary commands to the FTP server. (CVE-2009-3095).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-11-19T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : apache2 vulnerabilities (USN-860-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:apache2", "p-cpe:/a:canonical:ubuntu_linux:apache2-common", "p-cpe:/a:canonical:ubuntu_linux:apache2-doc", "p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-event", "p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-itk", "p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-perchild", "p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-prefork", "p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-worker", "p-cpe:/a:canonical:ubuntu_linux:apache2-prefork-dev", "p-cpe:/a:canonical:ubuntu_linux:apache2-src", "p-cpe:/a:canonical:ubuntu_linux:apache2-suexec", "p-cpe:/a:canonical:ubuntu_linux:apache2-suexec-custom", "p-cpe:/a:canonical:ubuntu_linux:apache2-threaded-dev", "p-cpe:/a:canonical:ubuntu_linux:apache2-utils", "p-cpe:/a:canonical:ubuntu_linux:apache2.2-bin", "p-cpe:/a:canonical:ubuntu_linux:apache2.2-common", "p-cpe:/a:canonical:ubuntu_linux:libapr0", "p-cpe:/a:canonical:ubuntu_linux:libapr0-dev", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.10", "cpe:/o:canonical:ubuntu_linux:9.04", "cpe:/o:canonical:ubuntu_linux:9.10"], "id": "UBUNTU_USN-860-1.NASL", "href": "https://www.tenable.com/plugins/nessus/42858", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-860-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42858);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_bugtraq_id(36254, 36260, 36935);\n script_xref(name:\"USN\", value:\"860-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : apache2 vulnerabilities (USN-860-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3\nprotocols. If an attacker could perform a man in the middle attack at\nthe start of a TLS connection, the attacker could inject arbitrary\ncontent at the beginning of the user's session. The flaw is with TLS\nrenegotiation and potentially affects any software that supports this\nfeature. Attacks against the HTTPS protocol are known, with the\nseverity of the issue depending on the safeguards used in the web\napplication. Until the TLS protocol and underlying libraries are\nadjusted to defend against this vulnerability, a partial, temporary\nworkaround has been applied to Apache that disables client initiated\nTLS renegotiation. This update does not protect against server\ninitiated TLS renegotiation when using SSLVerifyClient and\nSSLCipherSuite on a per Directory or Location basis. Users can defend\nagaint server inititiated TLS renegotiation attacks by adjusting their\nApache configuration to use SSLVerifyClient and SSLCipherSuite only on\nthe server or virtual host level. (CVE-2009-3555)\n\nIt was discovered that mod_proxy_ftp in Apache did not properly\nsanitize its input when processing replies to EPASV and PASV commands.\nAn attacker could use this to cause a denial of service in the Apache\nchild process. (CVE-2009-3094)\n\nAnother flaw was discovered in mod_proxy_ftp. If Apache is configured\nas a reverse proxy, an attacker could send a crafted HTTP header to\nbypass intended access controls and send arbitrary commands to the FTP\nserver. (CVE-2009-3095).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/860-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 264, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-event\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-itk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-perchild\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-prefork-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-suexec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-suexec-custom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-threaded-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2.2-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2.2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapr0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapr0-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|8\\.04|8\\.10|9\\.04|9\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 8.04 / 8.10 / 9.04 / 9.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2\", pkgver:\"2.0.55-4ubuntu2.9\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-common\", pkgver:\"2.0.55-4ubuntu2.9\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-doc\", pkgver:\"2.0.55-4ubuntu2.9\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-mpm-perchild\", pkgver:\"2.0.55-4ubuntu2.9\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-mpm-prefork\", pkgver:\"2.0.55-4ubuntu2.9\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-mpm-worker\", pkgver:\"2.0.55-4ubuntu2.9\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-prefork-dev\", pkgver:\"2.0.55-4ubuntu2.9\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-threaded-dev\", pkgver:\"2.0.55-4ubuntu2.9\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"apache2-utils\", pkgver:\"2.0.55-4ubuntu2.9\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libapr0\", pkgver:\"2.0.55-4ubuntu2.9\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libapr0-dev\", pkgver:\"2.0.55-4ubuntu2.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"apache2\", pkgver:\"2.2.8-1ubuntu0.14\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"apache2-doc\", pkgver:\"2.2.8-1ubuntu0.14\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"apache2-mpm-event\", pkgver:\"2.2.8-1ubuntu0.14\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"apache2-mpm-perchild\", pkgver:\"2.2.8-1ubuntu0.14\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"apache2-mpm-prefork\", pkgver:\"2.2.8-1ubuntu0.14\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"apache2-mpm-worker\", pkgver:\"2.2.8-1ubuntu0.14\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"apache2-prefork-dev\", pkgver:\"2.2.8-1ubuntu0.14\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"apache2-src\", pkgver:\"2.2.8-1ubuntu0.14\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"apache2-threaded-dev\", pkgver:\"2.2.8-1ubuntu0.14\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"apache2-utils\", pkgver:\"2.2.8-1ubuntu0.14\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"apache2.2-common\", pkgver:\"2.2.8-1ubuntu0.14\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"apache2\", pkgver:\"2.2.9-7ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"apache2-doc\", pkgver:\"2.2.9-7ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"apache2-mpm-event\", pkgver:\"2.2.9-7ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"apache2-mpm-prefork\", pkgver:\"2.2.9-7ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"apache2-mpm-worker\", pkgver:\"2.2.9-7ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"apache2-prefork-dev\", pkgver:\"2.2.9-7ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"apache2-src\", pkgver:\"2.2.9-7ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"apache2-suexec\", pkgver:\"2.2.9-7ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"apache2-suexec-custom\", pkgver:\"2.2.9-7ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"apache2-threaded-dev\", pkgver:\"2.2.9-7ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"apache2-utils\", pkgver:\"2.2.9-7ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"apache2.2-common\", pkgver:\"2.2.9-7ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2\", pkgver:\"2.2.11-2ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2-doc\", pkgver:\"2.2.11-2ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2-mpm-event\", pkgver:\"2.2.11-2ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2-mpm-prefork\", pkgver:\"2.2.11-2ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2-mpm-worker\", pkgver:\"2.2.11-2ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2-prefork-dev\", pkgver:\"2.2.11-2ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2-src\", pkgver:\"2.2.11-2ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2-suexec\", pkgver:\"2.2.11-2ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2-suexec-custom\", pkgver:\"2.2.11-2ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2-threaded-dev\", pkgver:\"2.2.11-2ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2-utils\", pkgver:\"2.2.11-2ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"apache2.2-common\", pkgver:\"2.2.11-2ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2\", pkgver:\"2.2.12-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2-doc\", pkgver:\"2.2.12-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2-mpm-event\", pkgver:\"2.2.12-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2-mpm-itk\", pkgver:\"2.2.12-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2-mpm-prefork\", pkgver:\"2.2.12-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2-mpm-worker\", pkgver:\"2.2.12-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2-prefork-dev\", pkgver:\"2.2.12-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2-suexec\", pkgver:\"2.2.12-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2-suexec-custom\", pkgver:\"2.2.12-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2-threaded-dev\", pkgver:\"2.2.12-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2-utils\", pkgver:\"2.2.12-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2.2-bin\", pkgver:\"2.2.12-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"apache2.2-common\", pkgver:\"2.2.12-1ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2 / apache2-common / apache2-doc / apache2-mpm-event / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:06:06", "description": "Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 and 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handle session renegotiation.\nA man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session (for example, an HTTPS connection to a website). This could force the server to process an attacker's request as if authenticated using the victim's credentials. This update partially mitigates this flaw for SSL sessions to HTTP servers using mod_ssl by rejecting client-requested renegotiation.\n(CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers.\nAn attack is still possible in configurations that require a server-initiated renegotiation. Refer to the following Knowledgebase article for further information:\nhttp://kbase.redhat.com/faq/docs/DOC-20491\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service. (CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2009-11-12T00:00:00", "type": "nessus", "title": "RHEL 3 / 5 : httpd (RHSA-2009:1579)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:httpd", "p-cpe:/a:redhat:enterprise_linux:httpd-devel", "p-cpe:/a:redhat:enterprise_linux:httpd-manual", "p-cpe:/a:redhat:enterprise_linux:mod_ssl", "cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.4"], "id": "REDHAT-RHSA-2009-1579.NASL", "href": "https://www.tenable.com/plugins/nessus/42469", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1579. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42469);\n script_version(\"1.30\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_bugtraq_id(36254, 36260, 36935);\n script_xref(name:\"RHSA\", value:\"2009:1579\");\n\n script_name(english:\"RHEL 3 / 5 : httpd (RHSA-2009:1579)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated httpd packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 3 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer\nSecurity/Secure Sockets Layer) protocols handle session renegotiation.\nA man-in-the-middle attacker could use this flaw to prefix arbitrary\nplain text to a client's session (for example, an HTTPS connection to\na website). This could force the server to process an attacker's\nrequest as if authenticated using the victim's credentials. This\nupdate partially mitigates this flaw for SSL sessions to HTTP servers\nusing mod_ssl by rejecting client-requested renegotiation.\n(CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers.\nAn attack is still possible in configurations that require a\nserver-initiated renegotiation. Refer to the following Knowledgebase\narticle for further information:\nhttp://kbase.redhat.com/faq/docs/DOC-20491\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\nmodule. A malicious FTP server to which requests are being proxied\ncould use this flaw to crash an httpd child process via a malformed\nreply to the EPSV or PASV commands, resulting in a limited denial of\nservice. (CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a\nreverse proxy configuration, a remote attacker could use this flaw to\nbypass intended access restrictions by creating a carefully-crafted\nHTTP Authorization header, allowing the attacker to send arbitrary\ncommands to the FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3094\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3095\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3555\"\n );\n # http://kbase.redhat.com/faq/docs/DOC-20491\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/articles/20490\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1579\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 264, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/09/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1579\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"httpd-2.0.46-77.ent\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"httpd-devel-2.0.46-77.ent\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"mod_ssl-2.0.46-77.ent\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"httpd-2.2.3-31.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"httpd-2.2.3-31.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"httpd-2.2.3-31.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"httpd-devel-2.2.3-31.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"httpd-manual-2.2.3-31.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"httpd-manual-2.2.3-31.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"httpd-manual-2.2.3-31.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"mod_ssl-2.2.3-31.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"mod_ssl-2.2.3-31.el5_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"mod_ssl-2.2.3-31.el5_4.2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / httpd-manual / mod_ssl\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:05:21", "description": "A design flaw has been found in the TLS and SSL protocol that allows an attacker to inject arbitrary content at the beginning of a TLS/SSL connection. The attack is related to the way how TLS and SSL handle session renegotiations. CVE-2009-3555 has been assigned to this vulnerability.\n\nAs a partial mitigation against this attack, this apache2 update disables client-initiated renegotiations. This should fix the vulnerability for the majority of Apache configurations in use.\n\nNOTE: This is not a complete fix for the problem. The attack is still possible in configurations where the server initiates the renegotiation. This is the case for the following configurations (the information in the changelog of the updated packages is slightly inaccurate) :\n\n - The 'SSLVerifyClient' directive is used in a Directory or Location context.\n - The 'SSLCipherSuite' directive is used in a Directory or Location context.\n\nAs a workaround, you may rearrange your configuration in a way that SSLVerifyClient and SSLCipherSuite are only used on the server or virtual host level.\n\n\nA complete fix for the problem will require a protocol change. Further information will be included in a separate announcement about this issue.\n\nIn addition, this update fixes the following issues in Apache's mod_proxy_ftp :\n\n - CVE-2009-3094 Insufficient input validation in the mod_proxy_ftp module allowed remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command.\n\n - CVE-2009-3095 Insufficient input validation in the mod_proxy_ftp module allowed remote authenticated attackers to bypass intended access restrictions and send arbitrary FTP commands to an FTP server.", "cvss3": {"score": null, "vector": null}, "published": "2010-02-24T00:00:00", "type": "nessus", "title": "Debian DSA-1934-1 : apache2 - multiple issues", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:apache2", "cpe:/o:debian:debian_linux:4.0", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-1934.NASL", "href": "https://www.tenable.com/plugins/nessus/44799", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1934. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44799);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_bugtraq_id(36254, 36260, 36935);\n script_xref(name:\"DSA\", value:\"1934\");\n\n script_name(english:\"Debian DSA-1934-1 : apache2 - multiple issues\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A design flaw has been found in the TLS and SSL protocol that allows\nan attacker to inject arbitrary content at the beginning of a TLS/SSL\nconnection. The attack is related to the way how TLS and SSL handle\nsession renegotiations. CVE-2009-3555 has been assigned to this\nvulnerability.\n\nAs a partial mitigation against this attack, this apache2 update\ndisables client-initiated renegotiations. This should fix the\nvulnerability for the majority of Apache configurations in use.\n\nNOTE: This is not a complete fix for the problem. The attack is still\npossible in configurations where the server initiates the\nrenegotiation. This is the case for the following configurations (the\ninformation in the changelog of the updated packages is slightly\ninaccurate) :\n\n - The 'SSLVerifyClient' directive is used in a Directory\n or Location context.\n - The 'SSLCipherSuite' directive is used in a Directory or\n Location context.\n\nAs a workaround, you may rearrange your configuration in a way that\nSSLVerifyClient and SSLCipherSuite are only used on the server or\nvirtual host level.\n\n\nA complete fix for the problem will require a protocol change. Further\ninformation will be included in a separate announcement about this\nissue.\n\nIn addition, this update fixes the following issues in Apache's\nmod_proxy_ftp :\n\n - CVE-2009-3094\n Insufficient input validation in the mod_proxy_ftp\n module allowed remote FTP servers to cause a denial of\n service (NULL pointer dereference and child process\n crash) via a malformed reply to an EPSV command.\n\n - CVE-2009-3095\n Insufficient input validation in the mod_proxy_ftp\n module allowed remote authenticated attackers to bypass\n intended access restrictions and send arbitrary FTP\n commands to an FTP server.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3555\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3094\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3095\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1934\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the apache2 and apache2-mpm-itk packages.\n\nFor the oldstable distribution (etch), these problems have been fixed\nin version 2.2.3-4+etch11.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.2.9-10+lenny6. This version also includes some non-security\nbug fixes that were scheduled for inclusion in the next stable point\nrelease (Debian 5.0.4).\n\nThis advisory also provides updated apache2-mpm-itk packages which\nhave been recompiled against the new apache2 packages.\n\nUpdated apache2-mpm-itk packages for the armel architecture are not\nincluded yet. They will be released as soon as they become available.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 264, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"apache2\", reference:\"2.2.3-4+etch11\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"apache2-doc\", reference:\"2.2.3-4+etch11\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"apache2-mpm-event\", reference:\"2.2.3-4+etch11\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"apache2-mpm-itk\", reference:\"2.2.3-01-2+etch4+b1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"apache2-mpm-perchild\", reference:\"2.2.3-4+etch11\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"apache2-mpm-prefork\", reference:\"2.2.3-4+etch11\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"apache2-mpm-worker\", reference:\"2.2.3-4+etch11\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"apache2-prefork-dev\", reference:\"2.2.3-4+etch11\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"apache2-src\", reference:\"2.2.3-4+etch11\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"apache2-threaded-dev\", reference:\"2.2.3-4+etch11\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"apache2-utils\", reference:\"2.2.3-4+etch11\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"apache2.2-common\", reference:\"2.2.3-4+etch11\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"apache2\", reference:\"2.2.9-10+lenny6\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"apache2-dbg\", reference:\"2.2.9-10+lenny6\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"apache2-doc\", reference:\"2.2.9-10+lenny6\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"apache2-mpm-event\", reference:\"2.2.9-10+lenny6\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"apache2-mpm-itk\", reference:\"2.2.6-02-1+lenny2+b2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"apache2-mpm-prefork\", reference:\"2.2.9-10+lenny6\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"apache2-mpm-worker\", reference:\"2.2.9-10+lenny6\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"apache2-prefork-dev\", reference:\"2.2.9-10+lenny6\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"apache2-src\", reference:\"2.2.9-10+lenny6\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"apache2-suexec\", reference:\"2.2.9-10+lenny6\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"apache2-suexec-custom\", reference:\"2.2.9-10+lenny6\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"apache2-threaded-dev\", reference:\"2.2.9-10+lenny6\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"apache2-utils\", reference:\"2.2.9-10+lenny6\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"apache2.2-common\", reference:\"2.2.9-10+lenny6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:54:16", "description": "Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 and 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handle session renegotiation.\nA man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session (for example, an HTTPS connection to a website). This could force the server to process an attacker's request as if authenticated using the victim's credentials. This update partially mitigates this flaw for SSL sessions to HTTP servers using mod_ssl by rejecting client-requested renegotiation.\n(CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers.\nAn attack is still possible in configurations that require a server-initiated renegotiation. Refer to the following Knowledgebase article for further information:\nhttp://kbase.redhat.com/faq/docs/DOC-20491\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service. (CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2013-06-29T00:00:00", "type": "nessus", "title": "CentOS 3 / 5 : httpd (CESA-2009:1579)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:httpd", "p-cpe:/a:centos:centos:httpd-devel", "p-cpe:/a:centos:centos:httpd-manual", "p-cpe:/a:centos:centos:mod_ssl", "cpe:/o:centos:centos:3", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2009-1579.NASL", "href": "https://www.tenable.com/plugins/nessus/67073", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1579 and \n# CentOS Errata and Security Advisory 2009:1579 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67073);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_bugtraq_id(36254, 36260, 36935);\n script_xref(name:\"RHSA\", value:\"2009:1579\");\n\n script_name(english:\"CentOS 3 / 5 : httpd (CESA-2009:1579)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated httpd packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 3 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer\nSecurity/Secure Sockets Layer) protocols handle session renegotiation.\nA man-in-the-middle attacker could use this flaw to prefix arbitrary\nplain text to a client's session (for example, an HTTPS connection to\na website). This could force the server to process an attacker's\nrequest as if authenticated using the victim's credentials. This\nupdate partially mitigates this flaw for SSL sessions to HTTP servers\nusing mod_ssl by rejecting client-requested renegotiation.\n(CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers.\nAn attack is still possible in configurations that require a\nserver-initiated renegotiation. Refer to the following Knowledgebase\narticle for further information:\nhttp://kbase.redhat.com/faq/docs/DOC-20491\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\nmodule. A malicious FTP server to which requests are being proxied\ncould use this flaw to crash an httpd child process via a malformed\nreply to the EPSV or PASV commands, resulting in a limited denial of\nservice. (CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a\nreverse proxy configuration, a remote attacker could use this flaw to\nbypass intended access restrictions by creating a carefully-crafted\nHTTP Authorization header, allowing the attacker to send arbitrary\ncommands to the FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-November/016316.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0e0540fd\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-November/016317.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8b1fc3ee\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-November/016326.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3e10fd6c\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-November/016327.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a1450335\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected httpd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 264, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/09/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/06/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"httpd-2.0.46-77.ent.centos\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"httpd-2.0.46-77.ent.centos\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"httpd-devel-2.0.46-77.ent.centos\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"httpd-devel-2.0.46-77.ent.centos\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"mod_ssl-2.0.46-77.ent.centos\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"mod_ssl-2.0.46-77.ent.centos\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"httpd-2.2.3-31.el5.centos.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"httpd-devel-2.2.3-31.el5.centos.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"httpd-manual-2.2.3-31.el5.centos.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"mod_ssl-2.2.3-31.el5.centos.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / httpd-manual / mod_ssl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:05:47", "description": "This update contains the latest stable release of Apache httpd. Three security fixes are included, along with several minor bug fixes. A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handle session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session (for example, an HTTPS connection to a website). This could force the server to process an attacker's request as if authenticated using the victim's credentials. This update partially mitigates this flaw for SSL sessions to HTTP servers using mod_ssl by rejecting client-requested renegotiation.\n(CVE-2009-3555) Note: This update does not fully resolve the issue for HTTPS servers. An attack is still possible in configurations that require a server-initiated renegotiation A NULL pointer dereference flaw was found in the Apache mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service. (CVE-2009-3094) A second flaw was found in the Apache mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server. (CVE-2009-3095) See the upstream changes file for further information: http://www.apache.org/dist/httpd/CHANGES_2.2.14\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-12-10T00:00:00", "type": "nessus", "title": "Fedora 10 : httpd-2.2.14-1.fc10 (2009-12604)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:httpd", "cpe:/o:fedoraproject:fedora:10"], "id": "FEDORA_2009-12604.NASL", "href": "https://www.tenable.com/plugins/nessus/43090", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-12604.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43090);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_bugtraq_id(36254, 36260, 36935);\n script_xref(name:\"FEDORA\", value:\"2009-12604\");\n\n script_name(english:\"Fedora 10 : httpd-2.2.14-1.fc10 (2009-12604)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update contains the latest stable release of Apache httpd. Three\nsecurity fixes are included, along with several minor bug fixes. A\nflaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A\nman-in-the-middle attacker could use this flaw to prefix arbitrary\nplain text to a client's session (for example, an HTTPS connection to\na website). This could force the server to process an attacker's\nrequest as if authenticated using the victim's credentials. This\nupdate partially mitigates this flaw for SSL sessions to HTTP servers\nusing mod_ssl by rejecting client-requested renegotiation.\n(CVE-2009-3555) Note: This update does not fully resolve the issue for\nHTTPS servers. An attack is still possible in configurations that\nrequire a server-initiated renegotiation A NULL pointer dereference\nflaw was found in the Apache mod_proxy_ftp module. A malicious FTP\nserver to which requests are being proxied could use this flaw to\ncrash an httpd child process via a malformed reply to the EPSV or PASV\ncommands, resulting in a limited denial of service. (CVE-2009-3094) A\nsecond flaw was found in the Apache mod_proxy_ftp module. In a reverse\nproxy configuration, a remote attacker could use this flaw to bypass\nintended access restrictions by creating a carefully-crafted HTTP\nAuthorization header, allowing the attacker to send arbitrary commands\nto the FTP server. (CVE-2009-3095) See the upstream changes file for\nfurther information: http://www.apache.org/dist/httpd/CHANGES_2.2.14\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.apache.org/dist/httpd/CHANGES_2.2.14\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=521619\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=522209\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-December/032454.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?52dbbad6\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected httpd package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 264, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"httpd-2.2.14-1.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:06:16", "description": "This update of the Apache webserver fixes various security issues :\n\n - mod_proxy could run into an infinite loop when used as reverse proxy. (CVE-2009-1890) \n\n - mod_deflate continued to compress large files even after a network connection was closed, causing mod_deflate to consume large amounts of CPU. (CVE-2009-1891)\n\n - The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. (CVE-2009-3094)\n\n - access restriction bypass in mod_proxy_ftp module.\n (CVE-2009-3095)", "cvss3": {"score": null, "vector": null}, "published": "2009-10-26T00:00:00", "type": "nessus", "title": "SuSE9 Security Update : Apache 2 (YOU Patch Number 12526)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1890", "CVE-2009-1891", "CVE-2009-3094", "CVE-2009-3095"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12526.NASL", "href": "https://www.tenable.com/plugins/nessus/42243", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42243);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1890\", \"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n\n script_name(english:\"SuSE9 Security Update : Apache 2 (YOU Patch Number 12526)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of the Apache webserver fixes various security issues :\n\n - mod_proxy could run into an infinite loop when used as\n reverse proxy. (CVE-2009-1890) \n\n - mod_deflate continued to compress large files even after\n a network connection was closed, causing mod_deflate to\n consume large amounts of CPU. (CVE-2009-1891)\n\n - The ap_proxy_ftp_handler function in\n modules/proxy/proxy_ftp.c in the mod_proxy_ftp module\n allows remote FTP servers to cause a denial of service\n (NULL pointer dereference and child process crash) via a\n malformed reply to an EPSV command. (CVE-2009-3094)\n\n - access restriction bypass in mod_proxy_ftp module.\n (CVE-2009-3095)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1890.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1891.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3094.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3095.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12526.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"apache2-2.0.59-1.14\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"apache2-devel-2.0.59-1.14\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"apache2-doc-2.0.59-1.14\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"apache2-example-pages-2.0.59-1.14\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"apache2-prefork-2.0.59-1.14\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"apache2-worker-2.0.59-1.14\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"libapr0-2.0.59-1.14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:06:11", "description": "Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handle session renegotiation.\nA man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session (for example, an HTTPS connection to a website). This could force the server to process an attacker's request as if authenticated using the victim's credentials. This update partially mitigates this flaw for SSL sessions to HTTP servers using mod_ssl by rejecting client-requested renegotiation.\n(CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers.\nAn attack is still possible in configurations that require a server-initiated renegotiation. Refer to the following Knowledgebase article for further information:\nhttp://kbase.redhat.com/faq/docs/DOC-20491\n\nA denial of service flaw was found in the Apache mod_deflate module.\nThis module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file. (CVE-2009-1891)\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service. (CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2009-11-12T00:00:00", "type": "nessus", "title": "RHEL 4 : httpd (RHSA-2009:1580)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1891", "CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:httpd", "p-cpe:/a:redhat:enterprise_linux:httpd-devel", "p-cpe:/a:redhat:enterprise_linux:httpd-manual", "p-cpe:/a:redhat:enterprise_linux:httpd-suexec", "p-cpe:/a:redhat:enterprise_linux:mod_ssl", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.8"], "id": "REDHAT-RHSA-2009-1580.NASL", "href": "https://www.tenable.com/plugins/nessus/42470", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1580. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42470);\n script_version(\"1.33\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_bugtraq_id(35623, 36254, 36260, 36935);\n script_xref(name:\"RHSA\", value:\"2009:1580\");\n\n script_name(english:\"RHEL 4 : httpd (RHSA-2009:1580)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated httpd packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer\nSecurity/Secure Sockets Layer) protocols handle session renegotiation.\nA man-in-the-middle attacker could use this flaw to prefix arbitrary\nplain text to a client's session (for example, an HTTPS connection to\na website). This could force the server to process an attacker's\nrequest as if authenticated using the victim's credentials. This\nupdate partially mitigates this flaw for SSL sessions to HTTP servers\nusing mod_ssl by rejecting client-requested renegotiation.\n(CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers.\nAn attack is still possible in configurations that require a\nserver-initiated renegotiation. Refer to the following Knowledgebase\narticle for further information:\nhttp://kbase.redhat.com/faq/docs/DOC-20491\n\nA denial of service flaw was found in the Apache mod_deflate module.\nThis module continued to compress large files until compression was\ncomplete, even if the network connection that requested the content\nwas closed before compression completed. This would cause mod_deflate\nto consume large amounts of CPU if mod_deflate was enabled for a large\nfile. (CVE-2009-1891)\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\nmodule. A malicious FTP server to which requests are being proxied\ncould use this flaw to crash an httpd child process via a malformed\nreply to the EPSV or PASV commands, resulting in a limited denial of\nservice. (CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a\nreverse proxy configuration, a remote attacker could use this flaw to\nbypass intended access restrictions by creating a carefully-crafted\nHTTP Authorization header, allowing the attacker to send arbitrary\ncommands to the FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1891\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3094\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3095\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3555\"\n );\n # http://kbase.redhat.com/faq/docs/DOC-20491\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/articles/20490\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1580\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 264, 310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-suexec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1580\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"httpd-2.0.52-41.ent.6\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"httpd-devel-2.0.52-41.ent.6\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"httpd-manual-2.0.52-41.ent.6\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"httpd-suexec-2.0.52-41.ent.6\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"mod_ssl-2.0.52-41.ent.6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / httpd-manual / httpd-suexec / mod_ssl\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:54:16", "description": "Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handle session renegotiation.\nA man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session (for example, an HTTPS connection to a website). This could force the server to process an attacker's request as if authenticated using the victim's credentials. This update partially mitigates this flaw for SSL sessions to HTTP servers using mod_ssl by rejecting client-requested renegotiation.\n(CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers.\nAn attack is still possible in configurations that require a server-initiated renegotiation. Refer to the following Knowledgebase article for further information:\nhttp://kbase.redhat.com/faq/docs/DOC-20491\n\nA denial of service flaw was found in the Apache mod_deflate module.\nThis module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file. (CVE-2009-1891)\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service. (CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2013-06-29T00:00:00", "type": "nessus", "title": "CentOS 4 : httpd (CESA-2009:1580)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1891", "CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:httpd", "p-cpe:/a:centos:centos:httpd-devel", "p-cpe:/a:centos:centos:httpd-manual", "p-cpe:/a:centos:centos:httpd-suexec", "p-cpe:/a:centos:centos:mod_ssl", "cpe:/o:centos:centos:4"], "id": "CENTOS_RHSA-2009-1580.NASL", "href": "https://www.tenable.com/plugins/nessus/67074", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1580 and \n# CentOS Errata and Security Advisory 2009:1580 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67074);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_bugtraq_id(35623, 36254, 36260, 36935);\n script_xref(name:\"RHSA\", value:\"2009:1580\");\n\n script_name(english:\"CentOS 4 : httpd (CESA-2009:1580)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated httpd packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer\nSecurity/Secure Sockets Layer) protocols handle session renegotiation.\nA man-in-the-middle attacker could use this flaw to prefix arbitrary\nplain text to a client's session (for example, an HTTPS connection to\na website). This could force the server to process an attacker's\nrequest as if authenticated using the victim's credentials. This\nupdate partially mitigates this flaw for SSL sessions to HTTP servers\nusing mod_ssl by rejecting client-requested renegotiation.\n(CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers.\nAn attack is still possible in configurations that require a\nserver-initiated renegotiation. Refer to the following Knowledgebase\narticle for further information:\nhttp://kbase.redhat.com/faq/docs/DOC-20491\n\nA denial of service flaw was found in the Apache mod_deflate module.\nThis module continued to compress large files until compression was\ncomplete, even if the network connection that requested the content\nwas closed before compression completed. This would cause mod_deflate\nto consume large amounts of CPU if mod_deflate was enabled for a large\nfile. (CVE-2009-1891)\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\nmodule. A malicious FTP server to which requests are being proxied\ncould use this flaw to crash an httpd child process via a malformed\nreply to the EPSV or PASV commands, resulting in a limited denial of\nservice. (CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a\nreverse proxy configuration, a remote attacker could use this flaw to\nbypass intended access restrictions by creating a carefully-crafted\nHTTP Authorization header, allowing the attacker to send arbitrary\ncommands to the FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-November/016318.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d1557a9d\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-November/016319.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5b056973\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected httpd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 264, 310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-suexec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/06/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"httpd-2.0.52-41.ent.6.centos4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"httpd-2.0.52-41.ent.6.centos4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"httpd-devel-2.0.52-41.ent.6.centos4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"httpd-devel-2.0.52-41.ent.6.centos4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"httpd-manual-2.0.52-41.ent.6.centos4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"httpd-manual-2.0.52-41.ent.6.centos4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"httpd-suexec-2.0.52-41.ent.6.centos4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"httpd-suexec-2.0.52-41.ent.6.centos4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"mod_ssl-2.0.52-41.ent.6.centos4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"mod_ssl-2.0.52-41.ent.6.centos4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / httpd-manual / httpd-suexec / mod_ssl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:57:54", "description": "CVE-2009-1891 httpd: possible temporary DoS (CPU consumption) in mod_deflate\n\nCVE-2009-3094 httpd: NULL pointer defer in mod_proxy_ftp caused by crafted EPSV and PASV reply\n\nCVE-2009-3095 httpd: mod_proxy_ftp FTP command injection via Authorization HTTP header\n\nCVE-2009-3555 TLS: MITM attacks via session renegotiation\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handle session renegotiation.\nA man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session (for example, an HTTPS connection to a website). This could force the server to process an attacker's request as if authenticated using the victim's credentials. This update partially mitigates this flaw for SSL sessions to HTTP servers using mod_ssl by rejecting client-requested renegotiation.\n(CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers.\nAn attack is still possible in configurations that require a server-initiated renegotiation. Refer to the following Knowledgebase article for further information:\nhttp://kbase.redhat.com/faq/docs/DOC-20491\n\nA denial of service flaw was found in the Apache mod_deflate module.\nThis module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file. (CVE-2009-1891) - SL4 only\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service. (CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server. (CVE-2009-3095)\n\nAfter installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : httpd on SL3.x, SL4.x, SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1891", "CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20091111_HTTPD_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60695", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60695);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n\n script_name(english:\"Scientific Linux Security Update : httpd on SL3.x, SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2009-1891 httpd: possible temporary DoS (CPU consumption) in\nmod_deflate\n\nCVE-2009-3094 httpd: NULL pointer defer in mod_proxy_ftp caused by\ncrafted EPSV and PASV reply\n\nCVE-2009-3095 httpd: mod_proxy_ftp FTP command injection via\nAuthorization HTTP header\n\nCVE-2009-3555 TLS: MITM attacks via session renegotiation\n\nA flaw was found in the way the TLS/SSL (Transport Layer\nSecurity/Secure Sockets Layer) protocols handle session renegotiation.\nA man-in-the-middle attacker could use this flaw to prefix arbitrary\nplain text to a client's session (for example, an HTTPS connection to\na website). This could force the server to process an attacker's\nrequest as if authenticated using the victim's credentials. This\nupdate partially mitigates this flaw for SSL sessions to HTTP servers\nusing mod_ssl by rejecting client-requested renegotiation.\n(CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers.\nAn attack is still possible in configurations that require a\nserver-initiated renegotiation. Refer to the following Knowledgebase\narticle for further information:\nhttp://kbase.redhat.com/faq/docs/DOC-20491\n\nA denial of service flaw was found in the Apache mod_deflate module.\nThis module continued to compress large files until compression was\ncomplete, even if the network connection that requested the content\nwas closed before compression completed. This would cause mod_deflate\nto consume large amounts of CPU if mod_deflate was enabled for a large\nfile. (CVE-2009-1891) - SL4 only\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\nmodule. A malicious FTP server to which requests are being proxied\ncould use this flaw to crash an httpd child process via a malformed\nreply to the EPSV or PASV commands, resulting in a limited denial of\nservice. (CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a\nreverse proxy configuration, a remote attacker could use this flaw to\nbypass intended access restrictions by creating a carefully-crafted\nHTTP Authorization header, allowing the attacker to send arbitrary\ncommands to the FTP server. (CVE-2009-3095)\n\nAfter installing the updated packages, the httpd daemon must be\nrestarted for the update to take effect.\"\n );\n # http://kbase.redhat.com/faq/docs/DOC-20491\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/articles/20490\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0911&L=scientific-linux-errata&T=0&P=1958\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a32339d7\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 264, 310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"httpd-2.0.46-77.sl3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"httpd-devel-2.0.46-77.sl3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"mod_ssl-2.0.46-77.sl3\")) flag++;\n\nif (rpm_check(release:\"SL4\", reference:\"httpd-2.0.52-41.sl4.6\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"httpd-devel-2.0.52-41.sl4.6\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"httpd-manual-2.0.52-41.sl4.6\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"httpd-suexec-2.0.52-41.sl4.6\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"mod_ssl-2.0.52-41.sl4.6\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"httpd-2.2.3-31.sl5.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"httpd-devel-2.2.3-31.sl5.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"httpd-manual-2.2.3-31.sl5.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"mod_ssl-2.2.3-31.sl5.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:54:23", "description": "From Red Hat Security Advisory 2009:1580 :\n\nUpdated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handle session renegotiation.\nA man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session (for example, an HTTPS connection to a website). This could force the server to process an attacker's request as if authenticated using the victim's credentials. This update partially mitigates this flaw for SSL sessions to HTTP servers using mod_ssl by rejecting client-requested renegotiation.\n(CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers.\nAn attack is still possible in configurations that require a server-initiated renegotiation. Refer to the following Knowledgebase article for further information:\nhttp://kbase.redhat.com/faq/docs/DOC-20491\n\nA denial of service flaw was found in the Apache mod_deflate module.\nThis module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file. (CVE-2009-1891)\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service. (CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 : httpd (ELSA-2009-1580)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1891", "CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:httpd", "p-cpe:/a:oracle:linux:httpd-devel", "p-cpe:/a:oracle:linux:httpd-manual", "p-cpe:/a:oracle:linux:httpd-suexec", "p-cpe:/a:oracle:linux:mod_ssl", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2009-1580.NASL", "href": "https://www.tenable.com/plugins/nessus/67959", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1580 and \n# Oracle Linux Security Advisory ELSA-2009-1580 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67959);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_bugtraq_id(35623, 36254, 36260, 36935);\n script_xref(name:\"RHSA\", value:\"2009:1580\");\n\n script_name(english:\"Oracle Linux 4 : httpd (ELSA-2009-1580)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1580 :\n\nUpdated httpd packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer\nSecurity/Secure Sockets Layer) protocols handle session renegotiation.\nA man-in-the-middle attacker could use this flaw to prefix arbitrary\nplain text to a client's session (for example, an HTTPS connection to\na website). This could force the server to process an attacker's\nrequest as if authenticated using the victim's credentials. This\nupdate partially mitigates this flaw for SSL sessions to HTTP servers\nusing mod_ssl by rejecting client-requested renegotiation.\n(CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers.\nAn attack is still possible in configurations that require a\nserver-initiated renegotiation. Refer to the following Knowledgebase\narticle for further information:\nhttp://kbase.redhat.com/faq/docs/DOC-20491\n\nA denial of service flaw was found in the Apache mod_deflate module.\nThis module continued to compress large files until compression was\ncomplete, even if the network connection that requested the content\nwas closed before compression completed. This would cause mod_deflate\nto consume large amounts of CPU if mod_deflate was enabled for a large\nfile. (CVE-2009-1891)\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\nmodule. A malicious FTP server to which requests are being proxied\ncould use this flaw to crash an httpd child process via a malformed\nreply to the EPSV or PASV commands, resulting in a limited denial of\nservice. (CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a\nreverse proxy configuration, a remote attacker could use this flaw to\nbypass intended access restrictions by creating a carefully-crafted\nHTTP Authorization header, allowing the attacker to send arbitrary\ncommands to the FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-November/001244.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected httpd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 264, 310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd-suexec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"httpd-2.0.52-41.ent.6.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"httpd-devel-2.0.52-41.ent.6.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"httpd-manual-2.0.52-41.ent.6.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"httpd-suexec-2.0.52-41.ent.6.0.1\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"mod_ssl-2.0.52-41.ent.6.0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / httpd-manual / httpd-suexec / mod_ssl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:06:19", "description": "This update of the Apache webserver fixes various security issues :\n\n - the option IncludesNOEXEC could be bypassed via .htaccess. (CVE-2009-1195)\n\n - mod_proxy could run into an infinite loop when used as reverse proxy. (CVE-2009-1890)\n\n - mod_deflate continued to compress large files even after a network connection was closed, causing mod_deflate to consume large amounts of CPU. (CVE-2009-1891)\n\n - The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. (CVE-2009-3094)\n\n - access restriction bypass in mod_proxy_ftp module (CVE-2009-3095)", "cvss3": {"score": null, "vector": null}, "published": "2009-10-26T00:00:00", "type": "nessus", "title": "SuSE 11 Security Update : Apache 2 (SAT Patch Number 1417)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1195", "CVE-2009-1890", "CVE-2009-1891", "CVE-2009-3094", "CVE-2009-3095"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:apache2", "p-cpe:/a:novell:suse_linux:11:apache2-doc", "p-cpe:/a:novell:suse_linux:11:apache2-example-pages", "p-cpe:/a:novell:suse_linux:11:apache2-prefork", "p-cpe:/a:novell:suse_linux:11:apache2-utils", "p-cpe:/a:novell:suse_linux:11:apache2-worker", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_APACHE2-091020.NASL", "href": "https://www.tenable.com/plugins/nessus/42252", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42252);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1195\", \"CVE-2009-1890\", \"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n\n script_name(english:\"SuSE 11 Security Update : Apache 2 (SAT Patch Number 1417)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of the Apache webserver fixes various security issues :\n\n - the option IncludesNOEXEC could be bypassed via\n .htaccess. (CVE-2009-1195)\n\n - mod_proxy could run into an infinite loop when used as\n reverse proxy. (CVE-2009-1890)\n\n - mod_deflate continued to compress large files even after\n a network connection was closed, causing mod_deflate to\n consume large amounts of CPU. (CVE-2009-1891)\n\n - The ap_proxy_ftp_handler function in\n modules/proxy/proxy_ftp.c in the mod_proxy_ftp module\n allows remote FTP servers to cause a denial of service\n (NULL pointer dereference and child process crash) via a\n malformed reply to an EPSV command. (CVE-2009-3094)\n\n - access restriction bypass in mod_proxy_ftp module\n (CVE-2009-3095)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=512583\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=513080\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=519194\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=521906\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=538322\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=539571\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1195.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1890.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1891.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3094.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3095.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 1417.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(16, 119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:apache2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:apache2-example-pages\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:apache2-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"apache2-2.2.10-2.21.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"apache2-doc-2.2.10-2.21.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"apache2-example-pages-2.2.10-2.21.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"apache2-prefork-2.2.10-2.21.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"apache2-utils-2.2.10-2.21.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"apache2-worker-2.2.10-2.21.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:06:16", "description": "This update of the Apache webserver fixes various security issues :\n\n - the option IncludesNOEXEC could be bypassed via .htaccess (CVE-2009-1195) \n\n - mod_proxy could run into an infinite loop when used as reverse proxy (CVE-2009-1890) \n\n - mod_deflate continued to compress large files even after a network connection was closed, causing mod_deflate to consume large amounts of CPU (CVE-2009-1891)\n\n - The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. (CVE-2009-3094)\n\n - access restriction bypass in mod_proxy_ftp module (CVE-2009-3095)", "cvss3": {"score": null, "vector": null}, "published": "2009-10-26T00:00:00", "type": "nessus", "title": "openSUSE Security Update : apache2 (apache2-1419)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1195", "CVE-2009-1890", "CVE-2009-1891", "CVE-2009-3094", "CVE-2009-3095"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2", "p-cpe:/a:novell:opensuse:apache2-devel", "p-cpe:/a:novell:opensuse:apache2-example-pages", "p-cpe:/a:novell:opensuse:apache2-prefork", "p-cpe:/a:novell:opensuse:apache2-utils", "p-cpe:/a:novell:opensuse:apache2-worker", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_APACHE2-091020.NASL", "href": "https://www.tenable.com/plugins/nessus/42248", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update apache2-1419.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42248);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1195\", \"CVE-2009-1890\", \"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n\n script_name(english:\"openSUSE Security Update : apache2 (apache2-1419)\");\n script_summary(english:\"Check for the apache2-1419 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of the Apache webserver fixes various security issues :\n\n - the option IncludesNOEXEC could be bypassed via\n .htaccess (CVE-2009-1195) \n\n - mod_proxy could run into an infinite loop when used as\n reverse proxy (CVE-2009-1890) \n\n - mod_deflate continued to compress large files even after\n a network connection was closed, causing mod_deflate to\n consume large amounts of CPU (CVE-2009-1891)\n\n - The ap_proxy_ftp_handler function in\n modules/proxy/proxy_ftp.c in the mod_proxy_ftp module\n allows remote FTP servers to cause a denial of service\n (NULL pointer dereference and child process crash) via a\n malformed reply to an EPSV command. (CVE-2009-3094)\n\n - access restriction bypass in mod_proxy_ftp module\n (CVE-2009-3095)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=512583\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=513080\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=519194\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=521906\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=538322\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=539571\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(16, 119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-example-pages\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/05/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"apache2-2.2.10-2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"apache2-devel-2.2.10-2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"apache2-example-pages-2.2.10-2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"apache2-prefork-2.2.10-2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"apache2-utils-2.2.10-2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"apache2-worker-2.2.10-2.8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:02:33", "description": "This update of the Apache webserver fixes various security issues :\n\n - the option IncludesNOEXEC could be bypassed via .htaccess. (CVE-2009-1195)\n\n - mod_proxy could run into an infinite loop when used as reverse proxy. (CVE-2009-1890)\n\n - mod_deflate continued to compress large files even after a network connection was closed, causing mod_deflate to consume large amounts of CPU. (CVE-2009-1891)\n\n - The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. (CVE-2009-3094)\n\n - access restriction bypass in mod_proxy_ftp module.\n (CVE-2009-3095)\n\nAlso a incompatibility between mod_cache and mod_rewrite was fixed.", "cvss3": {"score": null, "vector": null}, "published": "2010-10-11T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Apache 2 (ZYPP Patch Number 6572)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1195", "CVE-2009-1890", "CVE-2009-1891", "CVE-2009-3094", "CVE-2009-3095"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_APACHE2-6572.NASL", "href": "https://www.tenable.com/plugins/nessus/49826", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49826);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1195\", \"CVE-2009-1890\", \"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n\n script_name(english:\"SuSE 10 Security Update : Apache 2 (ZYPP Patch Number 6572)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of the Apache webserver fixes various security issues :\n\n - the option IncludesNOEXEC could be bypassed via\n .htaccess. (CVE-2009-1195)\n\n - mod_proxy could run into an infinite loop when used as\n reverse proxy. (CVE-2009-1890)\n\n - mod_deflate continued to compress large files even after\n a network connection was closed, causing mod_deflate to\n consume large amounts of CPU. (CVE-2009-1891)\n\n - The ap_proxy_ftp_handler function in\n modules/proxy/proxy_ftp.c in the mod_proxy_ftp module\n allows remote FTP servers to cause a denial of service\n (NULL pointer dereference and child process crash) via a\n malformed reply to an EPSV command. (CVE-2009-3094)\n\n - access restriction bypass in mod_proxy_ftp module.\n (CVE-2009-3095)\n\nAlso a incompatibility between mod_cache and mod_rewrite was fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1195.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1890.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1891.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3094.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3095.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6572.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(16, 119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"apache2-2.2.3-16.28.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"apache2-devel-2.2.3-16.28.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"apache2-doc-2.2.3-16.28.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"apache2-example-pages-2.2.3-16.28.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"apache2-prefork-2.2.3-16.28.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"apache2-worker-2.2.3-16.28.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:06:21", "description": "This update of the Apache webserver fixes various security issues :\n\n - the option IncludesNOEXEC could be bypassed via .htaccess (CVE-2009-1195) \n\n - mod_proxy could run into an infinite loop when used as reverse proxy (CVE-2009-1890) \n\n - mod_deflate continued to compress large files even after a network connection was closed, causing mod_deflate to consume large amounts of CPU (CVE-2009-1891)\n\n - The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. (CVE-2009-3094)\n\n - access restriction bypass in mod_proxy_ftp module (CVE-2009-3095)", "cvss3": {"score": null, "vector": null}, "published": "2009-10-26T00:00:00", "type": "nessus", "title": "openSUSE Security Update : apache2 (apache2-1419)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1195", "CVE-2009-1890", "CVE-2009-1891", "CVE-2009-3094", "CVE-2009-3095"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2", "p-cpe:/a:novell:opensuse:apache2-devel", "p-cpe:/a:novell:opensuse:apache2-example-pages", "p-cpe:/a:novell:opensuse:apache2-prefork", "p-cpe:/a:novell:opensuse:apache2-utils", "p-cpe:/a:novell:opensuse:apache2-worker", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_APACHE2-091020.NASL", "href": "https://www.tenable.com/plugins/nessus/42245", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update apache2-1419.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42245);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1195\", \"CVE-2009-1890\", \"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n\n script_name(english:\"openSUSE Security Update : apache2 (apache2-1419)\");\n script_summary(english:\"Check for the apache2-1419 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of the Apache webserver fixes various security issues :\n\n - the option IncludesNOEXEC could be bypassed via\n .htaccess (CVE-2009-1195) \n\n - mod_proxy could run into an infinite loop when used as\n reverse proxy (CVE-2009-1890) \n\n - mod_deflate continued to compress large files even after\n a network connection was closed, causing mod_deflate to\n consume large amounts of CPU (CVE-2009-1891)\n\n - The ap_proxy_ftp_handler function in\n modules/proxy/proxy_ftp.c in the mod_proxy_ftp module\n allows remote FTP servers to cause a denial of service\n (NULL pointer dereference and child process crash) via a\n malformed reply to an EPSV command. (CVE-2009-3094)\n\n - access restriction bypass in mod_proxy_ftp module\n (CVE-2009-3095)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=512583\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=513080\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=519194\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=521906\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=538322\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=539571\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(16, 119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-example-pages\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/05/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"apache2-2.2.8-28.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"apache2-devel-2.2.8-28.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"apache2-example-pages-2.2.8-28.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"apache2-prefork-2.2.8-28.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"apache2-utils-2.2.8-28.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"apache2-worker-2.2.8-28.8\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:06:19", "description": "This update of the Apache webserver fixes various security issues :\n\n - the option IncludesNOEXEC could be bypassed via .htaccess (CVE-2009-1195) \n\n - mod_proxy could run into an infinite loop when used as reverse proxy (CVE-2009-1890) \n\n - mod_deflate continued to compress large files even after a network connection was closed, causing mod_deflate to consume large amounts of CPU (CVE-2009-1891)\n\n - The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. (CVE-2009-3094)\n\n - access restriction bypass in mod_proxy_ftp module (CVE-2009-3095)", "cvss3": {"score": null, "vector": null}, "published": "2009-10-30T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : apache2 (apache2-6576)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1195", "CVE-2009-1890", "CVE-2009-1891", "CVE-2009-3094", "CVE-2009-3095"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2", "p-cpe:/a:novell:opensuse:apache2-devel", "p-cpe:/a:novell:opensuse:apache2-example-pages", "p-cpe:/a:novell:opensuse:apache2-prefork", "p-cpe:/a:novell:opensuse:apache2-utils", "p-cpe:/a:novell:opensuse:apache2-worker", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_APACHE2-6576.NASL", "href": "https://www.tenable.com/plugins/nessus/42319", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update apache2-6576.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42319);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1195\", \"CVE-2009-1890\", \"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n\n script_name(english:\"openSUSE 10 Security Update : apache2 (apache2-6576)\");\n script_summary(english:\"Check for the apache2-6576 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of the Apache webserver fixes various security issues :\n\n - the option IncludesNOEXEC could be bypassed via\n .htaccess (CVE-2009-1195) \n\n - mod_proxy could run into an infinite loop when used as\n reverse proxy (CVE-2009-1890) \n\n - mod_deflate continued to compress large files even after\n a network connection was closed, causing mod_deflate to\n consume large amounts of CPU (CVE-2009-1891)\n\n - The ap_proxy_ftp_handler function in\n modules/proxy/proxy_ftp.c in the mod_proxy_ftp module\n allows remote FTP servers to cause a denial of service\n (NULL pointer dereference and child process crash) via a\n malformed reply to an EPSV command. (CVE-2009-3094)\n\n - access restriction bypass in mod_proxy_ftp module\n (CVE-2009-3095)\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(16, 119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-example-pages\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"apache2-2.2.4-70.11\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"apache2-devel-2.2.4-70.11\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"apache2-example-pages-2.2.4-70.11\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"apache2-prefork-2.2.4-70.11\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"apache2-utils-2.2.4-70.11\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"apache2-worker-2.2.4-70.11\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:06:21", "description": "This update of the Apache webserver fixes various security issues :\n\n - the option IncludesNOEXEC could be bypassed via .htaccess. (CVE-2009-1195)\n\n - mod_proxy could run into an infinite loop when used as reverse proxy. (CVE-2009-1890)\n\n - mod_deflate continued to compress large files even after a network connection was closed, causing mod_deflate to consume large amounts of CPU. (CVE-2009-1891)\n\n - The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. (CVE-2009-3094)\n\n - access restriction bypass in mod_proxy_ftp module.\n (CVE-2009-3095)\n\nAlso a incompatibility between mod_cache and mod_rewrite was fixed.", "cvss3": {"score": null, "vector": null}, "published": "2009-10-26T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Apache 2 (ZYPP Patch Number 6571)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1195", "CVE-2009-1890", "CVE-2009-1891", "CVE-2009-3094", "CVE-2009-3095"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_APACHE2-6571.NASL", "href": "https://www.tenable.com/plugins/nessus/42253", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42253);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1195\", \"CVE-2009-1890\", \"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n\n script_name(english:\"SuSE 10 Security Update : Apache 2 (ZYPP Patch Number 6571)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of the Apache webserver fixes various security issues :\n\n - the option IncludesNOEXEC could be bypassed via\n .htaccess. (CVE-2009-1195)\n\n - mod_proxy could run into an infinite loop when used as\n reverse proxy. (CVE-2009-1890)\n\n - mod_deflate continued to compress large files even after\n a network connection was closed, causing mod_deflate to\n consume large amounts of CPU. (CVE-2009-1891)\n\n - The ap_proxy_ftp_handler function in\n modules/proxy/proxy_ftp.c in the mod_proxy_ftp module\n allows remote FTP servers to cause a denial of service\n (NULL pointer dereference and child process crash) via a\n malformed reply to an EPSV command. (CVE-2009-3094)\n\n - access restriction bypass in mod_proxy_ftp module.\n (CVE-2009-3095)\n\nAlso a incompatibility between mod_cache and mod_rewrite was fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1195.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1890.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1891.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3094.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3095.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6571.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(16, 119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"apache2-2.2.3-16.25.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"apache2-devel-2.2.3-16.25.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"apache2-doc-2.2.3-16.25.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"apache2-example-pages-2.2.3-16.25.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"apache2-prefork-2.2.3-16.25.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"apache2-worker-2.2.3-16.25.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:05:54", "description": "Multiple vulnerabilities has been found and corrected in apache :\n\nMemory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service (memory consumption) via multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server mod_ssl that specify a compression algorithm (CVE-2008-1678).\nNote that this security issue does not really apply as zlib compression is not enabled in the openssl build provided by Mandriva, but apache is patched to address this issue anyway (conserns 2008.1 only).\n\nmod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request (CVE-2009-1191).\n\nCross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via wildcards in a pathname in an FTP URI (CVE-2008-2939). Note that this security issue was initially addressed with MDVSA-2008:195 but the patch fixing the issue was added but not applied in 2009.0.\n\nThe Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file (CVE-2009-1195).\n\nThe stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests (CVE-2009-1890).\n\nFix a potential Denial-of-Service attack against mod_deflate or other modules, by forcing the server to consume CPU time in compressing a large file after a client disconnects (CVE-2009-1891).\n\nThe ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command (CVE-2009-3094).\n\nThe mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes (CVE-2009-3095).\n\nApache is affected by SSL injection or man-in-the-middle attacks due to a design flaw in the SSL and/or TLS protocols. A short term solution was released Sat Nov 07 2009 by the ASF team to mitigate these problems. Apache will now reject in-session renegotiation (CVE-2009-3555).\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0 customers\n\nThis update provides a solution to these vulnerabilities.", "cvss3": {"score": null, "vector": null}, "published": "2009-12-08T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : apache (MDVSA-2009:323)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1678", "CVE-2008-2939", "CVE-2009-1191", "CVE-2009-1195", "CVE-2009-1890", "CVE-2009-1891", "CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:apache-base", "p-cpe:/a:mandriva:linux:apache-devel", "p-cpe:/a:mandriva:linux:apache-htcacheclean", "p-cpe:/a:mandriva:linux:apache-mod_authn_dbd", "p-cpe:/a:mandriva:linux:apache-mod_cache", "p-cpe:/a:mandriva:linux:apache-mod_dav", "p-cpe:/a:mandriva:linux:apache-mod_dbd", "p-cpe:/a:mandriva:linux:apache-mod_deflate", "p-cpe:/a:mandriva:linux:apache-mod_disk_cache", "p-cpe:/a:mandriva:linux:apache-mod_file_cache", "p-cpe:/a:mandriva:linux:apache-mod_ldap", "p-cpe:/a:mandriva:linux:apache-mod_mem_cache", "p-cpe:/a:mandriva:linux:apache-mod_proxy", "p-cpe:/a:mandriva:linux:apache-mod_proxy_ajp", "p-cpe:/a:mandriva:linux:apache-mod_ssl", "p-cpe:/a:mandriva:linux:apache-mod_userdir", "p-cpe:/a:mandriva:linux:apache-modules", "p-cpe:/a:mandriva:linux:apache-mpm-event", "p-cpe:/a:mandriva:linux:apache-mpm-itk", "p-cpe:/a:mandriva:linux:apache-mpm-prefork", "p-cpe:/a:mandriva:linux:apache-mpm-worker", "p-cpe:/a:mandriva:linux:apache-source", "cpe:/o:mandriva:linux:2008.0"], "id": "MANDRIVA_MDVSA-2009-323.NASL", "href": "https://www.tenable.com/plugins/nessus/43042", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:323. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43042);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-1678\", \"CVE-2008-2939\", \"CVE-2009-1191\", \"CVE-2009-1195\", \"CVE-2009-1890\", \"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_bugtraq_id(30560, 31692, 34663, 35115, 35565, 35623, 36254, 36260, 36935);\n script_xref(name:\"MDVSA\", value:\"2009:323\");\n\n script_name(english:\"Mandriva Linux Security Advisory : apache (MDVSA-2009:323)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been found and corrected in apache :\n\nMemory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c\nin libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to\ncause a denial of service (memory consumption) via multiple calls, as\ndemonstrated by initial SSL client handshakes to the Apache HTTP\nServer mod_ssl that specify a compression algorithm (CVE-2008-1678).\nNote that this security issue does not really apply as zlib\ncompression is not enabled in the openssl build provided by Mandriva,\nbut apache is patched to address this issue anyway (conserns 2008.1\nonly).\n\nmod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server\n2.2.11 allows remote attackers to obtain sensitive response data,\nintended for a client that sent an earlier POST request with no\nrequest body, via an HTTP request (CVE-2009-1191).\n\nCross-site scripting (XSS) vulnerability in proxy_ftp.c in the\nmod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c\nin the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions,\nallows remote attackers to inject arbitrary web script or HTML via\nwildcards in a pathname in an FTP URI (CVE-2008-2939). Note that this\nsecurity issue was initially addressed with MDVSA-2008:195 but the\npatch fixing the issue was added but not applied in 2009.0.\n\nThe Apache HTTP Server 2.2.11 and earlier 2.2 versions does not\nproperly handle Options=IncludesNOEXEC in the AllowOverride directive,\nwhich allows local users to gain privileges by configuring (1) Options\nIncludes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a\n.htaccess file, and then inserting an exec element in a .shtml file\n(CVE-2009-1195).\n\nThe stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy\nmodule in the Apache HTTP Server before 2.3.3, when a reverse proxy is\nconfigured, does not properly handle an amount of streamed data that\nexceeds the Content-Length value, which allows remote attackers to\ncause a denial of service (CPU consumption) via crafted requests\n(CVE-2009-1890).\n\nFix a potential Denial-of-Service attack against mod_deflate or other\nmodules, by forcing the server to consume CPU time in compressing a\nlarge file after a client disconnects (CVE-2009-1891).\n\nThe ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the\nmod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13\nallows remote FTP servers to cause a denial of service (NULL pointer\ndereference and child process crash) via a malformed reply to an EPSV\ncommand (CVE-2009-3094).\n\nThe mod_proxy_ftp module in the Apache HTTP Server allows remote\nattackers to bypass intended access restrictions and send arbitrary\ncommands to an FTP server via vectors related to the embedding of\nthese commands in the Authorization HTTP header, as demonstrated by a\ncertain module in VulnDisco Pack Professional 8.11. NOTE: as of\n20090903, this disclosure has no actionable information. However,\nbecause the VulnDisco Pack author is a reliable researcher, the issue\nis being assigned a CVE identifier for tracking purposes\n(CVE-2009-3095).\n\nApache is affected by SSL injection or man-in-the-middle attacks due\nto a design flaw in the SSL and/or TLS protocols. A short term\nsolution was released Sat Nov 07 2009 by the ASF team to mitigate\nthese problems. Apache will now reject in-session renegotiation\n(CVE-2009-3555).\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0\ncustomers\n\nThis update provides a solution to these vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(16, 20, 79, 119, 189, 264, 310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-htcacheclean\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_authn_dbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_dav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_dbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_deflate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_disk_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_file_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_mem_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_proxy_ajp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_userdir\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-event\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-itk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-base-2.2.6-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-devel-2.2.6-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-htcacheclean-2.2.6-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_authn_dbd-2.2.6-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_cache-2.2.6-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_dav-2.2.6-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_dbd-2.2.6-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_deflate-2.2.6-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_disk_cache-2.2.6-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_file_cache-2.2.6-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_ldap-2.2.6-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_mem_cache-2.2.6-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_proxy-2.2.6-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_proxy_ajp-2.2.6-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_ssl-2.2.6-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_userdir-2.2.6-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-modules-2.2.6-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mpm-event-2.2.6-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mpm-itk-2.2.6-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mpm-prefork-2.2.6-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mpm-worker-2.2.6-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-source-2.2.6-8.3mdv2008.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-24T15:25:04", "description": "According to its banner, the version of Apache 2.0.x running on the remote host is prior to 2.0.64. It is, therefore, affected by the following vulnerabilities :\n\n - An unspecified error exists in the handling of requests without a path segment. (CVE-2010-1452)\n\n - Several modules, including 'mod_deflate', are vulnerable to a denial of service attack as the server can be forced to utilize CPU time compressing a large file after client disconnect. (CVE-2009-1891)\n\n - An unspecified error exists in 'mod_proxy' related to filtration of authentication credentials. (CVE-2009-3095) \n - A NULL pointer dereference issue exists in 'mod_proxy_ftp' in some error handling paths.\n (CVE-2009-3094)\n\n - An error exists in 'mod_ssl' making the server vulnerable to the TLC renegotiation prefix injection attack. (CVE-2009-3555)\n\n - An error exists in the handling of subrequests such that the parent request headers may be corrupted.\n (CVE-2010-0434)\n\n - An error exists in 'mod_proxy_http' when handling excessive interim responses making it vulnerable to a denial of service attack. (CVE-2008-2364)\n\n - An error exists in 'mod_isapi' that allows the module to be unloaded too early, which leaves orphaned callback pointers. (CVE-2010-0425)\n\n - An error exists in 'mod_proxy_ftp' when wildcards are in an FTP URL, which allows for cross-site scripting attacks. (CVE-2008-2939)\n\nNote that the remote web server may not actually be affected by these vulnerabilities. Nessus did not try to determine whether the affected modules are in use or to check for the issues themselves.", "cvss3": {"score": 7.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2010-10-20T00:00:00", "type": "nessus", "title": "Apache 2.0.x < 2.0.64 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2364", "CVE-2008-2939", "CVE-2009-1891", "CVE-2009-2412", "CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555", "CVE-2009-3560", "CVE-2009-3720", "CVE-2010-0425", "CVE-2010-0434", "CVE-2010-1452", "CVE-2010-1623"], "modified": "2018-06-29T00:00:00", "cpe": ["cpe:/a:apache:http_server"], "id": "APACHE_2_0_64.NASL", "href": "https://www.tenable.com/plugins/nessus/50069", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(50069);\n script_cvs_date(\"Date: 2018/06/29 12:01:03\");\n script_version(\"1.33\");\n\n script_cve_id(\n \"CVE-2008-2364\",\n \"CVE-2008-2939\",\n \"CVE-2009-1891\",\n \"CVE-2009-2412\",\n \"CVE-2009-3094\",\n \"CVE-2009-3095\",\n \"CVE-2009-3555\",\n \"CVE-2009-3560\",\n \"CVE-2009-3720\",\n \"CVE-2010-0425\",\n \"CVE-2010-0434\",\n \"CVE-2010-1452\",\n \"CVE-2010-1623\"\n );\n script_bugtraq_id(29653, 30560, 35949, 38494);\n script_xref(name:\"Secunia\", value:\"30261\");\n script_xref(name:\"Secunia\", value:\"31384\");\n script_xref(name:\"Secunia\", value:\"35781\");\n script_xref(name:\"Secunia\", value:\"36549\");\n script_xref(name:\"Secunia\", value:\"36675\");\n script_xref(name:\"Secunia\", value:\"38776\");\n\n script_name(english:\"Apache 2.0.x < 2.0.64 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version in Server response header\");\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Apache 2.0.x running on the\nremote host is prior to 2.0.64. It is, therefore, affected by the\nfollowing vulnerabilities :\n\n - An unspecified error exists in the handling of requests\n without a path segment. (CVE-2010-1452)\n\n - Several modules, including 'mod_deflate', are \n vulnerable to a denial of service attack as the\n server can be forced to utilize CPU time compressing\n a large file after client disconnect. (CVE-2009-1891)\n\n - An unspecified error exists in 'mod_proxy' related to \n filtration of authentication credentials. \n (CVE-2009-3095)\n \n - A NULL pointer dereference issue exists in \n 'mod_proxy_ftp' in some error handling paths.\n (CVE-2009-3094)\n\n - An error exists in 'mod_ssl' making the server\n vulnerable to the TLC renegotiation prefix injection\n attack. (CVE-2009-3555)\n\n - An error exists in the handling of subrequests such\n that the parent request headers may be corrupted.\n (CVE-2010-0434)\n\n - An error exists in 'mod_proxy_http' when handling excessive\n interim responses making it vulnerable to a denial of\n service attack. (CVE-2008-2364)\n\n - An error exists in 'mod_isapi' that allows the module\n to be unloaded too early, which leaves orphaned callback\n pointers. (CVE-2010-0425)\n\n - An error exists in 'mod_proxy_ftp' when wildcards are\n in an FTP URL, which allows for cross-site scripting\n attacks. (CVE-2008-2939)\n\nNote that the remote web server may not actually be affected by these\nvulnerabilities. Nessus did not try to determine whether the affected\nmodules are in use or to check for the issues themselves.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://archive.apache.org/dist/httpd/CHANGES_2.0.64\");\n # https://web.archive.org/web/20101028103804/http://httpd.apache.org/security/vulnerabilities_20.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6dea6c32\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache version 2.0.64 or later. Alternatively, ensure that\nthe affected modules are not in use.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(79, 119, 189, 200, 264, 310, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/10/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value: \"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:http_server\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"apache_http_version.nasl\");\n script_require_keys(\"installed_sw/Apache\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"audit.inc\");\ninclude(\"install_func.inc\");\n\nget_install_count(app_name:\"Apache\", exit_if_zero:TRUE);\nport = get_http_port(default:80);\ninstall = get_single_install(app_name:\"Apache\", port:port, exit_if_unknown_ver:TRUE);\n\n# Check if we could get a version first, then check if it was\n# backported\nversion = get_kb_item_or_exit('www/apache/'+port+'/version', exit_code:1);\nbackported = get_kb_item_or_exit('www/apache/'+port+'/backported', exit_code:1);\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"Apache\");\nsource = get_kb_item_or_exit('www/apache/'+port+'/source', exit_code:1);\n\n# Check if the version looks like either ServerTokens Major/Minor\n# was used\nif (version =~ '^2(\\\\.0)?$') exit(1, \"The banner from the Apache server listening on port \"+port+\" - \"+source+\" - is not granular enough to make a determination.\");\nif (version !~ \"^\\d+(\\.\\d+)*$\") exit(1, \"The version of Apache listening on port \" + port + \" - \" + version + \" - is non-numeric and, therefore, cannot be used to make a determination.\");\nif (version =~ '^2\\\\.0' && ver_compare(ver:version, fix:'2.0.64') == -1)\n{\n set_kb_item(name:\"www/\"+port+\"/XSS\", value:TRUE);\n if (report_verbosity > 0)\n {\n report = \n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 2.0.64\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"Apache\", port, install[\"version\"]);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-18T14:04:36", "description": "The remote host is running a version of Mac OS X 10.5 that does not have Security Update 2010-002 applied.\n\nThis security update contains fixes for the following products :\n\n - AppKit\n - Application Firewall\n - AFP Server\n - Apache\n - ClamAV\n - CoreTypes\n - CUPS\n - curl\n - Cyrus IMAP\n - Cyrus SASL\n - Disk Images\n - Directory Services\n - Event Monitor\n - FreeRADIUS\n - FTP Server\n - iChat Server\n - Image RAW\n - Libsystem\n - Mail\n - Mailman\n - OS Services\n - Password Server\n - perl\n - PHP\n - PS Normalizer\n - Ruby\n - Server Admin\n - SMB\n - Tomcat\n - unzip\n - vim\n - Wiki Server\n - X11\n - xar", "cvss3": {"score": null, "vector": null}, "published": "2010-03-29T00:00:00", "type": "nessus", "title": "Mac OS X Multiple Vulnerabilities (Security Update 2010-002)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2003-0063", "CVE-2006-1329", "CVE-2008-0564", "CVE-2008-0888", "CVE-2008-2712", "CVE-2008-4101", "CVE-2008-5302", "CVE-2008-5303", "CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0037", "CVE-2009-0316", "CVE-2009-0580", "CVE-2009-0688", "CVE-2009-0689", "CVE-2009-0781", "CVE-2009-0783", "CVE-2009-1904", "CVE-2009-2042", "CVE-2009-2417", "CVE-2009-2422", "CVE-2009-2632", "CVE-2009-2693", "CVE-2009-2801", "CVE-2009-2901", "CVE-2009-2902", "CVE-2009-2906", "CVE-2009-3009", "CVE-2009-3095", "CVE-2009-3557", "CVE-2009-3558", "CVE-2009-3559", "CVE-2009-4142", "CVE-2009-4143", "CVE-2009-4214", "CVE-2010-0041", "CVE-2010-0042", "CVE-2010-0055", "CVE-2010-0056", "CVE-2010-0057", "CVE-2010-0058", "CVE-2010-0063", "CVE-2010-0065", "CVE-2010-0393", "CVE-2010-0497", "CVE-2010-0498", "CVE-2010-0500", "CVE-2010-0501", "CVE-2010-0502", "CVE-2010-0503", "CVE-2010-0504", "CVE-2010-0505", "CVE-2010-0506", "CVE-2010-0507", "CVE-2010-0508", "CVE-2010-0509", "CVE-2010-0510", "CVE-2010-0513", "CVE-2010-0521", "CVE-2010-0522", "CVE-2010-0523", "CVE-2010-0524", "CVE-2010-0525", "CVE-2010-0533"], "modified": "2018-07-16T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_SECUPD2010-002.NASL", "href": "https://www.tenable.com/plugins/nessus/45373", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\nif (!defined_func(\"bn_random\")) exit(0);\nif (NASL_LEVEL < 3000) exit(0);\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(45373);\n script_version(\"1.29\");\n script_cvs_date(\"Date: 2018/07/16 12:48:31\");\n\n script_cve_id(\n \"CVE-2003-0063\",\n \"CVE-2006-1329\",\n \"CVE-2008-0564\",\n \"CVE-2008-0888\",\n \"CVE-2008-2712\",\n \"CVE-2008-4101\",\n \"CVE-2008-5302\",\n \"CVE-2008-5303\",\n \"CVE-2008-5515\",\n \"CVE-2009-0033\",\n \"CVE-2009-0037\",\n \"CVE-2009-0316\",\n \"CVE-2009-0580\",\n \"CVE-2009-0688\",\n \"CVE-2009-0689\",\n \"CVE-2009-0781\",\n \"CVE-2009-0783\",\n \"CVE-2009-1904\",\n \"CVE-2009-2042\",\n \"CVE-2009-2417\",\n \"CVE-2009-2422\",\n \"CVE-2009-2632\",\n \"CVE-2009-2693\",\n \"CVE-2009-2801\",\n \"CVE-2009-2901\",\n \"CVE-2009-2902\",\n \"CVE-2009-2906\",\n \"CVE-2009-3009\",\n \"CVE-2009-3095\",\n \"CVE-2009-3557\",\n \"CVE-2009-3558\",\n \"CVE-2009-3559\",\n \"CVE-2009-4142\",\n \"CVE-2009-4143\",\n \"CVE-2009-4214\",\n \"CVE-2010-0041\",\n \"CVE-2010-0042\",\n \"CVE-2010-0055\",\n \"CVE-2010-0056\",\n \"CVE-2010-0057\",\n \"CVE-2010-0058\",\n \"CVE-2010-0063\",\n \"CVE-2010-0065\",\n \"CVE-2010-0393\",\n \"CVE-2010-0497\",\n \"CVE-2010-0498\",\n \"CVE-2010-0500\",\n \"CVE-2010-0501\",\n \"CVE-2010-0502\",\n \"CVE-2010-0503\",\n \"CVE-2010-0504\",\n \"CVE-2010-0505\",\n \"CVE-2010-0506\",\n \"CVE-2010-0507\",\n \"CVE-2010-0508\",\n \"CVE-2010-0509\",\n \"CVE-2010-0510\",\n \"CVE-2010-0513\",\n \"CVE-2010-0521\",\n \"CVE-2010-0522\",\n \"CVE-2010-0523\",\n \"CVE-2010-0524\",\n \"CVE-2010-0525\",\n \"CVE-2010-0533\"\n );\n script_bugtraq_id(\n 6940,\n 12767,\n 17155,\n 27630,\n 28288,\n 29715,\n 30795,\n 33447,\n 33962,\n 34961,\n 35193,\n 35196,\n 35233,\n 35263,\n 35278,\n 35416,\n 35510,\n 35579,\n 36032,\n 36278,\n 36296,\n 36377,\n 36554,\n 36555,\n 36573,\n 37142,\n 37389,\n 37390,\n 37942,\n 37944,\n 37945,\n 38524,\n 38676,\n 38677,\n 39151,\n 39156,\n 39157,\n 39169,\n 39170,\n 39171,\n 39172,\n 39175,\n 39194,\n 39231,\n 39232,\n 39234,\n 39245,\n 39252,\n 39255,\n 39256,\n 39264,\n 39268,\n 39273,\n 39274,\n 39277,\n 39279,\n 39281,\n 39289,\n 39290,\n 39292\n );\n\n script_name(english:\"Mac OS X Multiple Vulnerabilities (Security Update 2010-002)\");\n script_summary(english:\"Check for the presence of Security Update 2010-002\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host is missing a Mac OS X update that fixes various\nsecurity issues.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is running a version of Mac OS X 10.5 that does not\nhave Security Update 2010-002 applied.\n\nThis security update contains fixes for the following products :\n\n - AppKit\n - Application Firewall\n - AFP Server\n - Apache\n - ClamAV\n - CoreTypes\n - CUPS\n - curl\n - Cyrus IMAP\n - Cyrus SASL\n - Disk Images\n - Directory Services\n - Event Monitor\n - FreeRADIUS\n - FTP Server\n - iChat Server\n - Image RAW\n - Libsystem\n - Mail\n - Mailman\n - OS Services\n - Password Server\n - perl\n - PHP\n - PS Normalizer\n - Ruby\n - Server Admin\n - SMB\n - Tomcat\n - unzip\n - vim\n - Wiki Server\n - X11\n - xar\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://support.apple.com/kb/HT4077\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://lists.apple.com/archives/security-announce/2010/Mar/msg00001.html\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://www.securityfocus.com/advisories/19364\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install Security Update 2010-002 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 22, 79, 119, 189, 200, 264, 287, 310, 352, 362);\nscript_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/03/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/03/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/03/29\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/MacOSX/packages\", \"Host/uname\");\n\n exit(0);\n}\n\n\nuname = get_kb_item(\"Host/uname\");\nif (!uname) exit(1, \"The 'Host/uname' KB item is missing.\");\n\npat = \"^.+Darwin.* ([0-9]+\\.[0-9.]+).*$\";\nif (!ereg(pattern:pat, string:uname)) exit(1, \"Can't identify the Darwin kernel version from the uname output (\"+uname+\").\");\n\n\ndarwin = ereg_replace(pattern:pat, replace:\"\\1\", string:uname);\nif (ereg(pattern:\"^9\\.[0-8]\\.\", string:darwin))\n{\n packages = get_kb_item(\"Host/MacOSX/packages/boms\");\n if (!packages) exit(1, \"The 'Host/MacOSX/packages/boms' KB item is missing.\");\n\n if (egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security\\.(2010\\.00[2-9]|201[1-9]\\.[0-9]+)(\\.leopard)?\\.bom\", string:packages)) \n exit(0, \"The host has Security Update 2010-002 or later installed and therefore is not affected.\");\n else \n security_hole(0);\n}\nelse exit(0, \"The host is running Darwin kernel version \"+darwin+\" and therefore is not affected.\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-16T15:33:19", "description": "The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.3.\n\nMac OS X 10.6.3 contains security fixes for the following products :\n\n - AFP Server\n - Apache\n - CoreAudio\n - CoreMedia\n - CoreTypes\n - CUPS\n - DesktopServices\n - Disk Images\n - Directory Services\n - Dovecot\n - Event Monitor\n - FreeRADIUS\n - FTP Server\n - iChat Server\n - ImageIO\n - Image RAW\n - Libsystem\n - Mail\n - MySQL\n - OS Services\n - Password Server\n - PHP\n - Podcast Producer\n - Preferences\n - PS Normalizer\n - QuickTime\n - Ruby\n - Server Admin\n - SMB\n - Tomcat\n - Wiki Server\n - X11", "cvss3": {"score": null, "vector": null}, "published": "2010-03-29T00:00:00", "type": "nessus", "title": "Mac OS X 10.6.x < 10.6.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2003-0063", "CVE-2006-1329", "CVE-2008-4456", "CVE-2008-5515", "CVE-2008-7247", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0689", "CVE-2009-0781", "CVE-2009-0783", "CVE-2009-1904", "CVE-2009-2042", "CVE-2009-2417", "CVE-2009-2422", "CVE-2009-2446", "CVE-2009-2693", "CVE-2009-2901", "CVE-2009-2902", "CVE-2009-2906", "CVE-2009-3009", "CVE-2009-3095", "CVE-2009-3557", "CVE-2009-3558", "CVE-2009-3559", "CVE-2009-4017", "CVE-2009-4019", "CVE-2009-4030", "CVE-2009-4214", "CVE-2010-0041", "CVE-2010-0042", "CVE-2010-0043", "CVE-2010-0057", "CVE-2010-0059", "CVE-2010-0060", "CVE-2010-0062", "CVE-2010-0063", "CVE-2010-0064", "CVE-2010-0065", "CVE-2010-0393", "CVE-2010-0497", "CVE-2010-0498", "CVE-2010-0500", "CVE-2010-0501", "CVE-2010-0502", "CVE-2010-0504", "CVE-2010-0505", "CVE-2010-0507", "CVE-2010-0508", "CVE-2010-0509", "CVE-2010-0510", "CVE-2010-0511", "CVE-2010-0512", "CVE-2010-0513", "CVE-2010-0514", "CVE-2010-0515", "CVE-2010-0516", "CVE-2010-0517", "CVE-2010-0518", "CVE-2010-0519", "CVE-2010-0520", "CVE-2010-0521", "CVE-2010-0524", "CVE-2010-0525", "CVE-2010-0526", "CVE-2010-0533", "CVE-2010-0534", "CVE-2010-0535", "CVE-2010-0537"], "modified": "2018-07-16T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_10_6_3.NASL", "href": "https://www.tenable.com/plugins/nessus/45372", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\nif (!defined_func(\"bn_random\")) exit(0);\nif (NASL_LEVEL < 3000) exit(0);\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(45372);\n script_version(\"1.31\");\n script_cvs_date(\"Date: 2018/07/16 12:48:31\");\n\n script_cve_id(\n \"CVE-2003-0063\",\n \"CVE-2006-1329\",\n \"CVE-2008-4456\",\n \"CVE-2008-5515\",\n \"CVE-2008-7247\",\n \"CVE-2009-0033\",\n \"CVE-2009-0580\",\n \"CVE-2009-0689\",\n \"CVE-2009-0781\",\n \"CVE-2009-0783\",\n \"CVE-2009-1904\",\n \"CVE-2009-2042\",\n \"CVE-2009-2417\",\n \"CVE-2009-2422\",\n \"CVE-2009-2446\",\n \"CVE-2009-2693\",\n \"CVE-2009-2901\",\n \"CVE-2009-2902\",\n \"CVE-2009-2906\",\n \"CVE-2009-3009\",\n \"CVE-2009-3095\",\n \"CVE-2009-3557\",\n \"CVE-2009-3558\",\n \"CVE-2009-3559\",\n \"CVE-2009-4017\",\n \"CVE-2009-4019\",\n \"CVE-2009-4030\",\n \"CVE-2009-4214\",\n \"CVE-2010-0041\",\n \"CVE-2010-0042\",\n \"CVE-2010-0043\",\n \"CVE-2010-0057\",\n \"CVE-2010-0059\",\n \"CVE-2010-0060\",\n \"CVE-2010-0062\",\n \"CVE-2010-0063\",\n \"CVE-2010-0064\",\n \"CVE-2010-0065\",\n \"CVE-2010-0393\",\n \"CVE-2010-0497\",\n \"CVE-2010-0498\",\n \"CVE-2010-0500\",\n \"CVE-2010-0501\",\n \"CVE-2010-0502\",\n \"CVE-2010-0504\",\n \"CVE-2010-0505\",\n \"CVE-2010-0507\",\n \"CVE-2010-0508\",\n \"CVE-2010-0509\",\n \"CVE-2010-0510\",\n \"CVE-2010-0511\",\n \"CVE-2010-0512\",\n \"CVE-2010-0513\",\n \"CVE-2010-0514\",\n \"CVE-2010-0515\",\n \"CVE-2010-0516\",\n \"CVE-2010-0517\",\n \"CVE-2010-0518\",\n \"CVE-2010-0519\",\n \"CVE-2010-0520\",\n \"CVE-2010-0521\",\n \"CVE-2010-0524\",\n \"CVE-2010-0525\",\n \"CVE-2010-0526\",\n \"CVE-2010-0533\",\n \"CVE-2010-0534\",\n \"CVE-2010-0535\",\n \"CVE-2010-0537\"\n );\n script_bugtraq_id(\n 6940,\n 17155,\n 31486,\n 35193,\n 35196,\n 35233,\n 35263,\n 35278,\n 35416,\n 35510,\n 35579,\n 35609,\n 36032,\n 36278,\n 36554,\n 36555,\n 36573,\n 37075,\n 37142,\n 37297,\n 37942,\n 37944,\n 37945,\n 38043,\n 38524,\n 38673,\n 38676,\n 38677,\n 39151,\n 39153,\n 39157,\n 39160,\n 39161,\n 39171,\n 39172,\n 39175,\n 39194,\n 39230,\n 39231,\n 39232,\n 39234,\n 39236,\n 39252,\n 39255,\n 39256,\n 39258,\n 39264,\n 39268,\n 39273,\n 39274,\n 39278,\n 39279,\n 39281,\n 39291\n );\n\n script_name(english:\"Mac OS X 10.6.x < 10.6.3 Multiple Vulnerabilities\");\n script_summary(english:\"Check the version of Mac OS X\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host is missing a Mac OS X update that fixes various\nsecurity issues.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is running a version of Mac OS X 10.6.x that is prior\nto 10.6.3.\n\nMac OS X 10.6.3 contains security fixes for the following products :\n\n - AFP Server\n - Apache\n - CoreAudio\n - CoreMedia\n - CoreTypes\n - CUPS\n - DesktopServices\n - Disk Images\n - Directory Services\n - Dovecot\n - Event Monitor\n - FreeRADIUS\n - FTP Server\n - iChat Server\n - ImageIO\n - Image RAW\n - Libsystem\n - Mail\n - MySQL\n - OS Services\n - Password Server\n - PHP\n - Podcast Producer\n - Preferences\n - PS Normalizer\n - QuickTime\n - Ruby\n - Server Admin\n - SMB\n - Tomcat\n - Wiki Server\n - X11\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://support.apple.com/kb/HT4077\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://lists.apple.com/archives/security-announce/2010/Mar/msg00001.html\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://www.securityfocus.com/advisories/19364\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade to Mac OS X 10.6.3 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 22, 59, 79, 119, 134, 189, 200, 264, 287, 310);\nscript_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/03/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/03/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/03/29\");\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n \n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n \n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n\n exit(0);\n}\n\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n{\n os = get_kb_item(\"Host/OS\");\n c = get_kb_item(\"Host/OS/Confidence\");\n if ( isnull(os) || c <= 70 ) exit(0);\n}\nif (!os) exit(1, \"The 'Host/OS' KB item is missing.\");\n\n\nif (ereg(pattern:\"Mac OS X 10\\.6($|\\.[0-2]([^0-9]|$))\", string:os)) security_hole(0);\nelse exit(0, \"The host is not affected as it is running \"+os+\".\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:04:50", "description": "The remote host is running a version of Mac OS X 10.6 that is older than version 10.6.3. Mac OS X 10.6.3 contains security fixes for the following products :\n\n - AFP Server\n\n - Apache\n\n - CoreAudio\n\n - CoreMedia\n\n - CoreTypes\n\n - CUPS\n\n - DesktopServices\n\n - Disk Images\n\n - Directory Services\n\n - Dovecot\n\n - Event Monitor\n\n - FreeRADIUS\n\n - FTP Server\n\n - iChat Server\n\n - ImageIO\n\n - Image RAW\n\n - Libsystem\n\n - Mail\n\n - MySQL\n\n - OS Services\n\n - Password Server\n\n - PHP\n\n - Podcast Producer\n\n - Preferences\n\n - PS Normalizer\n\n - QuickTime\n\n - Ruby\n\n - Server Admin\n\n - SMB\n\n - Tomcat\n\n - Wiki Server\n\n - X11", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2010-03-30T00:00:00", "type": "nessus", "title": "Mac OS X < 10.6.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0580", "CVE-2009-2042", "CVE-2009-4017", "CVE-2009-0689", "CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0783", "CVE-2008-7247", "CVE-2009-4019", "CVE-2009-4030", "CVE-2008-4456", "CVE-2009-2446", "CVE-2009-0781", "CVE-2009-2693", "CVE-2009-2902", "CVE-2003-0063", "CVE-2009-1904", "CVE-2009-2417", "CVE-2009-2906", "CVE-2009-3095", "CVE-2006-1329", "CVE-2009-2901", "CVE-2010-0393", "CVE-2010-0500", "CVE-2009-4214", "CVE-2010-0509", "CVE-2010-0513", "CVE-2010-0520", "CVE-2010-0526", "CVE-2010-0512", "CVE-2010-0059", "CVE-2010-0057", "CVE-2010-0517", "CVE-2010-0519", "CVE-2009-3557", "CVE-2009-3558", "CVE-2009-3009", "CVE-2010-0504", "CVE-2010-0516", "CVE-2009-2422", "CVE-2009-3559", "CVE-2010-0041", "CVE-2010-0042", "CVE-2010-0043", "CVE-2010-0060", "CVE-2010-0062", "CVE-2010-0063", "CVE-2010-0064", "CVE-2010-0065", "CVE-2010-0497", "CVE-2010-0498", "CVE-2010-0501", "CVE-2010-0502", "CVE-2010-0505", "CVE-2010-0507", "CVE-2010-0508", "CVE-2010-0510", "CVE-2010-0511", "CVE-2010-0514", "CVE-2010-0515", "CVE-2010-0518", "CVE-2010-0521", "CVE-2010-0524", "CVE-2010-0525", "CVE-2010-0533", "CVE-2010-0534", "CVE-2010-0535", "CVE-2010-0537"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"], "id": "5489.PRM", "href": "https://www.tenable.com/plugins/nnm/5489", "sourceData": "Binary data 5489.prm", "cvss": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2021-06-08T18:46:48", "description": "Denial of service, restrictions bypass.", "edition": 2, "cvss3": {}, "published": "2010-03-31T00:00:00", "title": "Apache mod_proxy_ftp multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095"], "modified": "2010-03-31T00:00:00", "id": "SECURITYVULNS:VULN:10253", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10253", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:31", "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2009:240\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : apache\r\n Date : September 22, 2009\r\n Affected: 2008.1, 2009.0, 2009.1, Corporate 3.0, Corporate 4.0,\r\n Enterprise Server 5.0, Multi Network Firewall 2.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple vulnerabilities was discovered and corrected in apache:\r\n \r\n The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in\r\n the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13\r\n allows remote FTP servers to cause a denial of service (NULL pointer\r\n dereference and child process crash) via a malformed reply to an EPSV\r\n command (CVE-2009-3094).\r\n \r\n The mod_proxy_ftp module in the Apache HTTP Server allows remote\r\n attackers to bypass intended access restrictions and send arbitrary\r\n commands to an FTP server via vectors related to the embedding of these\r\n commands in the Authorization HTTP header, as demonstrated by a certain\r\n module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903,\r\n this disclosure has no actionable information. However, because the\r\n VulnDisco Pack author is a reliable researcher, the issue is being\r\n assigned a CVE identifier for tracking purposes (CVE-2009-3095).\r\n \r\n This update provides a solution to these vulnerabilities.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2008.1:\r\n b865917ec5804c1068f4dae3b4deadee 2008.1/i586/apache-base-2.2.8-6.6mdv2008.1.i586.rpm\r\n 3382a16cb01ca1179537eff6f899f1fb 2008.1/i586/apache-devel-2.2.8-6.6mdv2008.1.i586.rpm\r\n 26ea118658dc23c1359b1d50bc1e6dfa 2008.1/i586/apache-htcacheclean-2.2.8-6.6mdv2008.1.i586.rpm\r\n cc1746c6c5799a0459ae7010af4ce08d 2008.1/i586/apache-mod_authn_dbd-2.2.8-6.6mdv2008.1.i586.rpm\r\n 07b5578585ea4752a17d569d67fda061 2008.1/i586/apache-mod_cache-2.2.8-6.6mdv2008.1.i586.rpm\r\n 12b156fdfabcbb10e1a2ceea944091ac 2008.1/i586/apache-mod_dav-2.2.8-6.6mdv2008.1.i586.rpm\r\n 16c16076bfff7177b77adf64fa1d2eed 2008.1/i586/apache-mod_dbd-2.2.8-6.6mdv2008.1.i586.rpm\r\n 2dd909dc679716203abac0c7a7d1077f 2008.1/i586/apache-mod_deflate-2.2.8-6.6mdv2008.1.i586.rpm\r\n 8f88aadc7044c98c78c905c486f3180f 2008.1/i586/apache-mod_disk_cache-2.2.8-6.6mdv2008.1.i586.rpm\r\n d5e12af24d9777d5acdf08dd4a118dec 2008.1/i586/apache-mod_file_cache-2.2.8-6.6mdv2008.1.i586.rpm\r\n 291104b1e3a05b3a0e2141882227c052 2008.1/i586/apache-mod_ldap-2.2.8-6.6mdv2008.1.i586.rpm\r\n 6b54c193c0c5064529178d6be2f81f43 2008.1/i586/apache-mod_mem_cache-2.2.8-6.6mdv2008.1.i586.rpm\r\n 7ddc212cbbffd2dee292f7512de90e86 2008.1/i586/apache-mod_proxy-2.2.8-6.6mdv2008.1.i586.rpm\r\n ae84af9783875618fd1848b781d2222f 2008.1/i586/apache-mod_proxy_ajp-2.2.8-6.6mdv2008.1.i586.rpm\r\n a2f6d0316000ed257556a0c4540acd8d 2008.1/i586/apache-mod_ssl-2.2.8-6.6mdv2008.1.i586.rpm\r\n 669cb5889e73dad16a7fcfd4a191fa43 2008.1/i586/apache-modules-2.2.8-6.6mdv2008.1.i586.rpm\r\n 970ba0052d2c2bb39a432ef3d8ae76c0 2008.1/i586/apache-mod_userdir-2.2.8-6.6mdv2008.1.i586.rpm\r\n bb4472e86064306427c4b0b6b851949a 2008.1/i586/apache-mpm-event-2.2.8-6.6mdv2008.1.i586.rpm\r\n 2a99c27d18868a53ccccd7396c8ae0ed 2008.1/i586/apache-mpm-itk-2.2.8-6.6mdv2008.1.i586.rpm\r\n 7058d988f0970c2d3495a7b8f62cd739 2008.1/i586/apache-mpm-prefork-2.2.8-6.6mdv2008.1.i586.rpm\r\n dc62eb33b90415f984771b8ae51de344 2008.1/i586/apache-mpm-worker-2.2.8-6.6mdv2008.1.i586.rpm\r\n fac3c9f3236ca19275d72b6bc2ac0ea5 2008.1/i586/apache-source-2.2.8-6.6mdv2008.1.i586.rpm \r\n 513f1af23221c8306184f9217e4e9d77 2008.1/SRPMS/apache-2.2.8-6.6mdv2008.1.src.rpm\r\n\r\n Mandriva Linux 2008.1/X86_64:\r\n 0de99050ec101a7019c620afe7751c3e 2008.1/x86_64/apache-base-2.2.8-6.6mdv2008.1.x86_64.rpm\r\n fda1307cbaa8e9d365c7478c58c61f36 2008.1/x86_64/apache-devel-2.2.8-6.6mdv2008.1.x86_64.rpm\r\n 389ca4d669e5808ce749ac7686d835e1 2008.1/x86_64/apache-htcacheclean-2.2.8-6.6mdv2008.1.x86_64.rpm\r\n 5f7c25a2215c28725a26efd9cbe56ac5 2008.1/x86_64/apache-mod_authn_dbd-2.2.8-6.6mdv2008.1.x86_64.rpm\r\n db926bb9454a9736700eb60c345ebc4a 2008.1/x86_64/apache-mod_cache-2.2.8-6.6mdv2008.1.x86_64.rpm\r\n 89cd5d9845b920e31998e8fdc01dad8b 2008.1/x86_64/apache-mod_dav-2.2.8-6.6mdv2008.1.x86_64.rpm\r\n 7ee6279b21c81c02b18873ec3b72bcf9 2008.1/x86_64/apache-mod_dbd-2.2.8-6.6mdv2008.1.x86_64.rpm\r\n e5c01948994078fab2ea68f78879d880 2008.1/x86_64/apache-mod_deflate-2.2.8-6.6mdv2008.1.x86_64.rpm\r\n a2a354631fc1e99a9f0ae64484801da0 2008.1/x86_64/apache-mod_disk_cache-2.2.8-6.6mdv2008.1.x86_64.rpm\r\n cd2037caa04f8be83ad5790e97dc88b4 2008.1/x86_64/apache-mod_file_cache-2.2.8-6.6mdv2008.1.x86_64.rpm\r\n cdaa255d59324e3b9822b8b903b8d177 2008.1/x86_64/apache-mod_ldap-2.2.8-6.6mdv2008.1.x86_64.rpm\r\n 1166e9088128fdc1e589275bf6f2b679 2008.1/x86_64/apache-mod_mem_cache-2.2.8-6.6mdv2008.1.x86_64.rpm\r\n e091c0bdd8bdb97b1cd913a1368950e1 2008.1/x86_64/apache-mod_proxy-2.2.8-6.6mdv2008.1.x86_64.rpm\r\n 60dab3cd770a69cccae57a5aac6445f4 2008.1/x86_64/apache-mod_proxy_ajp-2.2.8-6.6mdv2008.1.x86_64.rpm\r\n 07e1a2e62e8c5df8467c8addfdbb2f2c 2008.1/x86_64/apache-mod_ssl-2.2.8-6.6mdv2008.1.x86_64.rpm\r\n 3e15d9b5d0f40124284fa0d73aff058e 2008.1/x86_64/apache-modules-2.2.8-6.6mdv2008.1.x86_64.rpm\r\n ecf1f44a996a839c3051ed867491a2c7 2008.1/x86_64/apache-mod_userdir-2.2.8-6.6mdv2008.1.x86_64.rpm\r\n ae4bc09512071a3c9ab7d2ab6d788781 2008.1/x86_64/apache-mpm-event-2.2.8-6.6mdv2008.1.x86_64.rpm\r\n 8a4193781137f85102049fb0a47822cf 2008.1/x86_64/apache-mpm-itk-2.2.8-6.6mdv2008.1.x86_64.rpm\r\n c61fd3ec337f89fe5d9d5196baa83e22 2008.1/x86_64/apache-mpm-prefork-2.2.8-6.6mdv2008.1.x86_64.rpm\r\n bc7c9a2b44fcc7284b444537a45dd3c5 2008.1/x86_64/apache-mpm-worker-2.2.8-6.6mdv2008.1.x86_64.rpm\r\n 85d48e525b1afbbd49911dd9a7cc9a40 2008.1/x86_64/apache-source-2.2.8-6.6mdv2008.1.x86_64.rpm \r\n 513f1af23221c8306184f9217e4e9d77 2008.1/SRPMS/apache-2.2.8-6.6mdv2008.1.src.rpm\r\n\r\n Mandriva Linux 2009.0:\r\n c5ec34722ee57597667234c405db75d7 2009.0/i586/apache-base-2.2.9-12.4mdv2009.0.i586.rpm\r\n b9ae1557345814d3a1280e0ed46b2638 2009.0/i586/apache-devel-2.2.9-12.4mdv2009.0.i586.rpm\r\n 2138965af1405d56ea4bb876584b2298 2009.0/i586/apache-htcacheclean-2.2.9-12.4mdv2009.0.i586.rpm\r\n 54407b257de190d12c3f59f1c5e139ba 2009.0/i586/apache-mod_authn_dbd-2.2.9-12.4mdv2009.0.i586.rpm\r\n 171efeacf9e54e73d8de109810d826b7 2009.0/i586/apache-mod_cache-2.2.9-12.4mdv2009.0.i586.rpm\r\n b940e3f6e15a832f575e4a376308b1ab 2009.0/i586/apache-mod_dav-2.2.9-12.4mdv2009.0.i586.rpm\r\n 48b467b5f508b442873fc6f597a43537 2009.0/i586/apache-mod_dbd-2.2.9-12.4mdv2009.0.i586.rpm\r\n afbd9b0c070d3bf6e18ee977251b2a99 2009.0/i586/apache-mod_deflate-2.2.9-12.4mdv2009.0.i586.rpm\r\n dee2c05491983591ce1b9e09d99eb943 2009.0/i586/apache-mod_disk_cache-2.2.9-12.4mdv2009.0.i586.rpm\r\n 26d2629085d634d5475887a8b01eebfc 2009.0/i586/apache-mod_file_cache-2.2.9-12.4mdv2009.0.i586.rpm\r\n 32fd45b392c99dc54b133868371be783 2009.0/i586/apache-mod_ldap-2.2.9-12.4mdv2009.0.i586.rpm\r\n 2451b2d7e870856d4a5c53e0ecef597a 2009.0/i586/apache-mod_mem_cache-2.2.9-12.4mdv2009.0.i586.rpm\r\n 6a30e6cacd2f1064108355819c4fbf99 2009.0/i586/apache-mod_proxy-2.2.9-12.4mdv2009.0.i586.rpm\r\n 076cc7b78371ac7430cbe367ec2241b6 2009.0/i586/apache-mod_proxy_ajp-2.2.9-12.4mdv2009.0.i586.rpm\r\n fd22f6fdc989c7b2770cae52b47573b1 2009.0/i586/apache-mod_ssl-2.2.9-12.4mdv2009.0.i586.rpm\r\n fd91432d688e84493e29df5f1b94254c 2009.0/i586/apache-modules-2.2.9-12.4mdv2009.0.i586.rpm\r\n ad930e78ebd7eb479a55fc2412007538 2009.0/i586/apache-mod_userdir-2.2.9-12.4mdv2009.0.i586.rpm\r\n a655e1867342c72c06cda1a3785403d6 2009.0/i586/apache-mpm-event-2.2.9-12.4mdv2009.0.i586.rpm\r\n 06a11aac0338ce71201fe18c9114fbfd 2009.0/i586/apache-mpm-itk-2.2.9-12.4mdv2009.0.i586.rpm\r\n 08433823cce331430b901444d8ffcf1e 2009.0/i586/apache-mpm-peruser-2.2.9-12.4mdv2009.0.i586.rpm\r\n 72e2a271210ba47c5a130369954353c6 2009.0/i586/apache-mpm-prefork-2.2.9-12.4mdv2009.0.i586.rpm\r\n e4cbaf9d9b732f4ff2825b0b27e48769 2009.0/i586/apache-mpm-worker-2.2.9-12.4mdv2009.0.i586.rpm\r\n b0497cf8c8b0476c41b937c27851023f 2009.0/i586/apache-source-2.2.9-12.4mdv2009.0.i586.rpm \r\n 594368092d58bc6c415fcb1649efd94b 2009.0/SRPMS/apache-2.2.9-12.4mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.0/X86_64:\r\n e2b71f87bba1151e83ed453309a47144 2009.0/x86_64/apache-base-2.2.9-12.4mdv2009.0.x86_64.rpm\r\n de5e1e92cf5b5482ddd5f942f8f9c1ff 2009.0/x86_64/apache-devel-2.2.9-12.4mdv2009.0.x86_64.rpm\r\n 6c042004a8f470d63ce86d6a34bd44a6 2009.0/x86_64/apache-htcacheclean-2.2.9-12.4mdv2009.0.x86_64.rpm\r\n d4d34a97667c30cf83670530305d62c9 2009.0/x86_64/apache-mod_authn_dbd-2.2.9-12.4mdv2009.0.x86_64.rpm\r\n fc504152858b0425bc563621764eeaa4 2009.0/x86_64/apache-mod_cache-2.2.9-12.4mdv2009.0.x86_64.rpm\r\n e4055bdb142db9c45dfa7f547ec3ba6d 2009.0/x86_64/apache-mod_dav-2.2.9-12.4mdv2009.0.x86_64.rpm\r\n 4359443f93a0dc002cf1ec15d9eac5db 2009.0/x86_64/apache-mod_dbd-2.2.9-12.4mdv2009.0.x86_64.rpm\r\n 35d5c7970829d90afdf282947ca0e960 2009.0/x86_64/apache-mod_deflate-2.2.9-12.4mdv2009.0.x86_64.rpm\r\n 72d7421a725210fd802d3acaff9b3035 2009.0/x86_64/apache-mod_disk_cache-2.2.9-12.4mdv2009.0.x86_64.rpm\r\n 8ba18a3ee4d15ae23f23a7e9a9701224 2009.0/x86_64/apache-mod_file_cache-2.2.9-12.4mdv2009.0.x86_64.rpm\r\n 1b5be60d31202e729202bd67dc8f9f0b 2009.0/x86_64/apache-mod_ldap-2.2.9-12.4mdv2009.0.x86_64.rpm\r\n e4a3227242c4c1bb302545d600884f2a 2009.0/x86_64/apache-mod_mem_cache-2.2.9-12.4mdv2009.0.x86_64.rpm\r\n 1cbad3e8328a562ddb086344588c0e6e 2009.0/x86_64/apache-mod_proxy-2.2.9-12.4mdv2009.0.x86_64.rpm\r\n 083d83719b885315888f29f8a6670223 2009.0/x86_64/apache-mod_proxy_ajp-2.2.9-12.4mdv2009.0.x86_64.rpm\r\n 704236873487b8d7e6b0729756a4b666 2009.0/x86_64/apache-mod_ssl-2.2.9-12.4mdv2009.0.x86_64.rpm\r\n dc5c26dd044ecce36d17daa14598039a 2009.0/x86_64/apache-modules-2.2.9-12.4mdv2009.0.x86_64.rpm\r\n 80bc7faf459930cbc4de0b97cb63cffc 2009.0/x86_64/apache-mod_userdir-2.2.9-12.4mdv2009.0.x86_64.rpm\r\n 5761a428043515b5ae452117ca5ac360 2009.0/x86_64/apache-mpm-event-2.2.9-12.4mdv2009.0.x86_64.rpm\r\n 7b48917bbc9cc5d3705f277ac1365af8 2009.0/x86_64/apache-mpm-itk-2.2.9-12.4mdv2009.0.x86_64.rpm\r\n 5612e49a5a0387e8e97f1a0b2afd9f62 2009.0/x86_64/apache-mpm-peruser-2.2.9-12.4mdv2009.0.x86_64.rpm\r\n 5f5e79a45aeb74f25f8325578bdbdd39 2009.0/x86_64/apache-mpm-prefork-2.2.9-12.4mdv2009.0.x86_64.rpm\r\n 80eb4d8d9cf08a047367fc1398ac469b 2009.0/x86_64/apache-mpm-worker-2.2.9-12.4mdv2009.0.x86_64.rpm\r\n 626672c4b9c8ddd62feb17f566a6bf6f 2009.0/x86_64/apache-source-2.2.9-12.4mdv2009.0.x86_64.rpm \r\n 594368092d58bc6c415fcb1649efd94b 2009.0/SRPMS/apache-2.2.9-12.4mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.1:\r\n c17cd8ab669a17cba9760e77142bf60b 2009.1/i586/apache-base-2.2.11-10.5mdv2009.1.i586.rpm\r\n 98a61b074f88b7580403c5c0afb1b219 2009.1/i586/apache-devel-2.2.11-10.5mdv2009.1.i586.rpm\r\n 2b640acdac11ffdc4856b64cc7a0acef 2009.1/i586/apache-htcacheclean-2.2.11-10.5mdv2009.1.i586.rpm\r\n 10fc7bf067f58e36a03e288e03f4cdeb 2009.1/i586/apache-mod_authn_dbd-2.2.11-10.5mdv2009.1.i586.rpm\r\n 87ae22e6438fe7b9b6c17cb31ca4fc9c 2009.1/i586/apache-mod_cache-2.2.11-10.5mdv2009.1.i586.rpm\r\n 9a528c9f15dce1bcec22b20190631417 2009.1/i586/apache-mod_dav-2.2.11-10.5mdv2009.1.i586.rpm\r\n 5d4fa1671158b0a8128c647d4411e2d2 2009.1/i586/apache-mod_dbd-2.2.11-10.5mdv2009.1.i586.rpm\r\n 75e34f4a669f1bec4977dff0b8457259 2009.1/i586/apache-mod_deflate-2.2.11-10.5mdv2009.1.i586.rpm\r\n 3e4b7f9514709326af609c3ead9faf3c 2009.1/i586/apache-mod_disk_cache-2.2.11-10.5mdv2009.1.i586.rpm\r\n 43c78675c0af5f76a3341829508a3a17 2009.1/i586/apache-mod_file_cache-2.2.11-10.5mdv2009.1.i586.rpm\r\n aedf5568b44d9b0347a7eaab3cda2e3e 2009.1/i586/apache-mod_ldap-2.2.11-10.5mdv2009.1.i586.rpm\r\n 3e226a1347c46480aead1d0fd87ae528 2009.1/i586/apache-mod_mem_cache-2.2.11-10.5mdv2009.1.i586.rpm\r\n f1b78d31c463530ffdc04275feacd1a4 2009.1/i586/apache-mod_proxy-2.2.11-10.5mdv2009.1.i586.rpm\r\n 810e850b9e07a075f380d6621b64e1e1 2009.1/i586/apache-mod_proxy_ajp-2.2.11-10.5mdv2009.1.i586.rpm\r\n 7f67d996b39be35de754b8b9d02d5c83 2009.1/i586/apache-mod_ssl-2.2.11-10.5mdv2009.1.i586.rpm\r\n b2b899571166ca466929c0c94f61f5f9 2009.1/i586/apache-modules-2.2.11-10.5mdv2009.1.i586.rpm\r\n d8c815dcf084c29799cbeeea0e69263c 2009.1/i586/apache-mod_userdir-2.2.11-10.5mdv2009.1.i586.rpm\r\n ee4f3496709230e0c3d83716909f5c2f 2009.1/i586/apache-mpm-event-2.2.11-10.5mdv2009.1.i586.rpm\r\n 52f0e6cf82ba463fb4625377d19a76c8 2009.1/i586/apache-mpm-itk-2.2.11-10.5mdv2009.1.i586.rpm\r\n 8000508034394610b164bc56355ba1db 2009.1/i586/apache-mpm-peruser-2.2.11-10.5mdv2009.1.i586.rpm\r\n 885c8ea06bb212926e2a967fdf761a52 2009.1/i586/apache-mpm-prefork-2.2.11-10.5mdv2009.1.i586.rpm\r\n 311d501b46b891192eee47d6fda68ebb 2009.1/i586/apache-mpm-worker-2.2.11-10.5mdv2009.1.i586.rpm\r\n d62c249dcf44955b5339f5360c1284c8 2009.1/i586/apache-source-2.2.11-10.5mdv2009.1.i586.rpm \r\n 5b8ad766a28f615d34c3d331b44c9108 2009.1/SRPMS/apache-2.2.11-10.5mdv2009.1.src.rpm\r\n\r\n Mandriva Linux 2009.1/X86_64:\r\n e2cde6238602ada53dd90fb4f5f55b7a 2009.1/x86_64/apache-base-2.2.11-10.5mdv2009.1.x86_64.rpm\r\n 5cc191acac0e3dcecd51f25f6f1909ce 2009.1/x86_64/apache-devel-2.2.11-10.5mdv2009.1.x86_64.rpm\r\n fd30135b78e922425cc1e7f8f701d5db 2009.1/x86_64/apache-htcacheclean-2.2.11-10.5mdv2009.1.x86_64.rpm\r\n f09943e49969847df6995fc4d58da437 2009.1/x86_64/apache-mod_authn_dbd-2.2.11-10.5mdv2009.1.x86_64.rpm\r\n 5e81bc3be767708f6fef6d8cd5b6be6f 2009.1/x86_64/apache-mod_cache-2.2.11-10.5mdv2009.1.x86_64.rpm\r\n 03da263aa31d8ebd455db44883a45a64 2009.1/x86_64/apache-mod_dav-2.2.11-10.5mdv2009.1.x86_64.rpm\r\n b472dd0a387772fa8c3ce6439e653643 2009.1/x86_64/apache-mod_dbd-2.2.11-10.5mdv2009.1.x86_64.rpm\r\n acf058e860f2e768514f36bcad3b8091 2009.1/x86_64/apache-mod_deflate-2.2.11-10.5mdv2009.1.x86_64.rpm\r\n 53306e73e173ffbe704f1033da19945e 2009.1/x86_64/apache-mod_disk_cache-2.2.11-10.5mdv2009.1.x86_64.rpm\r\n 585e195f7221cf27372827b4692dfbcd 2009.1/x86_64/apache-mod_file_cache-2.2.11-10.5mdv2009.1.x86_64.rpm\r\n f212268559a4ffb8bb216924fa4e18f6 2009.1/x86_64/apache-mod_ldap-2.2.11-10.5mdv2009.1.x86_64.rpm\r\n ee9af3babe946e481fbce4a5fc6b5b7d 2009.1/x86_64/apache-mod_mem_cache-2.2.11-10.5mdv2009.1.x86_64.rpm\r\n 59b85b256025d660cfc5f0bb1c27e566 2009.1/x86_64/apache-mod_proxy-2.2.11-10.5mdv2009.1.x86_64.rpm\r\n 0f6b0761688e8f20d8396ea17e96e181 2009.1/x86_64/apache-mod_proxy_ajp-2.2.11-10.5mdv2009.1.x86_64.rpm\r\n 194b62d34591b5cfcc72fe149dbe0409 2009.1/x86_64/apache-mod_ssl-2.2.11-10.5mdv2009.1.x86_64.rpm\r\n 3d646f88588da11177127b68bb33a4c3 2009.1/x86_64/apache-modules-2.2.11-10.5mdv2009.1.x86_64.rpm\r\n bf73a16e55833a99dee6b470f02b9ca6 2009.1/x86_64/apache-mod_userdir-2.2.11-10.5mdv2009.1.x86_64.rpm\r\n e27ed1fa3691dfd0de0437326187a26d 2009.1/x86_64/apache-mpm-event-2.2.11-10.5mdv2009.1.x86_64.rpm\r\n 7a657a71ae711e1b35f78217f231282d 2009.1/x86_64/apache-mpm-itk-2.2.11-10.5mdv2009.1.x86_64.rpm\r\n 2e0ec0bbe0596fdd05520cc8fcc61e70 2009.1/x86_64/apache-mpm-peruser-2.2.11-10.5mdv2009.1.x86_64.rpm\r\n f2317c05245721e3c6a9fe66dba08a38 2009.1/x86_64/apache-mpm-prefork-2.2.11-10.5mdv2009.1.x86_64.rpm\r\n 3035fe5b5b0152343e2b2fe10d3b55ba 2009.1/x86_64/apache-mpm-worker-2.2.11-10.5mdv2009.1.x86_64.rpm\r\n ec79d7c7dbb2362a07ca38aa0708ce9b 2009.1/x86_64/apache-source-2.2.11-10.5mdv2009.1.x86_64.rpm \r\n 5b8ad766a28f615d34c3d331b44c9108 2009.1/SRPMS/apache-2.2.11-10.5mdv2009.1.src.rpm\r\n\r\n Corporate 3.0:\r\n 5436673d6ab78947465e70d8dee79456 corporate/3.0/i586/apache2-2.0.48-6.23.C30mdk.i586.rpm\r\n b2d4f1241d5bc085e92aad3d7ef26456 corporate/3.0/i586/apache2-common-2.0.48-6.23.C30mdk.i586.rpm\r\n ad0b8bdd7aa0a8b2db824034d6aa5cf8 corporate/3.0/i586/apache2-devel-2.0.48-6.23.C30mdk.i586.rpm\r\n ab8e3ffb79ecabb4c1e450e2107471cd corporate/3.0/i586/apache2-manual-2.0.48-6.23.C30mdk.i586.rpm\r\n c82f4d247a708aa09c93dbcb59609c2f corporate/3.0/i586/apache2-mod_cache-2.0.48-6.23.C30mdk.i586.rpm\r\n 44f44019fd5e316ae0f7c8a746c4e66d corporate/3.0/i586/apache2-mod_dav-2.0.48-6.23.C30mdk.i586.rpm\r\n ccfe5e3a10ffbafafcf56e905b7ff908 corporate/3.0/i586/apache2-mod_deflate-2.0.48-6.23.C30mdk.i586.rpm\r\n 5108507c2742a474da066333415383e2 corporate/3.0/i586/apache2-mod_disk_cache-2.0.48-6.23.C30mdk.i586.rpm\r\n 23cdb3a0356a779453c74d2f4f34e7ed corporate/3.0/i586/apache2-mod_file_cache-2.0.48-6.23.C30mdk.i586.rpm\r\n 7eefab6e351f0a67dca2437710f97951 corporate/3.0/i586/apache2-mod_ldap-2.0.48-6.23.C30mdk.i586.rpm\r\n 47f761caeddd9f904077a1158f3a339c corporate/3.0/i586/apache2-mod_mem_cache-2.0.48-6.23.C30mdk.i586.rpm\r\n 82e72e476bd29339678b3e59c6549ada corporate/3.0/i586/apache2-mod_proxy-2.0.48-6.23.C30mdk.i586.rpm\r\n 55ab233eff17c0cb2840966293c52500 corporate/3.0/i586/apache2-mod_ssl-2.0.48-6.23.C30mdk.i586.rpm\r\n 6db15f4ab39bc40141dafadbdeaf51a3 corporate/3.0/i586/apache2-modules-2.0.48-6.23.C30mdk.i586.rpm\r\n 066739074236d4ff4c96cf90f9547964 corporate/3.0/i586/apache2-source-2.0.48-6.23.C30mdk.i586.rpm\r\n c0caae08ad8a1707460708e836cfefd3 corporate/3.0/i586/libapr0-2.0.48-6.23.C30mdk.i586.rpm \r\n 6e26bbf1feed3120aac1b93edac0c997 corporate/3.0/SRPMS/apache2-2.0.48-6.23.C30mdk.src.rpm\r\n\r\n Corporate 3.0/X86_64:\r\n 05e3cdaa803fc010eae66e30b1948a11 corporate/3.0/x86_64/apache2-2.0.48-6.23.C30mdk.x86_64.rpm\r\n ddb9b855ba8cd03a8d6448f3978c3664 corporate/3.0/x86_64/apache2-common-2.0.48-6.23.C30mdk.x86_64.rpm\r\n bd6fbcde21df336f11c90651270d7af6 corporate/3.0/x86_64/apache2-devel-2.0.48-6.23.C30mdk.x86_64.rpm\r\n 5b5e718d475a0af1119486400369fc55 corporate/3.0/x86_64/apache2-manual-2.0.48-6.23.C30mdk.x86_64.rpm\r\n b87b7ee3099f380f821ccbee84ec5e82 corporate/3.0/x86_64/apache2-mod_cache-2.0.48-6.23.C30mdk.x86_64.rpm\r\n 9b0bd5e6514f1f94f30e9a5d784fc5b6 corporate/3.0/x86_64/apache2-mod_dav-2.0.48-6.23.C30mdk.x86_64.rpm\r\n f6956d7d13c8443177e2846b79f0ee60 corporate/3.0/x86_64/apache2-mod_deflate-2.0.48-6.23.C30mdk.x86_64.rpm\r\n 43b66df151d258912227a02d73a8d15d corporate/3.0/x86_64/apache2-mod_disk_cache-2.0.48-6.23.C30mdk.x86_64.rpm\r\n 3470ef9feb59dc419509cbc366666df2 corporate/3.0/x86_64/apache2-mod_file_cache-2.0.48-6.23.C30mdk.x86_64.rpm\r\n 1a6deb9ea6c5f0420827cdf40348868e corporate/3.0/x86_64/apache2-mod_ldap-2.0.48-6.23.C30mdk.x86_64.rpm\r\n 6bf18f7da7489a5c761fdec7e1db40de corporate/3.0/x86_64/apache2-mod_mem_cache-2.0.48-6.23.C30mdk.x86_64.rpm\r\n 57a6ddf1d09fb12d31bf6fad65885905 corporate/3.0/x86_64/apache2-mod_proxy-2.0.48-6.23.C30mdk.x86_64.rpm\r\n 379f1bd0d23d97fc2869b09d26ee3b42 corporate/3.0/x86_64/apache2-mod_ssl-2.0.48-6.23.C30mdk.x86_64.rpm\r\n 5597b5d1368c1c0767beb20cebd6cd53 corporate/3.0/x86_64/apache2-modules-2.0.48-6.23.C30mdk.x86_64.rpm\r\n f67447546807715a164ef02a3ddc0bbd corporate/3.0/x86_64/apache2-source-2.0.48-6.23.C30mdk.x86_64.rpm\r\n 522307cef83670d8817cbc1b641667a9 corporate/3.0/x86_64/lib64apr0-2.0.48-6.23.C30mdk.x86_64.rpm \r\n 6e26bbf1feed3120aac1b93edac0c997 corporate/3.0/SRPMS/apache2-2.0.48-6.23.C30mdk.src.rpm\r\n\r\n Corporate 4.0:\r\n 20e745dca72c96abe72ae4ba81de5608 corporate/4.0/i586/apache-base-2.2.3-1.8.20060mlcs4.i586.rpm\r\n 673955b47dbd6651f0be1fa7304fd6a2 corporate/4.0/i586/apache-devel-2.2.3-1.8.20060mlcs4.i586.rpm\r\n f7d17e8c4b66835c6b245f0920ffa56b corporate/4.0/i586/apache-htcacheclean-2.2.3-1.8.20060mlcs4.i586.rpm\r\n a6e65a2699cbcbde9cad85de73b11963 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.8.20060mlcs4.i586.rpm\r\n fe5f9e938efd0966239707707bbe08e1 corporate/4.0/i586/apache-mod_cache-2.2.3-1.8.20060mlcs4.i586.rpm\r\n 024972ede101e93aec60592d191bafa3 corporate/4.0/i586/apache-mod_dav-2.2.3-1.8.20060mlcs4.i586.rpm\r\n 2b2529a4bd5da51535b940eead6b09a7 corporate/4.0/i586/apache-mod_dbd-2.2.3-1.8.20060mlcs4.i586.rpm\r\n 01d3ee26862c5a9a4eec962c104e67b9 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.8.20060mlcs4.i586.rpm\r\n 50d44fc344f94548667f0fb198164b90 corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.8.20060mlcs4.i586.rpm\r\n e520ede7762eaa6ba41eff5cfd633a24 corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.8.20060mlcs4.i586.rpm\r\n aef34694fe101b0ceace05b043e3f860 corporate/4.0/i586/apache-mod_ldap-2.2.3-1.8.20060mlcs4.i586.rpm\r\n b049591e73d44230e1bca038760016ce corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.8.20060mlcs4.i586.rpm\r\n 0e3fc6a91e46012b10bce51fe7785ce9 corporate/4.0/i586/apache-mod_proxy-2.2.3-1.8.20060mlcs4.i586.rpm\r\n fbb5ef618ed3929432c220d8515d9388 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.8.20060mlcs4.i586.rpm\r\n 2d8e093b30e1fce57d6918f067d20be3 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.8.20060mlcs4.i586.rpm\r\n c27ff603d10e00c1d897abfbe212978f corporate/4.0/i586/apache-modules-2.2.3-1.8.20060mlcs4.i586.rpm\r\n 9644d734e52275a2fadaf09e5bda64c0 corporate/4.0/i586/apache-mod_userdir-2.2.3-1.8.20060mlcs4.i586.rpm\r\n 061d347f0ebe0dbb8e188c1c5435558d corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.8.20060mlcs4.i586.rpm\r\n 234ef70549e5b1295d8bd3798524af93 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.8.20060mlcs4.i586.rpm\r\n 41acc3313eddb7248ea93b6edc61301d corporate/4.0/i586/apache-source-2.2.3-1.8.20060mlcs4.i586.rpm \r\n c640d98af437f10241c9ed0144bceb7f corporate/4.0/SRPMS/apache-2.2.3-1.8.20060mlcs4.src.rpm\r\n\r\n Corporate 4.0/X86_64:\r\n 058c2e04fd98b2bab1396291a932373d corporate/4.0/x86_64/apache-base-2.2.3-1.8.20060mlcs4.x86_64.rpm\r\n 39e47ec2e8e322540979d134365579cd corporate/4.0/x86_64/apache-devel-2.2.3-1.8.20060mlcs4.x86_64.rpm\r\n 08b8e5a5c56edf4f0adc42f11622b655 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.8.20060mlcs4.x86_64.rpm\r\n b33d6272dc669531305279fde5d5dbf8 corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.8.20060mlcs4.x86_64.rpm\r\n 47b2c4b4b61fa81cf4a802679a2b0cef corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.8.20060mlcs4.x86_64.rpm\r\n 5debe64f59b9f2bc100d643367086fa6 corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.8.20060mlcs4.x86_64.rpm\r\n 27f4395c2b78ae5ede11c0180ef95f3a corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.8.20060mlcs4.x86_64.rpm\r\n 2fc4f0bcb85da63b8356c6e9814dac75 corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.8.20060mlcs4.x86_64.rpm\r\n 4d7397261b44e9bad569344228c9dd04 corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.8.20060mlcs4.x86_64.rpm\r\n 8edebcdba0dfc54c98d366a60070fc45 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.8.20060mlcs4.x86_64.rpm\r\n b26d5e12f7f49eea2fb73b3d4d4058a2 corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.8.20060mlcs4.x86_64.rpm\r\n 1d2c26b3148d96a73c35ef47079323ca corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.8.20060mlcs4.x86_64.rpm\r\n 634b703f53ed0c6678092475c8f345ad corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.8.20060mlcs4.x86_64.rpm\r\n 51efeac6a23075f4a653fcca15266c4b corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.8.20060mlcs4.x86_64.rpm\r\n 1a8f18e2c88af1ed33e9d7172abdb2bc corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.8.20060mlcs4.x86_64.rpm\r\n 0aced397bff2e143c8b02c1b87f2fd1a corporate/4.0/x86_64/apache-modules-2.2.3-1.8.20060mlcs4.x86_64.rpm\r\n fbc238f67995ce61b0259c0388a647e6 corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.8.20060mlcs4.x86_64.rpm\r\n d20b66e1316e7637c0e0074a6ce6b4c4 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.8.20060mlcs4.x86_64.rpm\r\n db8b02071fe5143f4306811d972c925f corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.8.20060mlcs4.x86_64.rpm\r\n afb2847e74e518f81e36f54ddb63e040 corporate/4.0/x86_64/apache-source-2.2.3-1.8.20060mlcs4.x86_64.rpm \r\n c640d98af437f10241c9ed0144bceb7f corporate/4.0/SRPMS/apache-2.2.3-1.8.20060mlcs4.src.rpm\r\n\r\n Mandriva Enterprise Server 5:\r\n 0720d52886da662ca681f594d5432e97 mes5/i586/apache-base-2.2.9-12.4mdvmes5.i586.rpm\r\n 09f2baab69a8ef0f8f5058cc93c32b17 mes5/i586/apache-devel-2.2.9-12.4mdvmes5.i586.rpm\r\n 08fe9b24fb8d70d21d780b2f3e1e2d9c mes5/i586/apache-htcacheclean-2.2.9-12.4mdvmes5.i586.rpm\r\n 0f677f022b2825006eafc3ff4bbff60f mes5/i586/apache-mod_authn_dbd-2.2.9-12.4mdvmes5.i586.rpm\r\n 7148984a7eb7634fc77bbbf2dea2ab0d mes5/i586/apache-mod_cache-2.2.9-12.4mdvmes5.i586.rpm\r\n 30eb0bd1bd242c18792b9cc0f2c22d41 mes5/i586/apache-mod_dav-2.2.9-12.4mdvmes5.i586.rpm\r\n e9692ef0561be7eab574c0d88afa62e5 mes5/i586/apache-mod_dbd-2.2.9-12.4mdvmes5.i586.rpm\r\n a931888077730112c8afc069b9397b19 mes5/i586/apache-mod_deflate-2.2.9-12.4mdvmes5.i586.rpm\r\n a35dc7d675f7435c4c7156d729cdfe3d mes5/i586/apache-mod_disk_cache-2.2.9-12.4mdvmes5.i586.rpm\r\n 00ceaa6ad51a1bb35f3952a5f50bf108 mes5/i586/apache-mod_file_cache-2.2.9-12.4mdvmes5.i586.rpm\r\n bb7a6ae92c3a12b61e119bf50aea8cbf mes5/i586/apache-mod_ldap-2.2.9-12.4mdvmes5.i586.rpm\r\n 2f5b69bff7004b59cd4e86be4939e2b6 mes5/i586/apache-mod_mem_cache-2.2.9-12.4mdvmes5.i586.rpm\r\n 7a9944d41a9b385706cc52ecf45d478c mes5/i586/apache-mod_proxy-2.2.9-12.4mdvmes5.i586.rpm\r\n 6eb7ec5a1ec4787d438c1ab369678d73 mes5/i586/apache-mod_proxy_ajp-2.2.9-12.4mdvmes5.i586.rpm\r\n f12c5fef194c977f6116efc7b780bf8f mes5/i586/apache-mod_ssl-2.2.9-12.4mdvmes5.i586.rpm\r\n 30e47e4f73d4c2e3974b0a3a4c768a24 mes5/i586/apache-modules-2.2.9-12.4mdvmes5.i586.rpm\r\n 980dce78572d7daf3dc9157ee3c05009 mes5/i586/apache-mod_userdir-2.2.9-12.4mdvmes5.i586.rpm\r\n 648c218e9027cfd4bbc45e2c8fdb7392 mes5/i586/apache-mpm-event-2.2.9-12.4mdvmes5.i586.rpm\r\n 31e54787170b8ef441deb76ceaee8ccf mes5/i586/apache-mpm-itk-2.2.9-12.4mdvmes5.i586.rpm\r\n 61c7df40262e198fe932d3a005b82edd mes5/i586/apache-mpm-peruser-2.2.9-12.4mdvmes5.i586.rpm\r\n 57f6b2bb547e75a0e942c2adf49ec522 mes5/i586/apache-mpm-prefork-2.2.9-12.4mdvmes5.i586.rpm\r\n 13280e3e991725eb755ebe3941a51e47 mes5/i586/apache-mpm-worker-2.2.9-12.4mdvmes5.i586.rpm\r\n a376ad6704541de5cb4480e99f9f9bf2 mes5/i586/apache-source-2.2.9-12.4mdvmes5.i586.rpm \r\n 108dd376a6495f075e664539bea08401 mes5/SRPMS/apache-2.2.9-12.4mdvmes5.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n 2af1c8c641a8c808b5e2c9f2f1486979 mes5/x86_64/apache-base-2.2.9-12.4mdvmes5.x86_64.rpm\r\n a23a9d8790f8bfbede60a5ee958460ef mes5/x86_64/apache-devel-2.2.9-12.4mdvmes5.x86_64.rpm\r\n 625bebee6bd50b9ff92805bbe5147d74 mes5/x86_64/apache-htcacheclean-2.2.9-12.4mdvmes5.x86_64.rpm\r\n ee5e9a46db6bb1f64fe17ab45e44c7bb mes5/x86_64/apache-mod_authn_dbd-2.2.9-12.4mdvmes5.x86_64.rpm\r\n 365114ff008ded37bfe0b353c90017a6 mes5/x86_64/apache-mod_cache-2.2.9-12.4mdvmes5.x86_64.rpm\r\n e4496dc5764266a105842509e8cf632a mes5/x86_64/apache-mod_dav-2.2.9-12.4mdvmes5.x86_64.rpm\r\n 0bcdd520d83ce42a38ebdc63b28393d2 mes5/x86_64/apache-mod_dbd-2.2.9-12.4mdvmes5.x86_64.rpm\r\n 34b63edacf0c2a59b3d4a9313fd5d99d mes5/x86_64/apache-mod_deflate-2.2.9-12.4mdvmes5.x86_64.rpm\r\n 5045b337fa36f13bd51d672a65aa38dd mes5/x86_64/apache-mod_disk_cache-2.2.9-12.4mdvmes5.x86_64.rpm\r\n 019a3d7b14d8449ab7af4c26236bbef6 mes5/x86_64/apache-mod_file_cache-2.2.9-12.4mdvmes5.x86_64.rpm\r\n ecaefefc656b75cc9e7a695d222f5e5a mes5/x86_64/apache-mod_ldap-2.2.9-12.4mdvmes5.x86_64.rpm\r\n 8ef2e717e23924a6954b1eb96d3e8779 mes5/x86_64/apache-mod_mem_cache-2.2.9-12.4mdvmes5.x86_64.rpm\r\n df849dc4778fbb62c9ab4d850f553f0f mes5/x86_64/apache-mod_proxy-2.2.9-12.4mdvmes5.x86_64.rpm\r\n 7538a24d1e06a511773ef3f1750d7e1d mes5/x86_64/apache-mod_proxy_ajp-2.2.9-12.4mdvmes5.x86_64.rpm\r\n d2425299380d5a64435b5e976d846df6 mes5/x86_64/apache-mod_ssl-2.2.9-12.4mdvmes5.x86_64.rpm\r\n 6442cc2a46062d78ff46d63817aee92c mes5/x86_64/apache-modules-2.2.9-12.4mdvmes5.x86_64.rpm\r\n 474a329351d0ce6737401774ef0c23e7 mes5/x86_64/apache-mod_userdir-2.2.9-12.4mdvmes5.x86_64.rpm\r\n 3cbad2392cf80b153a71be761b339e20 mes5/x86_64/apache-mpm-event-2.2.9-12.4mdvmes5.x86_64.rpm\r\n 3c51b23e067e850fa4c355a95b543a5c mes5/x86_64/apache-mpm-itk-2.2.9-12.4mdvmes5.x86_64.rpm\r\n 513bd65ad79622f52f008d66c9edb59f mes5/x86_64/apache-mpm-peruser-2.2.9-12.4mdvmes5.x86_64.rpm\r\n 83d93304340db71074b0c79cd75de149 mes5/x86_64/apache-mpm-prefork-2.2.9-12.4mdvmes5.x86_64.rpm\r\n 3aa8fb7d0980cc489557cee1b0582c6e mes5/x86_64/apache-mpm-worker-2.2.9-12.4mdvmes5.x86_64.rpm\r\n c040a8272364676e40691cd1898ed471 mes5/x86_64/apache-source-2.2.9-12.4mdvmes5.x86_64.rpm \r\n 108dd376a6495f075e664539bea08401 mes5/SRPMS/apache-2.2.9-12.4mdvmes5.src.rpm\r\n\r\n Multi Network Firewall 2.0:\r\n cbe01aa9d0c9a526211b0e97500d6852 mnf/2.0/i586/apache2-2.0.48-6.23.C30mdk.i586.rpm\r\n e263c09ab7c5c353ad047873f78a8a51 mnf/2.0/i586/apache2-common-2.0.48-6.23.C30mdk.i586.rpm\r\n 00b5496e157665222777269fbf985e4e mnf/2.0/i586/apache2-devel-2.0.48-6.23.C30mdk.i586.rpm\r\n 9e02cc21f434e763ae061f3c07c4a22e mnf/2.0/i586/apache2-manual-2.0.48-6.23.C30mdk.i586.rpm\r\n f6442c1339326c7d555f7cd2e69bcf8f mnf/2.0/i586/apache2-mod_cache-2.0.48-6.23.C30mdk.i586.rpm\r\n f2e4b39f39eee524aa98375928c30eb3 mnf/2.0/i586/apache2-mod_dav-2.0.48-6.23.C30mdk.i586.rpm\r\n ee0b1f109ea53acdb73b62737fa94680 mnf/2.0/i586/apache2-mod_deflate-2.0.48-6.23.C30mdk.i586.rpm\r\n eb349cefc92904164d07b3bdba9d0764 mnf/2.0/i586/apache2-mod_disk_cache-2.0.48-6.23.C30mdk.i586.rpm\r\n c2f2fa3a82b837af9e4beeed5b101041 mnf/2.0/i586/apache2-mod_file_cache-2.0.48-6.23.C30mdk.i586.rpm\r\n d09a486f3067751befb3be3c9f9f2067 mnf/2.0/i586/apache2-mod_ldap-2.0.48-6.23.C30mdk.i586.rpm\r\n 4b699d4eb87d5ec8a4f695838885072c mnf/2.0/i586/apache2-mod_mem_cache-2.0.48-6.23.C30mdk.i586.rpm\r\n 32a249c9f325aadfc3f09829c22a2813 mnf/2.0/i586/apache2-mod_proxy-2.0.48-6.23.C30mdk.i586.rpm\r\n b5bb9504566005feef4be2296c9136f7 mnf/2.0/i586/apache2-mod_ssl-2.0.48-6.23.C30mdk.i586.rpm\r\n 4d399daec8415a824ffcf5b5b02b5a5a mnf/2.0/i586/apache2-modules-2.0.48-6.23.C30mdk.i586.rpm\r\n c329f2fdba0463de9c3b419704e37873 mnf/2.0/i586/apache2-source-2.0.48-6.23.C30mdk.i586.rpm\r\n 52d13cb50e7663ced806d5b7147cce84 mnf/2.0/i586/libapr0-2.0.48-6.23.C30mdk.i586.rpm \r\n 67c9b7b8627da983f53954d0e976d16e mnf/2.0/SRPMS/apache2-2.0.48-6.23.C30mdk.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niD8DBQFKuL2vmqjQ0CJFipgRAnDtAKClCupp8v+YOpt1xtnOFIFjJhYoyACgvA6D\r\nVwdAeokTF9DlAoIgrJeXWdo=\r\n=45LD\r\n-----END PGP SIGNATURE-----", "edition": 1, "cvss3": {}, "published": "2009-09-23T00:00:00", "title": "[ MDVSA-2009:240 ] apache", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095"], "modified": "2009-09-23T00:00:00", "id": "SECURITYVULNS:DOC:22493", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22493", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2018-04-06T11:37:56", "description": "The remote host is missing an update to apache\nannounced via advisory MDVSA-2009:240.", "cvss3": {}, "published": "2009-09-28T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:240 (apache)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064950", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064950", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_240.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:240 (apache)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities was discovered and corrected in apache:\n\nThe ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in\nthe mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13\nallows remote FTP servers to cause a denial of service (NULL pointer\ndereference and child process crash) via a malformed reply to an EPSV\ncommand (CVE-2009-3094).\n\nThe mod_proxy_ftp module in the Apache HTTP Server allows remote\nattackers to bypass intended access restrictions and send arbitrary\ncommands to an FTP server via vectors related to the embedding of these\ncommands in the Authorization HTTP header, as demonstrated by a certain\nmodule in VulnDisco Pack Professional 8.11. NOTE: as of 20090903,\nthis disclosure has no actionable information. However, because the\nVulnDisco Pack author is a reliable researcher, the issue is being\nassigned a CVE identifier for tracking purposes (CVE-2009-3095).\n\nThis update provides a solution to these vulnerabilities.\n\nAffected: 2008.1, 2009.0, 2009.1, Corporate 3.0, Corporate 4.0,\n Enterprise Server 5.0, Multi Network Firewall 2.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:240\";\ntag_summary = \"The remote host is missing an update to apache\nannounced via advisory MDVSA-2009:240.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64950\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-28 19:09:13 +0200 (Mon, 28 Sep 2009)\");\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:240 (apache)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache-base\", rpm:\"apache-base~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-htcacheclean\", rpm:\"apache-htcacheclean~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_authn_dbd\", rpm:\"apache-mod_authn_dbd~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_cache\", rpm:\"apache-mod_cache~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dav\", rpm:\"apache-mod_dav~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dbd\", rpm:\"apache-mod_dbd~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_deflate\", rpm:\"apache-mod_deflate~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_disk_cache\", rpm:\"apache-mod_disk_cache~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_file_cache\", rpm:\"apache-mod_file_cache~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ldap\", rpm:\"apache-mod_ldap~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_mem_cache\", rpm:\"apache-mod_mem_cache~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy\", rpm:\"apache-mod_proxy~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy_ajp\", rpm:\"apache-mod_proxy_ajp~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ssl\", rpm:\"apache-mod_ssl~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-modules\", rpm:\"apache-modules~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_userdir\", rpm:\"apache-mod_userdir~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-event\", rpm:\"apache-mpm-event~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-itk\", rpm:\"apache-mpm-itk~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-prefork\", rpm:\"apache-mpm-prefork~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-worker\", rpm:\"apache-mpm-worker~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-source\", rpm:\"apache-source~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-base\", rpm:\"apache-base~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-htcacheclean\", rpm:\"apache-htcacheclean~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_authn_dbd\", rpm:\"apache-mod_authn_dbd~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_cache\", rpm:\"apache-mod_cache~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dav\", rpm:\"apache-mod_dav~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dbd\", rpm:\"apache-mod_dbd~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_deflate\", rpm:\"apache-mod_deflate~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_disk_cache\", rpm:\"apache-mod_disk_cache~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_file_cache\", rpm:\"apache-mod_file_cache~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ldap\", rpm:\"apache-mod_ldap~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_mem_cache\", rpm:\"apache-mod_mem_cache~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy\", rpm:\"apache-mod_proxy~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy_ajp\", rpm:\"apache-mod_proxy_ajp~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ssl\", rpm:\"apache-mod_ssl~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-modules\", rpm:\"apache-modules~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_userdir\", rpm:\"apache-mod_userdir~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-event\", rpm:\"apache-mpm-event~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-itk\", rpm:\"apache-mpm-itk~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-peruser\", rpm:\"apache-mpm-peruser~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-prefork\", rpm:\"apache-mpm-prefork~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-worker\", rpm:\"apache-mpm-worker~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-source\", rpm:\"apache-source~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-base\", rpm:\"apache-base~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-htcacheclean\", rpm:\"apache-htcacheclean~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_authn_dbd\", rpm:\"apache-mod_authn_dbd~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_cache\", rpm:\"apache-mod_cache~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dav\", rpm:\"apache-mod_dav~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dbd\", rpm:\"apache-mod_dbd~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_deflate\", rpm:\"apache-mod_deflate~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_disk_cache\", rpm:\"apache-mod_disk_cache~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_file_cache\", rpm:\"apache-mod_file_cache~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ldap\", rpm:\"apache-mod_ldap~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_mem_cache\", rpm:\"apache-mod_mem_cache~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy\", rpm:\"apache-mod_proxy~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy_ajp\", rpm:\"apache-mod_proxy_ajp~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ssl\", rpm:\"apache-mod_ssl~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-modules\", rpm:\"apache-modules~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_userdir\", rpm:\"apache-mod_userdir~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-event\", rpm:\"apache-mpm-event~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-itk\", rpm:\"apache-mpm-itk~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-peruser\", rpm:\"apache-mpm-peruser~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-prefork\", rpm:\"apache-mpm-prefork~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-worker\", rpm:\"apache-mpm-worker~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-source\", rpm:\"apache-source~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-common\", rpm:\"apache2-common~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-manual\", rpm:\"apache2-manual~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_cache\", rpm:\"apache2-mod_cache~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_dav\", rpm:\"apache2-mod_dav~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_deflate\", rpm:\"apache2-mod_deflate~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_disk_cache\", rpm:\"apache2-mod_disk_cache~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_file_cache\", rpm:\"apache2-mod_file_cache~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_ldap\", rpm:\"apache2-mod_ldap~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_mem_cache\", rpm:\"apache2-mod_mem_cache~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_proxy\", rpm:\"apache2-mod_proxy~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_ssl\", rpm:\"apache2-mod_ssl~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-modules\", rpm:\"apache2-modules~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-source\", rpm:\"apache2-source~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr0\", rpm:\"libapr0~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64apr0\", rpm:\"lib64apr0~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-base\", rpm:\"apache-base~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-htcacheclean\", rpm:\"apache-htcacheclean~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_authn_dbd\", rpm:\"apache-mod_authn_dbd~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_cache\", rpm:\"apache-mod_cache~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dav\", rpm:\"apache-mod_dav~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dbd\", rpm:\"apache-mod_dbd~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_deflate\", rpm:\"apache-mod_deflate~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_disk_cache\", rpm:\"apache-mod_disk_cache~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_file_cache\", rpm:\"apache-mod_file_cache~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ldap\", rpm:\"apache-mod_ldap~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_mem_cache\", rpm:\"apache-mod_mem_cache~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy\", rpm:\"apache-mod_proxy~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy_ajp\", rpm:\"apache-mod_proxy_ajp~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ssl\", rpm:\"apache-mod_ssl~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-modules\", rpm:\"apache-modules~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_userdir\", rpm:\"apache-mod_userdir~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-prefork\", rpm:\"apache-mpm-prefork~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-worker\", rpm:\"apache-mpm-worker~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-source\", rpm:\"apache-source~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-base\", rpm:\"apache-base~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-htcacheclean\", rpm:\"apache-htcacheclean~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_authn_dbd\", rpm:\"apache-mod_authn_dbd~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_cache\", rpm:\"apache-mod_cache~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dav\", rpm:\"apache-mod_dav~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dbd\", rpm:\"apache-mod_dbd~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_deflate\", rpm:\"apache-mod_deflate~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_disk_cache\", rpm:\"apache-mod_disk_cache~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_file_cache\", rpm:\"apache-mod_file_cache~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ldap\", rpm:\"apache-mod_ldap~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_mem_cache\", rpm:\"apache-mod_mem_cache~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy\", rpm:\"apache-mod_proxy~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy_ajp\", rpm:\"apache-mod_proxy_ajp~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ssl\", rpm:\"apache-mod_ssl~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-modules\", rpm:\"apache-modules~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_userdir\", rpm:\"apache-mod_userdir~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-event\", rpm:\"apache-mpm-event~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-itk\", rpm:\"apache-mpm-itk~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-peruser\", rpm:\"apache-mpm-peruser~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-prefork\", rpm:\"apache-mpm-prefork~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-worker\", rpm:\"apache-mpm-worker~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-source\", rpm:\"apache-source~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-common\", rpm:\"apache2-common~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-manual\", rpm:\"apache2-manual~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_cache\", rpm:\"apache2-mod_cache~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_dav\", rpm:\"apache2-mod_dav~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_deflate\", rpm:\"apache2-mod_deflate~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_disk_cache\", rpm:\"apache2-mod_disk_cache~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_file_cache\", rpm:\"apache2-mod_file_cache~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_ldap\", rpm:\"apache2-mod_ldap~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_mem_cache\", rpm:\"apache2-mod_mem_cache~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_proxy\", rpm:\"apache2-mod_proxy~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_ssl\", rpm:\"apache2-mod_ssl~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-modules\", rpm:\"apache2-modules~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-source\", rpm:\"apache2-source~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr0\", rpm:\"libapr0~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:05", "description": "The remote host is missing an update as announced\nvia advisory SSA:2010-024-01.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2010-024-01 httpd", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:136141256231066780", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066780", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2010_024_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66780\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2010-024-01 httpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(12\\.0|12\\.1|12\\.2|13\\.0)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2010-024-01\");\n\n script_tag(name:\"insight\", value:\"New httpd packages are available for Slackware 12.0, 12.1, 12.2, 13.0,\nand -current to fix security issues.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2010-024-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"httpd\", ver:\"2.2.14-i486-1_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"httpd\", ver:\"2.2.14-i486-1_slack12.1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"httpd\", ver:\"2.2.14-i486-1_slack12.2\", rls:\"SLK12.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"httpd\", ver:\"2.2.14-i486-1_slack13.0\", rls:\"SLK13.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:50:48", "description": "The remote host is missing an update as announced\nvia advisory SSA:2010-024-01.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2010-024-01 httpd ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:66780", "href": "http://plugins.openvas.org/nasl.php?oid=66780", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2010_024_01.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New httpd packages are available for Slackware 12.0, 12.1, 12.2, 13.0,\nand -current to fix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2010-024-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2010-024-01\";\n \nif(description)\n{\n script_id(66780);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 6598 $\");\n script_name(\"Slackware Advisory SSA:2010-024-01 httpd \");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"httpd\", ver:\"2.2.14-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"httpd\", ver:\"2.2.14-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"httpd\", ver:\"2.2.14-i486-1_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"httpd\", ver:\"2.2.14-i486-1_slack13.0\", rls:\"SLK13.0\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:18", "description": "The remote host is missing an update to apache\nannounced via advisory MDVSA-2009:240.", "cvss3": {}, "published": "2009-09-28T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:240 (apache)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:64950", "href": "http://plugins.openvas.org/nasl.php?oid=64950", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_240.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:240 (apache)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities was discovered and corrected in apache:\n\nThe ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in\nthe mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13\nallows remote FTP servers to cause a denial of service (NULL pointer\ndereference and child process crash) via a malformed reply to an EPSV\ncommand (CVE-2009-3094).\n\nThe mod_proxy_ftp module in the Apache HTTP Server allows remote\nattackers to bypass intended access restrictions and send arbitrary\ncommands to an FTP server via vectors related to the embedding of these\ncommands in the Authorization HTTP header, as demonstrated by a certain\nmodule in VulnDisco Pack Professional 8.11. NOTE: as of 20090903,\nthis disclosure has no actionable information. However, because the\nVulnDisco Pack author is a reliable researcher, the issue is being\nassigned a CVE identifier for tracking purposes (CVE-2009-3095).\n\nThis update provides a solution to these vulnerabilities.\n\nAffected: 2008.1, 2009.0, 2009.1, Corporate 3.0, Corporate 4.0,\n Enterprise Server 5.0, Multi Network Firewall 2.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:240\";\ntag_summary = \"The remote host is missing an update to apache\nannounced via advisory MDVSA-2009:240.\";\n\n \n\nif(description)\n{\n script_id(64950);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-28 19:09:13 +0200 (Mon, 28 Sep 2009)\");\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:240 (apache)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache-base\", rpm:\"apache-base~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-htcacheclean\", rpm:\"apache-htcacheclean~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_authn_dbd\", rpm:\"apache-mod_authn_dbd~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_cache\", rpm:\"apache-mod_cache~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dav\", rpm:\"apache-mod_dav~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dbd\", rpm:\"apache-mod_dbd~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_deflate\", rpm:\"apache-mod_deflate~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_disk_cache\", rpm:\"apache-mod_disk_cache~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_file_cache\", rpm:\"apache-mod_file_cache~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ldap\", rpm:\"apache-mod_ldap~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_mem_cache\", rpm:\"apache-mod_mem_cache~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy\", rpm:\"apache-mod_proxy~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy_ajp\", rpm:\"apache-mod_proxy_ajp~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ssl\", rpm:\"apache-mod_ssl~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-modules\", rpm:\"apache-modules~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_userdir\", rpm:\"apache-mod_userdir~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-event\", rpm:\"apache-mpm-event~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-itk\", rpm:\"apache-mpm-itk~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-prefork\", rpm:\"apache-mpm-prefork~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-worker\", rpm:\"apache-mpm-worker~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-source\", rpm:\"apache-source~2.2.8~6.6mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-base\", rpm:\"apache-base~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-htcacheclean\", rpm:\"apache-htcacheclean~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_authn_dbd\", rpm:\"apache-mod_authn_dbd~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_cache\", rpm:\"apache-mod_cache~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dav\", rpm:\"apache-mod_dav~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dbd\", rpm:\"apache-mod_dbd~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_deflate\", rpm:\"apache-mod_deflate~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_disk_cache\", rpm:\"apache-mod_disk_cache~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_file_cache\", rpm:\"apache-mod_file_cache~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ldap\", rpm:\"apache-mod_ldap~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_mem_cache\", rpm:\"apache-mod_mem_cache~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy\", rpm:\"apache-mod_proxy~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy_ajp\", rpm:\"apache-mod_proxy_ajp~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ssl\", rpm:\"apache-mod_ssl~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-modules\", rpm:\"apache-modules~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_userdir\", rpm:\"apache-mod_userdir~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-event\", rpm:\"apache-mpm-event~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-itk\", rpm:\"apache-mpm-itk~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-peruser\", rpm:\"apache-mpm-peruser~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-prefork\", rpm:\"apache-mpm-prefork~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-worker\", rpm:\"apache-mpm-worker~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-source\", rpm:\"apache-source~2.2.9~12.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-base\", rpm:\"apache-base~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-htcacheclean\", rpm:\"apache-htcacheclean~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_authn_dbd\", rpm:\"apache-mod_authn_dbd~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_cache\", rpm:\"apache-mod_cache~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dav\", rpm:\"apache-mod_dav~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dbd\", rpm:\"apache-mod_dbd~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_deflate\", rpm:\"apache-mod_deflate~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_disk_cache\", rpm:\"apache-mod_disk_cache~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_file_cache\", rpm:\"apache-mod_file_cache~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ldap\", rpm:\"apache-mod_ldap~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_mem_cache\", rpm:\"apache-mod_mem_cache~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy\", rpm:\"apache-mod_proxy~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy_ajp\", rpm:\"apache-mod_proxy_ajp~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ssl\", rpm:\"apache-mod_ssl~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-modules\", rpm:\"apache-modules~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_userdir\", rpm:\"apache-mod_userdir~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-event\", rpm:\"apache-mpm-event~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-itk\", rpm:\"apache-mpm-itk~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-peruser\", rpm:\"apache-mpm-peruser~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-prefork\", rpm:\"apache-mpm-prefork~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-worker\", rpm:\"apache-mpm-worker~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-source\", rpm:\"apache-source~2.2.11~10.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-common\", rpm:\"apache2-common~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-manual\", rpm:\"apache2-manual~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_cache\", rpm:\"apache2-mod_cache~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_dav\", rpm:\"apache2-mod_dav~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_deflate\", rpm:\"apache2-mod_deflate~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_disk_cache\", rpm:\"apache2-mod_disk_cache~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_file_cache\", rpm:\"apache2-mod_file_cache~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_ldap\", rpm:\"apache2-mod_ldap~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_mem_cache\", rpm:\"apache2-mod_mem_cache~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_proxy\", rpm:\"apache2-mod_proxy~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_ssl\", rpm:\"apache2-mod_ssl~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-modules\", rpm:\"apache2-modules~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-source\", rpm:\"apache2-source~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr0\", rpm:\"libapr0~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64apr0\", rpm:\"lib64apr0~2.0.48~6.23.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-base\", rpm:\"apache-base~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-htcacheclean\", rpm:\"apache-htcacheclean~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_authn_dbd\", rpm:\"apache-mod_authn_dbd~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_cache\", rpm:\"apache-mod_cache~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dav\", rpm:\"apache-mod_dav~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dbd\", rpm:\"apache-mod_dbd~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_deflate\", rpm:\"apache-mod_deflate~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_disk_cache\", rpm:\"apache-mod_disk_cache~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_file_cache\", rpm:\"apache-mod_file_cache~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ldap\", rpm:\"apache-mod_ldap~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_mem_cache\", rpm:\"apache-mod_mem_cache~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy\", rpm:\"apache-mod_proxy~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy_ajp\", rpm:\"apache-mod_proxy_ajp~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ssl\", rpm:\"apache-mod_ssl~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-modules\", rpm:\"apache-modules~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_userdir\", rpm:\"apache-mod_userdir~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-prefork\", rpm:\"apache-mpm-prefork~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-worker\", rpm:\"apache-mpm-worker~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-source\", rpm:\"apache-source~2.2.3~1.8.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-base\", rpm:\"apache-base~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-htcacheclean\", rpm:\"apache-htcacheclean~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_authn_dbd\", rpm:\"apache-mod_authn_dbd~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_cache\", rpm:\"apache-mod_cache~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dav\", rpm:\"apache-mod_dav~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dbd\", rpm:\"apache-mod_dbd~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_deflate\", rpm:\"apache-mod_deflate~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_disk_cache\", rpm:\"apache-mod_disk_cache~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_file_cache\", rpm:\"apache-mod_file_cache~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ldap\", rpm:\"apache-mod_ldap~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_mem_cache\", rpm:\"apache-mod_mem_cache~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy\", rpm:\"apache-mod_proxy~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy_ajp\", rpm:\"apache-mod_proxy_ajp~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ssl\", rpm:\"apache-mod_ssl~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-modules\", rpm:\"apache-modules~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_userdir\", rpm:\"apache-mod_userdir~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-event\", rpm:\"apache-mpm-event~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-itk\", rpm:\"apache-mpm-itk~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-peruser\", rpm:\"apache-mpm-peruser~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-prefork\", rpm:\"apache-mpm-prefork~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-worker\", rpm:\"apache-mpm-worker~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-source\", rpm:\"apache-source~2.2.9~12.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-common\", rpm:\"apache2-common~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-manual\", rpm:\"apache2-manual~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_cache\", rpm:\"apache2-mod_cache~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_dav\", rpm:\"apache2-mod_dav~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_deflate\", rpm:\"apache2-mod_deflate~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_disk_cache\", rpm:\"apache2-mod_disk_cache~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_file_cache\", rpm:\"apache2-mod_file_cache~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_ldap\", rpm:\"apache2-mod_ldap~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_mem_cache\", rpm:\"apache2-mod_mem_cache~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_proxy\", rpm:\"apache2-mod_proxy~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_ssl\", rpm:\"apache2-mod_ssl~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-modules\", rpm:\"apache2-modules~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-source\", rpm:\"apache2-source~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr0\", rpm:\"libapr0~2.0.48~6.23.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:58", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for httpd CESA-2009:1579 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3555", "CVE-2009-3095"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880706", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880706", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for httpd CESA-2009:1579 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.880706\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2009:1579\");\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_name(\"CentOS Update for httpd CESA-2009:1579 centos5 i386\");\n\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-November/016326.html\");\n script_xref(name:\"URL\", value:\"http://kbase.redhat.com/faq/docs/DOC-20491\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'httpd'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"httpd on CentOS 5\");\n script_tag(name:\"insight\", value:\"The Apache HTTP Server is a popular Web server.\n\n A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\n Sockets Layer) protocols handle session renegotiation. A man-in-the-middle\n attacker could use this flaw to prefix arbitrary plain text to a client's\n session (for example, an HTTPS connection to a website). This could force\n the server to process an attacker's request as if authenticated using the\n victim's credentials. This update partially mitigates this flaw for SSL\n sessions to HTTP servers using mod_ssl by rejecting client-requested\n renegotiation. (CVE-2009-3555)\n\n Note: This update does not fully resolve the issue for HTTPS servers. An\n attack is still possible in configurations that require a server-initiated\n renegotiation. Refer to the linked Knowledgebase article for further\n information.\n\n A NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\n module. A malicious FTP server to which requests are being proxied could\n use this flaw to crash an httpd child process via a malformed reply to the\n EPSV or PASV commands, resulting in a limited denial of service.\n (CVE-2009-3094)\n\n A second flaw was found in the Apache mod_proxy_ftp module. In a reverse\n proxy configuration, a remote attacker could use this flaw to bypass\n intended access restrictions by creating a carefully-crafted HTTP\n Authorization header, allowing the attacker to send arbitrary commands to\n the FTP server. (CVE-2009-3095)\n\n All httpd users should upgrade to these updated packages, which contain\n backported patches to correct these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.3~31.el5.centos.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.3~31.el5.centos.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.3~31.el5.centos.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.3~31.el5.centos.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for httpd CESA-2009:1579 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3555", "CVE-2009-3095"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880739", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880739", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for httpd CESA-2009:1579 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.880739\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2009:1579\");\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_name(\"CentOS Update for httpd CESA-2009:1579 centos3 i386\");\n\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-November/016316.html\");\n script_xref(name:\"URL\", value:\"http://kbase.redhat.com/faq/docs/DOC-20491\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'httpd'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS3\");\n script_tag(name:\"affected\", value:\"httpd on CentOS 3\");\n script_tag(name:\"insight\", value:\"The Apache HTTP Server is a popular Web server.\n\n A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\n Sockets Layer) protocols handle session renegotiation. A man-in-the-middle\n attacker could use this flaw to prefix arbitrary plain text to a client's\n session (for example, an HTTPS connection to a website). This could force\n the server to process an attacker's request as if authenticated using the\n victim's credentials. This update partially mitigates this flaw for SSL\n sessions to HTTP servers using mod_ssl by rejecting client-requested\n renegotiation. (CVE-2009-3555)\n\n Note: This update does not fully resolve the issue for HTTPS servers. An\n attack is still possible in configurations that require a server-initiated\n renegotiation. Refer to the linked Knowledgebase article for further\n information.\n\n A NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\n module. A malicious FTP server to which requests are being proxied could\n use this flaw to crash an httpd child process via a malformed reply to the\n EPSV or PASV commands, resulting in a limited denial of service.\n (CVE-2009-3094)\n\n A second flaw was found in the Apache mod_proxy_ftp module. In a reverse\n proxy configuration, a remote attacker could use this flaw to bypass\n intended access restrictions by creating a carefully-crafted HTTP\n Authorization header, allowing the attacker to send arbitrary commands to\n the FTP server. (CVE-2009-3095)\n\n All httpd users should upgrade to these updated packages, which contain\n backported patches to correct these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.0.46~77.ent.centos\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.0.46~77.ent.centos\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.0.46~77.ent.centos\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-04-06T11:37:29", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1579.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. This update partially mitigates this flaw for SSL\nsessions to HTTP servers using mod_ssl by rejecting client-requested\nrenegotiation. (CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers. An\nattack is still possible in configurations that require a server-initiated\nrenegotiation. Refer to the following Knowledgebase article for further\ninformation: http://kbase.redhat.com/faq/docs/DOC-20491\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\nmodule. A malicious FTP server to which requests are being proxied could\nuse this flaw to crash an httpd child process via a malformed reply to the\nEPSV or PASV commands, resulting in a limited denial of service.\n(CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a reverse\nproxy configuration, a remote attacker could use this flaw to bypass\nintended access restrictions by creating a carefully-crafted HTTP\nAuthorization header, allowing the attacker to send arbitrary commands to\nthe FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1579", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3555", "CVE-2009-3095"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066241", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066241", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1579.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1579 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1579.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. This update partially mitigates this flaw for SSL\nsessions to HTTP servers using mod_ssl by rejecting client-requested\nrenegotiation. (CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers. An\nattack is still possible in configurations that require a server-initiated\nrenegotiation. Refer to the following Knowledgebase article for further\ninformation: http://kbase.redhat.com/faq/docs/DOC-20491\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\nmodule. A malicious FTP server to which requests are being proxied could\nuse this flaw to crash an httpd child process via a malformed reply to the\nEPSV or PASV commands, resulting in a limited denial of service.\n(CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a reverse\nproxy configuration, a remote attacker could use this flaw to bypass\nintended access restrictions by creating a carefully-crafted HTTP\nAuthorization header, allowing the attacker to send arbitrary commands to\nthe FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66241\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:1579\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1579.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n script_xref(name : \"URL\" , value : \"http://kbase.redhat.com/faq/docs/DOC-20491\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.0.46~77.ent\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.0.46~77.ent\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.0.46~77.ent\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.0.46~77.ent\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.3~31.el5_4.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.2.3~31.el5_4.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.3~31.el5_4.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.3~31.el5_4.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.3~31.el5_4.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:25", "description": "The remote host is missing updates to httpd announced in\nadvisory CESA-2009:1579.", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1579 (httpd)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3555", "CVE-2009-3095"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:66274", "href": "http://plugins.openvas.org/nasl.php?oid=66274", "sourceData": "#CESA-2009:1579 66274 4\n# $Id: ovcesa2009_1579.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1579 (httpd)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1579\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1579\nhttps://rhn.redhat.com/errata/RHSA-2009-1579.html\";\ntag_summary = \"The remote host is missing updates to httpd announced in\nadvisory CESA-2009:1579.\";\n\n\n\nif(description)\n{\n script_id(66274);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:1579 (httpd)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.0.46~77.ent.centos\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.0.46~77.ent.centos\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.0.46~77.ent.centos\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.3~31.el5.centos.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.3~31.el5.centos.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.3~31.el5.centos.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.3~31.el5.centos.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:15", "description": "Oracle Linux Local Security Checks ELSA-2009-1579", "cvss3": {}, "published": "2015-10-08T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2009-1579", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3555", "CVE-2009-3095"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122420", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122420", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2009-1579.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122420\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:44:57 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2009-1579\");\n script_tag(name:\"insight\", value:\"ELSA-2009-1579 - httpd security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2009-1579\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2009-1579.html\");\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.3~31.0.1.el5_4.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.3~31.0.1.el5_4.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.3~31.0.1.el5_4.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.3~31.0.1.el5_4.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:54:45", "description": "Check for the Version of httpd", "cvss3": {}, "published": "2010-03-02T00:00:00", "type": "openvas", "title": "Fedora Update for httpd FEDORA-2009-12747", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3555", "CVE-2009-3095"], "modified": "2017-12-26T00:00:00", "id": "OPENVAS:861746", "href": "http://plugins.openvas.org/nasl.php?oid=861746", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for httpd FEDORA-2009-12747\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache HTTP Server is a powerful, efficient, and extensible\n web server.\n\n This update contains the latest stable release of Apache httpd. Three security\n fixes are included, along with several minor bug fixes. A flaw was found in\n the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols\n handle session renegotiation. A man-in-the-middle attacker could use this flaw\n to prefix arbitrary plain text to a client's session (for example, an HTTPS\n connection to a website). This could force the server to process an attacker's\n request as if authenticated using the victim's credentials. This update\n partially mitigates this flaw for SSL sessions to HTTP servers using mod_ssl by\n rejecting client-requested renegotiation. (CVE-2009-3555) Note: This update\n does not fully resolve the issue for HTTPS servers. An attack is still possible\n in configurations that require a server-initiated renegotiation A NULL\n pointer dereference flaw was found in the Apache mod_proxy_ftp module. A\n malicious FTP server to which requests are being proxied could use this flaw to\n crash an httpd child process via a malformed reply to the EPSV or PASV commands,\n resulting in a limited denial of service. (CVE-2009-3094) A second flaw was\n found in the Apache mod_proxy_ftp module. In a reverse proxy configuration, a\n remote attacker could use this flaw to bypass intended access restrictions by\n creating a carefully-crafted HTTP Authorization header, allowing the attacker to\n send arbitrary commands to the FTP server. (CVE-2009-3095) See the upstream\n changes file for further information:\n http://www.apache.org/dist/httpd/CHANGES_2.2.14\";\n\ntag_affected = \"httpd on Fedora 11\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035949.html\");\n script_id(861746);\n script_version(\"$Revision: 8245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 07:29:59 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-02 08:38:02 +0100 (Tue, 02 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2009-12747\");\n script_cve_id(\"CVE-2009-3555\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n script_name(\"Fedora Update for httpd FEDORA-2009-12747\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of httpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.14~1.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:57:10", "description": "The remote host is missing an update to Apache HTTP Server\nannounced via advisory FEDORA-2009-12606.", "cvss3": {}, "published": "2009-12-30T00:00:00", "type": "openvas", "title": "Fedora Core 12 FEDORA-2009-12606 (httpd)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3555", "CVE-2009-3095"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:66557", "href": "http://plugins.openvas.org/nasl.php?oid=66557", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_12606.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-12606 (httpd)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details, please visit the referenced advisories.\n\nChangeLog:\n\n* Thu Dec 3 2009 Joe Orton - 2.2.14-1\n- update to 2.2.14\n- relax permissions on /var/run/httpd (#495780)\n- Requires(pre): httpd in mod_ssl subpackage (#543275)\n- add partial security fix for CVE-2009-3555 (#533125)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update httpd' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12606\";\ntag_summary = \"The remote host is missing an update to Apache HTTP Server\nannounced via advisory FEDORA-2009-12606.\";\n\n\n\nif(description)\n{\n script_id(66557);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-30 21:58:43 +0100 (Wed, 30 Dec 2009)\");\n script_cve_id(\"CVE-2009-3555\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 12 FEDORA-2009-12606 (httpd)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=521619\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=522209\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.14~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.14~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-tools\", rpm:\"httpd-tools~2.2.14~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.14~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.2.14~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.14~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-26T11:05:57", "description": "Check for the Version of httpd", "cvss3": {}, "published": "2010-03-02T00:00:00", "type": "openvas", "title": "Fedora Update for httpd FEDORA-2009-12747", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3555", "CVE-2009-3095"], "modified": "2018-01-25T00:00:00", "id": "OPENVAS:1361412562310861746", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861746", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for httpd FEDORA-2009-12747\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache HTTP Server is a powerful, efficient, and extensible\n web server.\n\n This update contains the latest stable release of Apache httpd. Three security\n fixes are included, along with several minor bug fixes. A flaw was found in\n the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols\n handle session renegotiation. A man-in-the-middle attacker could use this flaw\n to prefix arbitrary plain text to a client's session (for example, an HTTPS\n connection to a website). This could force the server to process an attacker's\n request as if authenticated using the victim's credentials. This update\n partially mitigates this flaw for SSL sessions to HTTP servers using mod_ssl by\n rejecting client-requested renegotiation. (CVE-2009-3555) Note: This update\n does not fully resolve the issue for HTTPS servers. An attack is still possible\n in configurations that require a server-initiated renegotiation A NULL\n pointer dereference flaw was found in the Apache mod_proxy_ftp module. A\n malicious FTP server to which requests are being proxied could use this flaw to\n crash an httpd child process via a malformed reply to the EPSV or PASV commands,\n resulting in a limited denial of service. (CVE-2009-3094) A second flaw was\n found in the Apache mod_proxy_ftp module. In a reverse proxy configuration, a\n remote attacker could use this flaw to bypass intended access restrictions by\n creating a carefully-crafted HTTP Authorization header, allowing the attacker to\n send arbitrary commands to the FTP server. (CVE-2009-3095) See the upstream\n changes file for further information:\n http://www.apache.org/dist/httpd/CHANGES_2.2.14\";\n\ntag_affected = \"httpd on Fedora 11\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035949.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.861746\");\n script_version(\"$Revision: 8528 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-25 08:57:36 +0100 (Thu, 25 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-02 08:38:02 +0100 (Tue, 02 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2009-12747\");\n script_cve_id(\"CVE-2009-3555\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n script_name(\"Fedora Update for httpd FEDORA-2009-12747\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of httpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.14~1.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:51", "description": "Check for the Version of httpd", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for httpd CESA-2009:1579 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3555", "CVE-2009-3095"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880739", "href": "http://plugins.openvas.org/nasl.php?oid=880739", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for httpd CESA-2009:1579 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache HTTP Server is a popular Web server.\n\n A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\n Sockets Layer) protocols handle session renegotiation. A man-in-the-middle\n attacker could use this flaw to prefix arbitrary plain text to a client's\n session (for example, an HTTPS connection to a website). This could force\n the server to process an attacker's request as if authenticated using the\n victim's credentials. This update partially mitigates this flaw for SSL\n sessions to HTTP servers using mod_ssl by rejecting client-requested\n renegotiation. (CVE-2009-3555)\n \n Note: This update does not fully resolve the issue for HTTPS servers. An\n attack is still possible in configurations that require a server-initiated\n renegotiation. Refer to the following Knowledgebase article for further\n information: http://kbase.redhat.com/faq/docs/DOC-20491\n \n A NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\n module. A malicious FTP server to which requests are being proxied could\n use this flaw to crash an httpd child process via a malformed reply to the\n EPSV or PASV commands, resulting in a limited denial of service.\n (CVE-2009-3094)\n \n A second flaw was found in the Apache mod_proxy_ftp module. In a reverse\n proxy configuration, a remote attacker could use this flaw to bypass\n intended access restrictions by creating a carefully-crafted HTTP\n Authorization header, allowing the attacker to send arbitrary commands to\n the FTP server. (CVE-2009-3095)\n \n All httpd users should upgrade to these updated packages, which contain\n backported patches to correct these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"httpd on CentOS 3\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-November/016316.html\");\n script_id(880739);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2009:1579\");\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_name(\"CentOS Update for httpd CESA-2009:1579 centos3 i386\");\n\n script_summary(\"Check for the Version of httpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.0.46~77.ent.centos\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.0.46~77.ent.centos\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.0.46~77.ent.centos\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:30", "description": "The remote host is missing an update to Apache HTTP Server\nannounced via advisory FEDORA-2009-12606.", "cvss3": {}, "published": "2009-12-30T00:00:00", "type": "openvas", "title": "Fedora Core 12 FEDORA-2009-12606 (httpd)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3555", "CVE-2009-3095"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066557", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066557", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_12606.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-12606 (httpd)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details, please visit the referenced advisories.\n\nChangeLog:\n\n* Thu Dec 3 2009 Joe Orton - 2.2.14-1\n- update to 2.2.14\n- relax permissions on /var/run/httpd (#495780)\n- Requires(pre): httpd in mod_ssl subpackage (#543275)\n- add partial security fix for CVE-2009-3555 (#533125)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update httpd' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12606\";\ntag_summary = \"The remote host is missing an update to Apache HTTP Server\nannounced via advisory FEDORA-2009-12606.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66557\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-30 21:58:43 +0100 (Wed, 30 Dec 2009)\");\n script_cve_id(\"CVE-2009-3555\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 12 FEDORA-2009-12606 (httpd)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=521619\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=522209\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.14~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.14~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-tools\", rpm:\"httpd-tools~2.2.14~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.14~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.2.14~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.14~1.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:25", "description": "The remote host is missing an update to httpd\nannounced via advisory FEDORA-2009-12604.", "cvss3": {}, "published": "2009-12-14T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-12604 (httpd)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3555", "CVE-2009-3095"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066498", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066498", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_12604.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-12604 (httpd)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache HTTP Server is a powerful, efficient, and extensible\nweb server.\n\nUpdate Information:\n\nThis update contains the latest stable release of Apache httpd. Three security\nfixes are included, along with several minor bug fixes. A flaw was found in\nthe way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols\nhandle session renegotiation. A man-in-the-middle attacker could use this flaw\nto prefix arbitrary plain text to a client's session (for example, an HTTPS\nconnection to a website). This could force the server to process an attacker's\nrequest as if authenticated using the victim's credentials. This update\npartially mitigates this flaw for SSL sessions to HTTP servers using mod_ssl by\nrejecting client-requested renegotiation. (CVE-2009-3555) Note: This update\ndoes not fully resolve the issue for HTTPS servers. An attack is still possible\nin configurations that require a server-initiated renegotiation\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp module. A\nmalicious FTP server to which requests are being proxied could use this flaw to\ncrash an httpd child process via a malformed reply to the EPSV or PASV commands,\nresulting in a limited denial of service. (CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a reverse\nproxy configuration, a remote attacker could use this flaw to bypass\nintended access restrictions by creating a carefully-crafted HTTP\nAuthorization header, allowing the attacker to send arbitrary commands\nto the FTP server. (CVE-2009-3095)\n\nSee the upstream changes file for further information:\nhttp://www.apache.org/dist/httpd/CHANGES_2.2.14\n\nChangeLog:\n\n* Thu Dec 3 2009 Joe Orton - 2.2.14-1\n- update to 2.2.14\n- Requires(pre): httpd in mod_ssl subpackage (#543275)\n- add partial security fix for CVE-2009-3555 (#533125)\n- add condrestart in posttrans (#491567)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update httpd' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12604\";\ntag_summary = \"The remote host is missing an update to httpd\nannounced via advisory FEDORA-2009-12604.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66498\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-14 23:06:43 +0100 (Mon, 14 Dec 2009)\");\n script_cve_id(\"CVE-2009-3555\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 10 FEDORA-2009-12604 (httpd)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=521619\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=522209\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.14~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.14~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.14~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-tools\", rpm:\"httpd-tools~2.2.14~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.14~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.2.14~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:28", "description": "Check for the Version of httpd", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for httpd CESA-2009:1579 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3555", "CVE-2009-3095"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880706", "href": "http://plugins.openvas.org/nasl.php?oid=880706", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for httpd CESA-2009:1579 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache HTTP Server is a popular Web server.\n\n A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\n Sockets Layer) protocols handle session renegotiation. A man-in-the-middle\n attacker could use this flaw to prefix arbitrary plain text to a client's\n session (for example, an HTTPS connection to a website). This could force\n the server to process an attacker's request as if authenticated using the\n victim's credentials. This update partially mitigates this flaw for SSL\n sessions to HTTP servers using mod_ssl by rejecting client-requested\n renegotiation. (CVE-2009-3555)\n \n Note: This update does not fully resolve the issue for HTTPS servers. An\n attack is still possible in configurations that require a server-initiated\n renegotiation. Refer to the following Knowledgebase article for further\n information: http://kbase.redhat.com/faq/docs/DOC-20491\n \n A NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\n module. A malicious FTP server to which requests are being proxied could\n use this flaw to crash an httpd child process via a malformed reply to the\n EPSV or PASV commands, resulting in a limited denial of service.\n (CVE-2009-3094)\n \n A second flaw was found in the Apache mod_proxy_ftp module. In a reverse\n proxy configuration, a remote attacker could use this flaw to bypass\n intended access restrictions by creating a carefully-crafted HTTP\n Authorization header, allowing the attacker to send arbitrary commands to\n the FTP server. (CVE-2009-3095)\n \n All httpd users should upgrade to these updated packages, which contain\n backported patches to correct these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"httpd on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-November/016326.html\");\n script_id(880706);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2009:1579\");\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_name(\"CentOS Update for httpd CESA-2009:1579 centos5 i386\");\n\n script_summary(\"Check for the Version of httpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.3~31.el5.centos.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.3~31.el5.centos.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.3~31.el5.centos.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.3~31.el5.centos.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:18", "description": "The remote host is missing updates to httpd announced in\nadvisory CESA-2009:1579.", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1579 (httpd)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3555", "CVE-2009-3095"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066274", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066274", "sourceData": "#CESA-2009:1579 66274 4\n# $Id: ovcesa2009_1579.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1579 (httpd)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1579\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1579\nhttps://rhn.redhat.com/errata/RHSA-2009-1579.html\";\ntag_summary = \"The remote host is missing updates to httpd announced in\nadvisory CESA-2009:1579.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66274\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:1579 (httpd)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.0.46~77.ent.centos\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.0.46~77.ent.centos\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.0.46~77.ent.centos\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.3~31.el5.centos.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.3~31.el5.centos.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.3~31.el5.centos.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.3~31.el5.centos.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-27T10:55:43", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1579.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. This update partially mitigates this flaw for SSL\nsessions to HTTP servers using mod_ssl by rejecting client-requested\nrenegotiation. (CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers. An\nattack is still possible in configurations that require a server-initiated\nrenegotiation. Refer to the following Knowledgebase article for further\ninformation: http://kbase.redhat.com/faq/docs/DOC-20491\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\nmodule. A malicious FTP server to which requests are being proxied could\nuse this flaw to crash an httpd child process via a malformed reply to the\nEPSV or PASV commands, resulting in a limited denial of service.\n(CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a reverse\nproxy configuration, a remote attacker could use this flaw to bypass\nintended access restrictions by creating a carefully-crafted HTTP\nAuthorization header, allowing the attacker to send arbitrary commands to\nthe FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1579", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3555", "CVE-2009-3095"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:66241", "href": "http://plugins.openvas.org/nasl.php?oid=66241", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1579.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1579 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1579.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. This update partially mitigates this flaw for SSL\nsessions to HTTP servers using mod_ssl by rejecting client-requested\nrenegotiation. (CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers. An\nattack is still possible in configurations that require a server-initiated\nrenegotiation. Refer to the following Knowledgebase article for further\ninformation: http://kbase.redhat.com/faq/docs/DOC-20491\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\nmodule. A malicious FTP server to which requests are being proxied could\nuse this flaw to crash an httpd child process via a malformed reply to the\nEPSV or PASV commands, resulting in a limited denial of service.\n(CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a reverse\nproxy configuration, a remote attacker could use this flaw to bypass\nintended access restrictions by creating a carefully-crafted HTTP\nAuthorization header, allowing the attacker to send arbitrary commands to\nthe FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(66241);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:1579\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1579.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n script_xref(name : \"URL\" , value : \"http://kbase.redhat.com/faq/docs/DOC-20491\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.0.46~77.ent\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.0.46~77.ent\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.0.46~77.ent\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.0.46~77.ent\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.3~31.el5_4.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.2.3~31.el5_4.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.3~31.el5_4.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.3~31.el5_4.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.3~31.el5_4.2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:57:09", "description": "The remote host is missing an update to httpd\nannounced via advisory FEDORA-2009-12604.", "cvss3": {}, "published": "2009-12-14T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-12604 (httpd)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3555", "CVE-2009-3095"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:66498", "href": "http://plugins.openvas.org/nasl.php?oid=66498", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_12604.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-12604 (httpd)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache HTTP Server is a powerful, efficient, and extensible\nweb server.\n\nUpdate Information:\n\nThis update contains the latest stable release of Apache httpd. Three security\nfixes are included, along with several minor bug fixes. A flaw was found in\nthe way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols\nhandle session renegotiation. A man-in-the-middle attacker could use this flaw\nto prefix arbitrary plain text to a client's session (for example, an HTTPS\nconnection to a website). This could force the server to process an attacker's\nrequest as if authenticated using the victim's credentials. This update\npartially mitigates this flaw for SSL sessions to HTTP servers using mod_ssl by\nrejecting client-requested renegotiation. (CVE-2009-3555) Note: This update\ndoes not fully resolve the issue for HTTPS servers. An attack is still possible\nin configurations that require a server-initiated renegotiation\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp module. A\nmalicious FTP server to which requests are being proxied could use this flaw to\ncrash an httpd child process via a malformed reply to the EPSV or PASV commands,\nresulting in a limited denial of service. (CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a reverse\nproxy configuration, a remote attacker could use this flaw to bypass\nintended access restrictions by creating a carefully-crafted HTTP\nAuthorization header, allowing the attacker to send arbitrary commands\nto the FTP server. (CVE-2009-3095)\n\nSee the upstream changes file for further information:\nhttp://www.apache.org/dist/httpd/CHANGES_2.2.14\n\nChangeLog:\n\n* Thu Dec 3 2009 Joe Orton - 2.2.14-1\n- update to 2.2.14\n- Requires(pre): httpd in mod_ssl subpackage (#543275)\n- add partial security fix for CVE-2009-3555 (#533125)\n- add condrestart in posttrans (#491567)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update httpd' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12604\";\ntag_summary = \"The remote host is missing an update to httpd\nannounced via advisory FEDORA-2009-12604.\";\n\n\n\nif(description)\n{\n script_id(66498);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-14 23:06:43 +0100 (Mon, 14 Dec 2009)\");\n script_cve_id(\"CVE-2009-3555\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 10 FEDORA-2009-12604 (httpd)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=521619\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=522209\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.14~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.14~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.14~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-tools\", rpm:\"httpd-tools~2.2.14~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.14~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.2.14~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:27", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for httpd CESA-2009:1580 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3555", "CVE-2009-3095", "CVE-2009-1891"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880691", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880691", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for httpd CESA-2009:1580 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.880691\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2009:1580\");\n script_cve_id(\"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_name(\"CentOS Update for httpd CESA-2009:1580 centos4 i386\");\n\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-November/016318.html\");\n script_xref(name:\"URL\", value:\"http://kbase.redhat.com/faq/docs/DOC-20491\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'httpd'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"httpd on CentOS 4\");\n script_tag(name:\"insight\", value:\"The Apache HTTP Server is a popular Web server.\n\n A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\n Sockets Layer) protocols handle session renegotiation. A man-in-the-middle\n attacker could use this flaw to prefix arbitrary plain text to a client's\n session (for example, an HTTPS connection to a website). This could force\n the server to process an attacker's request as if authenticated using the\n victim's credentials. This update partially mitigates this flaw for SSL\n sessions to HTTP servers using mod_ssl by rejecting client-requested\n renegotiation. (CVE-2009-3555)\n\n Note: This update does not fully resolve the issue for HTTPS servers. An\n attack is still possible in configurations that require a server-initiated\n renegotiation. Refer to the linked following Knowledgebase article for further\n information.\n\n A denial of service flaw was found in the Apache mod_deflate module. This\n module continued to compress large files until compression was complete,\n even if the network connection that requested the content was closed before\n compression completed. This would cause mod_deflate to consume large\n amounts of CPU if mod_deflate was enabled for a large file. (CVE-2009-1891)\n\n A NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\n module. A malicious FTP server to which requests are being proxied could\n use this flaw to crash an httpd child process via a malformed reply to the\n EPSV or PASV commands, resulting in a limited denial of service.\n (CVE-2009-3094)\n\n A second flaw was found in the Apache mod_proxy_ftp module. In a reverse\n proxy configuration, a remote attacker could use this flaw to bypass\n intended access restrictions by creating a carefully-crafted HTTP\n Authorization header, allowing the attacker to send arbitrary commands to\n the FTP server. (CVE-2009-3095)\n\n All httpd users should upgrade to these updated packages, which contain\n backported patches to correct these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.0.52~41.ent.6.centos4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.0.52~41.ent.6.centos4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.0.52~41.ent.6.centos4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-suexec\", rpm:\"httpd-suexec~2.0.52~41.ent.6.centos4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.0.52~41.ent.6.centos4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-26T08:55:59", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2\n apache2-devel\n apache2-doc\n apache2-example-pages\n apache2-prefork\n apache2-worker\n libapr0\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5060942 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-27T00:00:00", "type": "openvas", "title": "SLES9: Security update for Apache 2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-1890", "CVE-2009-3095", "CVE-2009-1891"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:66070", "href": "http://plugins.openvas.org/nasl.php?oid=66070", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5060942.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for Apache 2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2\n apache2-devel\n apache2-doc\n apache2-example-pages\n apache2-prefork\n apache2-worker\n libapr0\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5060942 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(66070);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-27 01:37:56 +0100 (Tue, 27 Oct 2009)\");\n script_cve_id(\"CVE-2009-1890\", \"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES9: Security update for Apache 2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.0.59~1.14\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:24", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1580.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. This update partially mitigates this flaw for SSL\nsessions to HTTP servers using mod_ssl by rejecting client-requested\nrenegotiation. (CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers. An\nattack is still possible in configurations that require a server-initiated\nrenegotiation. Refer to the following Knowledgebase article for further\ninformation: http://kbase.redhat.com/faq/docs/DOC-20491\n\nA denial of service flaw was found in the Apache mod_deflate module. This\nmodule continued to compress large files until compression was complete,\neven if the network connection that requested the content was closed before\ncompression completed. This would cause mod_deflate to consume large\namounts of CPU if mod_deflate was enabled for a large file. (CVE-2009-1891)\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\nmodule. A malicious FTP server to which requests are being proxied could\nuse this flaw to crash an httpd child process via a malformed reply to the\nEPSV or PASV commands, resulting in a limited denial of service.\n(CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a reverse\nproxy configuration, a remote attacker could use this flaw to bypass\nintended access restrictions by creating a carefully-crafted HTTP\nAuthorization header, allowing the attacker to send arbitrary commands to\nthe FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1580", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3555", "CVE-2009-3095", "CVE-2009-1891"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066240", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066240", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1580.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1580 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1580.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. This update partially mitigates this flaw for SSL\nsessions to HTTP servers using mod_ssl by rejecting client-requested\nrenegotiation. (CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers. An\nattack is still possible in configurations that require a server-initiated\nrenegotiation. Refer to the following Knowledgebase article for further\ninformation: http://kbase.redhat.com/faq/docs/DOC-20491\n\nA denial of service flaw was found in the Apache mod_deflate module. This\nmodule continued to compress large files until compression was complete,\neven if the network connection that requested the content was closed before\ncompression completed. This would cause mod_deflate to consume large\namounts of CPU if mod_deflate was enabled for a large file. (CVE-2009-1891)\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\nmodule. A malicious FTP server to which requests are being proxied could\nuse this flaw to crash an httpd child process via a malformed reply to the\nEPSV or PASV commands, resulting in a limited denial of service.\n(CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a reverse\nproxy configuration, a remote attacker could use this flaw to bypass\nintended access restrictions by creating a carefully-crafted HTTP\nAuthorization header, allowing the attacker to send arbitrary commands to\nthe FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66240\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:1580\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1580.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n script_xref(name : \"URL\" , value : \"http://kbase.redhat.com/faq/docs/DOC-20491\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.0.52~41.ent.6\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.0.52~41.ent.6\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.0.52~41.ent.6\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.0.52~41.ent.6\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-suexec\", rpm:\"httpd-suexec~2.0.52~41.ent.6\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.0.52~41.ent.6\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:30", "description": "The remote host is missing updates to httpd announced in\nadvisory CESA-2009:1580.", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1580 (httpd)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3555", "CVE-2009-3095", "CVE-2009-1891"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066275", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066275", "sourceData": "#CESA-2009:1580 66275 2\n# $Id: ovcesa2009_1580.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1580 (httpd)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1580\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1580\nhttps://rhn.redhat.com/errata/RHSA-2009-1580.html\";\ntag_summary = \"The remote host is missing updates to httpd announced in\nadvisory CESA-2009:1580.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66275\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:1580 (httpd)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.0.52~41.ent.6.centos4\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.0.52~41.ent.6.centos4\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.0.52~41.ent.6.centos4\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-suexec\", rpm:\"httpd-suexec~2.0.52~41.ent.6.centos4\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.0.52~41.ent.6.centos4\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-27T10:56:45", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1580.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. This update partially mitigates this flaw for SSL\nsessions to HTTP servers using mod_ssl by rejecting client-requested\nrenegotiation. (CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers. An\nattack is still possible in configurations that require a server-initiated\nrenegotiation. Refer to the following Knowledgebase article for further\ninformation: http://kbase.redhat.com/faq/docs/DOC-20491\n\nA denial of service flaw was found in the Apache mod_deflate module. This\nmodule continued to compress large files until compression was complete,\neven if the network connection that requested the content was closed before\ncompression completed. This would cause mod_deflate to consume large\namounts of CPU if mod_deflate was enabled for a large file. (CVE-2009-1891)\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\nmodule. A malicious FTP server to which requests are being proxied could\nuse this flaw to crash an httpd child process via a malformed reply to the\nEPSV or PASV commands, resulting in a limited denial of service.\n(CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a reverse\nproxy configuration, a remote attacker could use this flaw to bypass\nintended access restrictions by creating a carefully-crafted HTTP\nAuthorization header, allowing the attacker to send arbitrary commands to\nthe FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1580", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3555", "CVE-2009-3095", "CVE-2009-1891"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:66240", "href": "http://plugins.openvas.org/nasl.php?oid=66240", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1580.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1580 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1580.\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. This update partially mitigates this flaw for SSL\nsessions to HTTP servers using mod_ssl by rejecting client-requested\nrenegotiation. (CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers. An\nattack is still possible in configurations that require a server-initiated\nrenegotiation. Refer to the following Knowledgebase article for further\ninformation: http://kbase.redhat.com/faq/docs/DOC-20491\n\nA denial of service flaw was found in the Apache mod_deflate module. This\nmodule continued to compress large files until compression was complete,\neven if the network connection that requested the content was closed before\ncompression completed. This would cause mod_deflate to consume large\namounts of CPU if mod_deflate was enabled for a large file. (CVE-2009-1891)\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\nmodule. A malicious FTP server to which requests are being proxied could\nuse this flaw to crash an httpd child process via a malformed reply to the\nEPSV or PASV commands, resulting in a limited denial of service.\n(CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a reverse\nproxy configuration, a remote attacker could use this flaw to bypass\nintended access restrictions by creating a carefully-crafted HTTP\nAuthorization header, allowing the attacker to send arbitrary commands to\nthe FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(66240);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:1580\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1580.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n script_xref(name : \"URL\" , value : \"http://kbase.redhat.com/faq/docs/DOC-20491\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.0.52~41.ent.6\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.0.52~41.ent.6\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.0.52~41.ent.6\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.0.52~41.ent.6\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-suexec\", rpm:\"httpd-suexec~2.0.52~41.ent.6\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.0.52~41.ent.6\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:37", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2\n apache2-devel\n apache2-doc\n apache2-example-pages\n apache2-prefork\n apache2-worker\n libapr0\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5060942 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-27T00:00:00", "type": "openvas", "title": "SLES9: Security update for Apache 2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-1890", "CVE-2009-3095", "CVE-2009-1891"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066070", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066070", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5060942.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for Apache 2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2\n apache2-devel\n apache2-doc\n apache2-example-pages\n apache2-prefork\n apache2-worker\n libapr0\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5060942 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66070\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-27 01:37:56 +0100 (Tue, 27 Oct 2009)\");\n script_cve_id(\"CVE-2009-1890\", \"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES9: Security update for Apache 2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.0.59~1.14\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:45", "description": "Check for the Version of httpd", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for httpd CESA-2009:1580 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3555", "CVE-2009-3095", "CVE-2009-1891"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880691", "href": "http://plugins.openvas.org/nasl.php?oid=880691", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for httpd CESA-2009:1580 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache HTTP Server is a popular Web server.\n\n A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\n Sockets Layer) protocols handle session renegotiation. A man-in-the-middle\n attacker could use this flaw to prefix arbitrary plain text to a client's\n session (for example, an HTTPS connection to a website). This could force\n the server to process an attacker's request as if authenticated using the\n victim's credentials. This update partially mitigates this flaw for SSL\n sessions to HTTP servers using mod_ssl by rejecting client-requested\n renegotiation. (CVE-2009-3555)\n \n Note: This update does not fully resolve the issue for HTTPS servers. An\n attack is still possible in configurations that require a server-initiated\n renegotiation. Refer to the following Knowledgebase article for further\n information: http://kbase.redhat.com/faq/docs/DOC-20491\n \n A denial of service flaw was found in the Apache mod_deflate module. This\n module continued to compress large files until compression was complete,\n even if the network connection that requested the content was closed before\n compression completed. This would cause mod_deflate to consume large\n amounts of CPU if mod_deflate was enabled for a large file. (CVE-2009-1891)\n \n A NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\n module. A malicious FTP server to which requests are being proxied could\n use this flaw to crash an httpd child process via a malformed reply to the\n EPSV or PASV commands, resulting in a limited denial of service.\n (CVE-2009-3094)\n \n A second flaw was found in the Apache mod_proxy_ftp module. In a reverse\n proxy configuration, a remote attacker could use this flaw to bypass\n intended access restrictions by creating a carefully-crafted HTTP\n Authorization header, allowing the attacker to send arbitrary commands to\n the FTP server. (CVE-2009-3095)\n \n All httpd users should upgrade to these updated packages, which contain\n backported patches to correct these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"httpd on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-November/016318.html\");\n script_id(880691);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2009:1580\");\n script_cve_id(\"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_name(\"CentOS Update for httpd CESA-2009:1580 centos4 i386\");\n\n script_summary(\"Check for the Version of httpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.0.52~41.ent.6.centos4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.0.52~41.ent.6.centos4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.0.52~41.ent.6.centos4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-suexec\", rpm:\"httpd-suexec~2.0.52~41.ent.6.centos4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.0.52~41.ent.6.centos4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:07", "description": "The remote host is missing updates to httpd announced in\nadvisory CESA-2009:1580.", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1580 (httpd)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3555", "CVE-2009-3095", "CVE-2009-1891"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:66275", "href": "http://plugins.openvas.org/nasl.php?oid=66275", "sourceData": "#CESA-2009:1580 66275 2\n# $Id: ovcesa2009_1580.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1580 (httpd)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1580\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1580\nhttps://rhn.redhat.com/errata/RHSA-2009-1580.html\";\ntag_summary = \"The remote host is missing updates to httpd announced in\nadvisory CESA-2009:1580.\";\n\n\n\nif(description)\n{\n script_id(66275);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:1580 (httpd)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.0.52~41.ent.6.centos4\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.0.52~41.ent.6.centos4\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.0.52~41.ent.6.centos4\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-suexec\", rpm:\"httpd-suexec~2.0.52~41.ent.6.centos4\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.0.52~41.ent.6.centos4\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:55:40", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2\n apache2-doc\n apache2-example-pages\n apache2-prefork\n apache2-utils\n apache2-worker\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-27T00:00:00", "type": "openvas", "title": "SLES11: Security update for Apache 2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-1890", "CVE-2009-3095", "CVE-2009-1891", "CVE-2009-1195"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:66081", "href": "http://plugins.openvas.org/nasl.php?oid=66081", "sourceData": "#\n#VID ca7f5abf8025ba6ef69af14cd6570458\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Apache 2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2\n apache2-doc\n apache2-example-pages\n apache2-prefork\n apache2-utils\n apache2-worker\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=521906\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=513080\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=512583\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=539571\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=519194\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=538322\");\n script_id(66081);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-27 01:37:56 +0100 (Tue, 27 Oct 2009)\");\n script_cve_id(\"CVE-2009-1195\", \"CVE-2009-1890\", \"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES11: Security update for Apache 2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.10~2.21.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.10~2.21.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.10~2.21.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.10~2.21.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-utils\", rpm:\"apache2-utils~2.2.10~2.21.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.10~2.21.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:55:37", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2\n apache2-devel\n apache2-doc\n apache2-example-pages\n apache2-prefork\n apache2-worker\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-27T00:00:00", "type": "openvas", "title": "SLES10: Security update for Apache 2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-1890", "CVE-2009-3095", "CVE-2009-1891", "CVE-2009-1195"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:66074", "href": "http://plugins.openvas.org/nasl.php?oid=66074", "sourceData": "#\n#VID slesp2-apache2-6571\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Apache 2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2\n apache2-devel\n apache2-doc\n apache2-example-pages\n apache2-prefork\n apache2-worker\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(66074);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-27 01:37:56 +0100 (Tue, 27 Oct 2009)\");\n script_cve_id(\"CVE-2009-1195\", \"CVE-2009-1890\", \"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES10: Security update for Apache 2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.3~16.25.4\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.3~16.25.4\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.3~16.25.4\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.3~16.25.4\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.3~16.25.4\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.3~16.25.4\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:28", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2\n apache2-devel\n apache2-doc\n apache2-example-pages\n apache2-prefork\n apache2-worker\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-27T00:00:00", "type": "openvas", "title": "SLES10: Security update for Apache 2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-1890", "CVE-2009-3095", "CVE-2009-1891", "CVE-2009-1195"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066074", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066074", "sourceData": "#\n#VID slesp2-apache2-6571\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Apache 2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2\n apache2-devel\n apache2-doc\n apache2-example-pages\n apache2-prefork\n apache2-worker\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66074\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-27 01:37:56 +0100 (Tue, 27 Oct 2009)\");\n script_cve_id(\"CVE-2009-1195\", \"CVE-2009-1890\", \"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES10: Security update for Apache 2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.3~16.25.4\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.3~16.25.4\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.3~16.25.4\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.3~16.25.4\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.3~16.25.4\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.3~16.25.4\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:38", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2\n apache2-doc\n apache2-example-pages\n apache2-prefork\n apache2-utils\n apache2-worker\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-27T00:00:00", "type": "openvas", "title": "SLES11: Security update for Apache 2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-1890", "CVE-2009-3095", "CVE-2009-1891", "CVE-2009-1195"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066081", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066081", "sourceData": "#\n#VID ca7f5abf8025ba6ef69af14cd6570458\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Apache 2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2\n apache2-doc\n apache2-example-pages\n apache2-prefork\n apache2-utils\n apache2-worker\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=521906\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=513080\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=512583\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=539571\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=519194\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=538322\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.66081\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-27 01:37:56 +0100 (Tue, 27 Oct 2009)\");\n script_cve_id(\"CVE-2009-1195\", \"CVE-2009-1890\", \"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES11: Security update for Apache 2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.10~2.21.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.10~2.21.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.10~2.21.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.10~2.21.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-utils\", rpm:\"apache2-utils~2.2.10~2.21.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.10~2.21.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:13:56", "description": "The host is running Apache and is prone to Denial of Service\n vulnerability.", "cvss3": {}, "published": "2009-09-16T00:00:00", "type": "openvas", "title": "Apache 'mod_proxy_ftp' Module Denial Of Service Vulnerability (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094"], "modified": "2017-02-21T00:00:00", "id": "OPENVAS:900841", "href": "http://plugins.openvas.org/nasl.php?oid=900841", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_apache_mod_proxy_ftp_dos_vuln.nasl 5390 2017-02-21 18:39:27Z mime $\n#\n# Apache 'mod_proxy_ftp' Module Denial Of Service Vulnerability (Linux)\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow remote attackers to cause a Denial of\n Service in the context of the affected application.\n Impact Level: Application\";\ntag_affected = \"Apache HTTP Server version 2.0.x to 2.0.63 and and 2.2.x to 2.2.13 on Linux.\";\ntag_insight = \"The flaw is due to an error in 'ap_proxy_ftp_handler' function in\n modules/proxy/proxy_ftp.c in the mod_proxy_ftp module while processing\n responses received from FTP servers. This can be exploited to trigger a\n NULL-pointer dereference and crash an Apache child process via a malformed\n EPSV response.\";\ntag_solution = \"Upgrade to Apache HTTP Server version 2.2.15 or later\n For updates refer to http://www.apache.org/\";\ntag_summary = \"The host is running Apache and is prone to Denial of Service\n vulnerability.\";\n\nif(description)\n{\n script_id(900841);\n script_version(\"$Revision: 5390 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-21 19:39:27 +0100 (Tue, 21 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-16 15:34:19 +0200 (Wed, 16 Sep 2009)\");\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_cve_id(\"CVE-2009-3094\");\n script_bugtraq_id(36260);\n script_name(\"Apache 'mod_proxy_ftp' Module Denial Of Service Vulnerability (Linux)\");\n script_xref(name : \"URL\" , value : \"http://intevydis.com/vd-list.shtml\");\n script_xref(name : \"URL\" , value : \"http://www.intevydis.com/blog/?p=59\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/36549\");\n script_xref(name : \"URL\" , value : \"http://httpd.apache.org/docs/2.0/mod/mod_proxy_ftp.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_get_http_banner.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"apache/banner\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n\ninclude(\"http_func.inc\");\ninclude(\"version_func.inc\");\ninclude(\"global_settings.inc\");\n\napachePort = get_http_port(default:80);\n\nif(!apachePort){\n apachePort = 80;\n}\n\nif(!get_port_state(apachePort))\n{\n exit(0);\n}\n\nbanner = get_http_banner(port:apachePort);\n\nif(banner =~ \"Apache/([0-9.]+) \\(Win32\\)\")\n{\n exit(0);\n}\n\napacheVer = eregmatch(pattern:\"Server: Apache/([0-9.]+)\", string:banner);\n\nif(!isnull(apacheVer[1]))\n{\n # Check for Apache version 2.0 <= 2.0.63 and 2.2 <= 2.2.13\n if(version_in_range(version:apacheVer[1], test_version:\"2.0.0\", test_version2:\"2.0.63\")||\n version_in_range(version:apacheVer[1], test_version:\"2.2.0\", test_version2:\"2.2.13\")){\n security_message(apachePort);\n }\n}\n", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2020-05-12T17:33:23", "description": "The host is running Apache and is prone to Denial of Service\n vulnerability.", "cvss3": {}, "published": "2009-09-16T00:00:00", "type": "openvas", "title": "Apache 'mod_proxy_ftp' Module Denial Of Service Vulnerability (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094"], "modified": "2020-05-08T00:00:00", "id": "OPENVAS:1361412562310900841", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900841", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apache 'mod_proxy_ftp' Module Denial Of Service Vulnerability (Linux)\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:http_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900841\");\n script_version(\"2020-05-08T08:34:44+0000\");\n script_tag(name:\"last_modification\", value:\"2020-05-08 08:34:44 +0000 (Fri, 08 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2009-09-16 15:34:19 +0200 (Wed, 16 Sep 2009)\");\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_cve_id(\"CVE-2009-3094\");\n script_bugtraq_id(36260);\n script_name(\"Apache 'mod_proxy_ftp' Module Denial Of Service Vulnerability (Linux)\");\n script_xref(name:\"URL\", value:\"http://intevydis.com/vd-list.shtml\");\n script_xref(name:\"URL\", value:\"http://www.intevydis.com/blog/?p=59\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/36549\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Denial of Service\");\n script_dependencies(\"secpod_apache_detect.nasl\");\n script_mandatory_keys(\"apache/installed\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow remote attackers to cause a Denial of\n Service in the context of the affected application.\");\n\n script_tag(name:\"affected\", value:\"Apache HTTP Server version 2.0.x to 2.0.63 and 2.2.x to 2.2.13 on Linux.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to an error in 'ap_proxy_ftp_handler' function in\n modules/proxy/proxy_ftp.c in the mod_proxy_ftp module while processing\n responses received from FTP servers. This can be exploited to trigger a\n NULL-pointer dereference and crash an Apache child process via a malformed EPSV response.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apache HTTP Server version 2.2.15 or later.\");\n\n script_tag(name:\"summary\", value:\"The host is running Apache and is prone to Denial of Service\n vulnerability.\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!port = get_app_port(cpe:CPE))\n exit(0);\n\nif(!vers = get_app_version(cpe:CPE, port:port))\n exit(0);\n\nbanner = http_get_remote_headers(port:port);\nif(banner =~ \"Apache/([0-9.]+) \\(Win32\\)\")\n exit(0);\n\nif(version_in_range(version:vers, test_version:\"2.0.0\", test_version2:\"2.0.63\") ||\n version_in_range(version:vers, test_version:\"2.2.0\", test_version2:\"2.2.13\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"2.2.15\");\n security_message(port:port, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-02T21:14:06", "description": "The host is running Apache and is prone to Command Injection\n vulnerability.", "cvss3": {}, "published": "2009-09-16T00:00:00", "type": "openvas", "title": "Apache 'mod_proxy_ftp' Module Command Injection Vulnerability (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3095"], "modified": "2017-02-21T00:00:00", "id": "OPENVAS:900842", "href": "http://plugins.openvas.org/nasl.php?oid=900842", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_apache_mod_proxy_ftp_cmd_inj_vuln.nasl 5390 2017-02-21 18:39:27Z mime $\n#\n# Apache 'mod_proxy_ftp' Module Command Injection Vulnerability (Linux)\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow remote attackers to bypass intended access\n restrictions in the context of the affected application, and can cause the\n arbitrary command injection.\n Impact Level: Application\";\ntag_affected = \"Apache HTTP Server on Linux.\";\ntag_insight = \"The flaw is due to error in the mod_proxy_ftp module which can be exploited\n via vectors related to the embedding of these commands in the Authorization\n HTTP header.\";\ntag_solution = \"Upgrade to Apache HTTP Server version 2.2.15 or later\n For updates refer to http://www.apache.org/\";\ntag_summary = \"The host is running Apache and is prone to Command Injection\n vulnerability.\";\n\nif(description)\n{\n script_id(900842);\n script_version(\"$Revision: 5390 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-21 19:39:27 +0100 (Tue, 21 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-16 15:34:19 +0200 (Wed, 16 Sep 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_cve_id(\"CVE-2009-3095\");\n script_bugtraq_id(36254);\n script_name(\"Apache 'mod_proxy_ftp' Module Command Injection Vulnerability (Linux)\");\n script_xref(name : \"URL\" , value : \"http://intevydis.com/vd-list.shtml\");\n script_xref(name : \"URL\" , value : \"http://httpd.apache.org/docs/2.0/mod/mod_proxy_ftp.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"General\");\n script_dependencies(\"gb_get_http_banner.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"apache/banner\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n\ninclude(\"http_func.inc\");\ninclude(\"version_func.inc\");\ninclude(\"global_settings.inc\");\n\napachePort = get_http_port(default:80);\nif(!apachePort){\n apachePort = 80;\n}\n\nif(!get_port_state(apachePort))\n{\n exit(0);\n}\n\nbanner = get_http_banner(port:apachePort);\nif(banner =~ \"Apache/([0-9.]+) \\(Win32\\)\")\n{\n exit(0);\n}\n\napacheVer = eregmatch(pattern:\"Server: Apache/([0-9.]+)\", string:banner);\nif(apacheVer[1] != NULL)\n{\n # Grep for Apache version <= 1.3.41 or 2.0 <= 2.0.63 or 2.1 <= 2.2.13\n if(version_is_less_equal(version:apacheVer[1], test_version:\"1.3.41\") ||\n version_in_range(version:apacheVer[1], test_version:\"2.0\", test_version2:\"2.0.63\")||\n version_in_range(version:apacheVer[1], test_version:\"2.1\", test_version2:\"2.2.13\")){\n security_message(apachePort);\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-05-12T17:33:30", "description": "The host is running Apache and is prone to Command Injection\n vulnerability.", "cvss3": {}, "published": "2009-09-16T00:00:00", "type": "openvas", "title": "Apache 'mod_proxy_ftp' Module Command Injection Vulnerability (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3095"], "modified": "2020-05-08T00:00:00", "id": "OPENVAS:1361412562310900842", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900842", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apache 'mod_proxy_ftp' Module Command Injection Vulnerability (Linux)\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:http_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900842\");\n script_version(\"2020-05-08T08:34:44+0000\");\n script_tag(name:\"last_modification\", value:\"2020-05-08 08:34:44 +0000 (Fri, 08 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2009-09-16 15:34:19 +0200 (Wed, 16 Sep 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_cve_id(\"CVE-2009-3095\");\n script_bugtraq_id(36254);\n script_name(\"Apache 'mod_proxy_ftp' Module Command Injection Vulnerability (Linux)\");\n script_xref(name:\"URL\", value:\"http://intevydis.com/vd-list.shtml\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Web Servers\");\n script_dependencies(\"secpod_apache_detect.nasl\");\n script_mandatory_keys(\"apache/installed\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow remote attackers to bypass intended access\n restrictions in the context of the affected application, and can cause the arbitrary command injection.\");\n\n script_tag(name:\"affected\", value:\"Apache HTTP Server on Linux.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to error in the mod_proxy_ftp module which can be exploited\n via vectors related to the embedding of these commands in the Authorization HTTP header.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apache HTTP Server version 2.2.15 or later.\");\n\n script_tag(name:\"summary\", value:\"The host is running Apache and is prone to Command Injection\n vulnerability.\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!port = get_app_port(cpe:CPE))\n exit(0);\n\nif(!vers = get_app_version(cpe:CPE, port:port))\n exit(0);\n\nbanner = http_get_remote_headers(port:port);\nif(banner =~ \"Apache/([0-9.]+) \\(Win32\\)\")\n exit(0);\n\nif(version_is_less_equal(version:vers, test_version:\"1.3.41\") ||\n version_in_range(version:vers, test_version:\"2.0\", test_version2:\"2.0.63\") ||\n version_in_range(version:vers, test_version:\"2.1\", test_version2:\"2.2.13\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"2.2.15\");\n security_message(port:port, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:54:42", "description": "Check for the Version of Apache-based Web Server", "cvss3": {}, "published": "2010-06-07T00:00:00", "type": "openvas", "title": "HP-UX Update for Apache-based Web Server HPSBUX02531", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0740", "CVE-2010-0434", "CVE-2009-3094", "CVE-2010-0408", "CVE-2009-3095", "CVE-2010-0433"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:1361412562310835233", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310835233", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for Apache-based Web Server HPSBUX02531\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote Denial of Service (DoS)\n unauthorized access\";\ntag_affected = \"Apache-based Web Server on\n HP-UX B.11.23, B.11.31 running Apache-based Web Server versions before \n v2.2.8.09 HP-UX B.11.11, B.11.23, B.11.31 running Apache-based Web Server \n versions before v2.0.59.15\";\ntag_insight = \"Potential security vulnerabilities have been identified with HP-UX running \n Apache-based Web Server. The vulnerabilities could be exploited remotely to \n cause a Denial of Service (DoS) or unauthorized access. Apache-based Web \n Server is contained in the Apache Web Server Suite.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02160663\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.835233\");\n script_version(\"$Revision: 8254 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 08:29:05 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-07 15:46:00 +0200 (Mon, 07 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"HPSBUX\", value: \"02531\");\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2010-0408\", \"CVE-2010-0740\", \"CVE-2010-0433\", \"CVE-2010-0434\");\n script_name(\"HP-UX Update for Apache-based Web Server HPSBUX02531\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of Apache-based Web Server\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.APACHE\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.APACHE2\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.AUTH_LDAP\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.AUTH_LDAP2\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.MOD_JK\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.MOD_JK2\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.MOD_PERL\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.MOD_PERL2\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.PHP\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.PHP2\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.WEBPROXY\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.WEBPROXY2\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.APACHE\", revision:\"B.2.0.59.15\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.APACHE2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.AUTH_LDAP\", revision:\"B.2.0.59.15\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.AUTH_LDAP2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.MOD_JK\", revision:\"B.2.0.59.15\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.MOD_JK2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.MOD_PERL\", revision:\"B.2.0.59.15\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.MOD_PERL2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.PHP\", revision:\"B.2.0.59.15\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.PHP2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.WEBPROXY\", revision:\"B.2.0.59.15\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.APACHE\", revision:\"B.2.2.8.09\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.APACHE2\", revision:\"B.2.2.8.09\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.AUTH_LDAP\", revision:\"B.2.2.8.09\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.AUTH_LDAP2\", revision:\"B.2.2.8.09\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.MOD_JK\", revision:\"B.2.2.8.09\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.MOD_JK2\", revision:\"B.2.2.8.09\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.MOD_PERL\", revision:\"B.2.2.8.09\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.MOD_PERL2\", revision:\"B.2.2.8.09\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.PHP\", revision:\"B.2.2.8.09\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.PHP2\", revision:\"B.2.2.8.09\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.APACHE\", revision:\"B.2.0.59.15\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.APACHE2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.AUTH_LDAP\", revision:\"B.2.0.59.15\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.AUTH_LDAP2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.MOD_JK\", revision:\"B.2.0.59.15\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.MOD_JK2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.MOD_PERL\", revision:\"B.2.0.59.15\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.MOD_PERL2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.PHP\", revision:\"B.2.0.59.15\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.PHP2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.WEBPROXY\", revision:\"B.2.0.59.15\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.APACHE\", revision:\"B.2.0.59.15\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.APACHE2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.AUTH_LDAP\", revision:\"B.2.0.59.15\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.AUTH_LDAP2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.MOD_JK\", revision:\"B.2.0.59.15\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.MOD_JK2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.MOD_PERL\", revision:\"B.2.0.59.15\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.MOD_PERL2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.PHP\", revision:\"B.2.0.59.15\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.PHP2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.WEBPROXY\", revision:\"B.2.0.59.15\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-14T11:48:52", "description": "Check for the Version of Apache-based Web Server", "cvss3": {}, "published": "2010-06-07T00:00:00", "type": "openvas", "title": "HP-UX Update for Apache-based Web Server HPSBUX02531", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0740", "CVE-2010-0434", "CVE-2009-3094", "CVE-2010-0408", "CVE-2009-3095", "CVE-2010-0433"], "modified": "2017-12-14T00:00:00", "id": "OPENVAS:835233", "href": "http://plugins.openvas.org/nasl.php?oid=835233", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for Apache-based Web Server HPSBUX02531\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote Denial of Service (DoS)\n unauthorized access\";\ntag_affected = \"Apache-based Web Server on\n HP-UX B.11.23, B.11.31 running Apache-based Web Server versions before \n v2.2.8.09 HP-UX B.11.11, B.11.23, B.11.31 running Apache-based Web Server \n versions before v2.0.59.15\";\ntag_insight = \"Potential security vulnerabilities have been identified with HP-UX running \n Apache-based Web Server. The vulnerabilities could be exploited remotely to \n cause a Denial of Service (DoS) or unauthorized access. Apache-based Web \n Server is contained in the Apache Web Server Suite.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02160663\");\n script_id(835233);\n script_version(\"$Revision: 8109 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-14 07:31:15 +0100 (Thu, 14 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-07 15:46:00 +0200 (Mon, 07 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"HPSBUX\", value: \"02531\");\n script_cve_id(\"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2010-0408\", \"CVE-2010-0740\", \"CVE-2010-0433\", \"CVE-2010-0434\");\n script_name(\"HP-UX Update for Apache-based Web Server HPSBUX02531\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of Apache-based Web Server\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.APACHE\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.APACHE2\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.AUTH_LDAP\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.AUTH_LDAP2\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.MOD_JK\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.MOD_JK2\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.MOD_PERL\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.MOD_PERL2\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.PHP\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.PHP2\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.WEBPROXY\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APCH32.WEBPROXY2\", revision:\"B.2.2.8.09\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.APACHE\", revision:\"B.2.0.59.15\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.APACHE2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.AUTH_LDAP\", revision:\"B.2.0.59.15\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.AUTH_LDAP2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.MOD_JK\", revision:\"B.2.0.59.15\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.MOD_JK2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.MOD_PERL\", revision:\"B.2.0.59.15\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.MOD_PERL2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.PHP\", revision:\"B.2.0.59.15\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.PHP2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.WEBPROXY\", revision:\"B.2.0.59.15\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.APACHE\", revision:\"B.2.2.8.09\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.APACHE2\", revision:\"B.2.2.8.09\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.AUTH_LDAP\", revision:\"B.2.2.8.09\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.AUTH_LDAP2\", revision:\"B.2.2.8.09\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.MOD_JK\", revision:\"B.2.2.8.09\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.MOD_JK2\", revision:\"B.2.2.8.09\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.MOD_PERL\", revision:\"B.2.2.8.09\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.MOD_PERL2\", revision:\"B.2.2.8.09\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.PHP\", revision:\"B.2.2.8.09\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxws22APACHE.PHP2\", revision:\"B.2.2.8.09\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.APACHE\", revision:\"B.2.0.59.15\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.APACHE2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.AUTH_LDAP\", revision:\"B.2.0.59.15\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.AUTH_LDAP2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.MOD_JK\", revision:\"B.2.0.59.15\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.MOD_JK2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.MOD_PERL\", revision:\"B.2.0.59.15\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.MOD_PERL2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.PHP\", revision:\"B.2.0.59.15\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.PHP2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPCH32.WEBPROXY\", revision:\"B.2.0.59.15\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.APACHE\", revision:\"B.2.0.59.15\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.APACHE2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.AUTH_LDAP\", revision:\"B.2.0.59.15\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.AUTH_LDAP2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.MOD_JK\", revision:\"B.2.0.59.15\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.MOD_JK2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.MOD_PERL\", revision:\"B.2.0.59.15\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.MOD_PERL2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.PHP\", revision:\"B.2.0.59.15\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.PHP2\", revision:\"B.2.0.59.15\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"hpuxwsAPACHE.WEBPROXY\", revision:\"B.2.0.59.15\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:34", "description": "The remote host is missing updates announced in\nadvisory SUSE-SA:2009:050.", "cvss3": {}, "published": "2009-10-27T00:00:00", "type": "openvas", "title": "SuSE Security Advisory SUSE-SA:2009:050 (apache2,libapr1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-1890", "CVE-2009-3095", "CVE-2009-2412", "CVE-2009-1891", "CVE-2009-1195"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066106", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066106", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sa_2009_050.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory SUSE-SA:2009:050 (apache2,libapr1)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache web server was updated to fix various security issues:\n- the option IncludesNOEXEC could be bypassed via .htaccess (CVE-2009-1195)\n- mod_proxy could run into an infinite loop when used as reverse proxy\n(CVE-2009-1890)\n- mod_deflate continued to compress large files even after a network\nconnection was closed, causing mod_deflate to consume large amounts\nof CPU (CVE-2009-1891)\n- The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in\nthe mod_proxy_ftp module allows remote FTP servers to cause a denial\nof service (NULL pointer dereference and child process crash) via a\nmalformed reply to an EPSV command. (CVE-2009-3094)\n- access restriction bypass in mod_proxy_ftp module (CVE-2009-3095)\n\nAlso the libapr1 and libapr-util1 Apache helper libraries were updated\nto fix multiple integer overflows that could probably be used to\nexecute arbitrary code remotely. (CVE-2009-2412)\";\ntag_solution = \"Update your system with the packages as indicated in\nthe referenced security advisory.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:050\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SA:2009:050.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66106\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-27 01:37:56 +0100 (Tue, 27 Oct 2009)\");\n script_cve_id(\"CVE-2009-1195\", \"CVE-2009-1890\", \"CVE-2009-1891\", \"CVE-2009-2412\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Advisory SUSE-SA:2009:050 (apache2,libapr1)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache2-debuginfo\", rpm:\"apache2-debuginfo~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-debugsource\", rpm:\"apache2-debugsource~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-debuginfo\", rpm:\"libapr-util1-debuginfo~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-debugsource\", rpm:\"libapr-util1-debugsource~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-debuginfo\", rpm:\"libapr1-debuginfo~1.3.3~12.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-debugsource\", rpm:\"libapr1-debugsource~1.3.3~12.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-utils\", rpm:\"apache2-utils~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1\", rpm:\"libapr-util1~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-mysql\", rpm:\"libapr-util1-dbd-mysql~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-pgsql\", rpm:\"libapr-util1-dbd-pgsql~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-sqlite3\", rpm:\"libapr-util1-dbd-sqlite3~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-devel\", rpm:\"libapr-util1-devel~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.3.3~12.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-devel\", rpm:\"libapr1-devel~1.3.3~12.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-debuginfo\", rpm:\"apache2-debuginfo~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-debugsource\", rpm:\"apache2-debugsource~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-debuginfo\", rpm:\"libapr-util1-debuginfo~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-debugsource\", rpm:\"libapr-util1-debugsource~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-debuginfo\", rpm:\"libapr1-debuginfo~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-debugsource\", rpm:\"libapr1-debugsource~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-utils\", rpm:\"apache2-utils~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1\", rpm:\"libapr-util1~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-mysql\", rpm:\"libapr-util1-dbd-mysql~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-pgsql\", rpm:\"libapr-util1-dbd-pgsql~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-sqlite3\", rpm:\"libapr-util1-dbd-sqlite3~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-devel\", rpm:\"libapr-util1-devel~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-devel\", rpm:\"libapr1-devel~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-utils\", rpm:\"apache2-utils~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1\", rpm:\"libapr-util1~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-mysql\", rpm:\"libapr-util1-dbd-mysql~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-pgsql\", rpm:\"libapr-util1-dbd-pgsql~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-sqlite3\", rpm:\"libapr-util1-dbd-sqlite3~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-devel\", rpm:\"libapr-util1-devel~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.2.9~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-devel\", rpm:\"libapr1-devel~1.2.9~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-64bit\", rpm:\"libapr-util1-64bit~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-devel-64bit\", rpm:\"libapr-util1-devel-64bit~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-64bit\", rpm:\"libapr1-64bit~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-devel-64bit\", rpm:\"libapr1-devel-64bit~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-64bit\", rpm:\"libapr-util1-64bit~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-devel-64bit\", rpm:\"libapr-util1-devel-64bit~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-64bit\", rpm:\"libapr1-64bit~1.2.9~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-devel-64bit\", rpm:\"libapr1-devel-64bit~1.2.9~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:18", "description": "The remote host is missing updates announced in\nadvisory SUSE-SA:2009:050.", "cvss3": {}, "published": "2009-10-27T00:00:00", "type": "openvas", "title": "SuSE Security Advisory SUSE-SA:2009:050 (apache2,libapr1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-1890", "CVE-2009-3095", "CVE-2009-2412", "CVE-2009-1891", "CVE-2009-1195"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:66106", "href": "http://plugins.openvas.org/nasl.php?oid=66106", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sa_2009_050.nasl 6668 2017-07-11 13:34:29Z cfischer $\n# Description: Auto-generated from advisory SUSE-SA:2009:050 (apache2,libapr1)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache web server was updated to fix various security issues:\n- the option IncludesNOEXEC could be bypassed via .htaccess (CVE-2009-1195)\n- mod_proxy could run into an infinite loop when used as reverse proxy\n(CVE-2009-1890)\n- mod_deflate continued to compress large files even after a network\nconnection was closed, causing mod_deflate to consume large amounts\nof CPU (CVE-2009-1891)\n- The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in\nthe mod_proxy_ftp module allows remote FTP servers to cause a denial\nof service (NULL pointer dereference and child process crash) via a\nmalformed reply to an EPSV command. (CVE-2009-3094)\n- access restriction bypass in mod_proxy_ftp module (CVE-2009-3095)\n\nAlso the libapr1 and libapr-util1 Apache helper libraries were updated\nto fix multiple integer overflows that could probably be used to\nexecute arbitrary code remotely. (CVE-2009-2412)\";\ntag_solution = \"Update your system with the packages as indicated in\nthe referenced security advisory.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:050\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SA:2009:050.\";\n\n \n\nif(description)\n{\n script_id(66106);\n script_version(\"$Revision: 6668 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:34:29 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-27 01:37:56 +0100 (Tue, 27 Oct 2009)\");\n script_cve_id(\"CVE-2009-1195\", \"CVE-2009-1890\", \"CVE-2009-1891\", \"CVE-2009-2412\", \"CVE-2009-3094\", \"CVE-2009-3095\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Advisory SUSE-SA:2009:050 (apache2,libapr1)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache2-debuginfo\", rpm:\"apache2-debuginfo~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-debugsource\", rpm:\"apache2-debugsource~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-debuginfo\", rpm:\"libapr-util1-debuginfo~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-debugsource\", rpm:\"libapr-util1-debugsource~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-debuginfo\", rpm:\"libapr1-debuginfo~1.3.3~12.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-debugsource\", rpm:\"libapr1-debugsource~1.3.3~12.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-utils\", rpm:\"apache2-utils~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.10~2.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1\", rpm:\"libapr-util1~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-mysql\", rpm:\"libapr-util1-dbd-mysql~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-pgsql\", rpm:\"libapr-util1-dbd-pgsql~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-sqlite3\", rpm:\"libapr-util1-dbd-sqlite3~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-devel\", rpm:\"libapr-util1-devel~1.3.4~13.3.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.3.3~12.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-devel\", rpm:\"libapr1-devel~1.3.3~12.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-debuginfo\", rpm:\"apache2-debuginfo~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-debugsource\", rpm:\"apache2-debugsource~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-debuginfo\", rpm:\"libapr-util1-debuginfo~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-debugsource\", rpm:\"libapr-util1-debugsource~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-debuginfo\", rpm:\"libapr1-debuginfo~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-debugsource\", rpm:\"libapr1-debugsource~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-utils\", rpm:\"apache2-utils~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.8~28.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1\", rpm:\"libapr-util1~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-mysql\", rpm:\"libapr-util1-dbd-mysql~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-pgsql\", rpm:\"libapr-util1-dbd-pgsql~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-sqlite3\", rpm:\"libapr-util1-dbd-sqlite3~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-devel\", rpm:\"libapr-util1-devel~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-devel\", rpm:\"libapr1-devel~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2\", rpm:\"apache2~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-devel\", rpm:\"apache2-devel~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-doc\", rpm:\"apache2-doc~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-example-pages\", rpm:\"apache2-example-pages~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-prefork\", rpm:\"apache2-prefork~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-utils\", rpm:\"apache2-utils~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-worker\", rpm:\"apache2-worker~2.2.4~70.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1\", rpm:\"libapr-util1~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-mysql\", rpm:\"libapr-util1-dbd-mysql~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-pgsql\", rpm:\"libapr-util1-dbd-pgsql~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-dbd-sqlite3\", rpm:\"libapr-util1-dbd-sqlite3~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-devel\", rpm:\"libapr-util1-devel~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1\", rpm:\"libapr1~1.2.9~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-devel\", rpm:\"libapr1-devel~1.2.9~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-64bit\", rpm:\"libapr-util1-64bit~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-devel-64bit\", rpm:\"libapr-util1-devel-64bit~1.2.12~43.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-64bit\", rpm:\"libapr1-64bit~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-devel-64bit\", rpm:\"libapr1-devel-64bit~1.2.12~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-64bit\", rpm:\"libapr-util1-64bit~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr-util1-devel-64bit\", rpm:\"libapr-util1-devel-64bit~1.2.8~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-64bit\", rpm:\"libapr1-64bit~1.2.9~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libapr1-devel-64bit\", rpm:\"libapr1-devel-64bit~1.2.9~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:57:00", "description": "The remote host is missing an update to apache\nannounced via advisory MDVSA-2009:323.", "cvss3": {}, "published": "2009-12-10T00:00:00", "type": "openvas", "title": "Mandriva Security Advisory MDVSA-2009:323 (apache)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1191", "CVE-2008-2939", "CVE-2009-3094", "CVE-2008-1678", "CVE-2009-3555", "CVE-2009-1890", "CVE-2009-3095", "CVE-2009-1891", "CVE-2009-1195"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:66414", "href": "http://plugins.openvas.org/nasl.php?oid=66414", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_323.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:323 (apache)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed with this update, please\nvisit the referenced security advisories.\n\nPackages for 2008.0 are being provided due to extended support for\nCorporate products.\n\nThis update provides a solution to these vulnerabilities.\n\nAffected: 2008.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:323\nhttp://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2\";\ntag_summary = \"The remote host is missing an update to apache\nannounced via advisory MDVSA-2009:323.\";\n\n \n\nif(description)\n{\n script_id(66414);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2008-1678\", \"CVE-2009-1191\", \"CVE-2008-2939\", \"CVE-2009-1195\", \"CVE-2009-1890\", \"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandriva Security Advisory MDVSA-2009:323 (apache)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache-base\", rpm:\"apache-base~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-htcacheclean\", rpm:\"apache-htcacheclean~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_authn_dbd\", rpm:\"apache-mod_authn_dbd~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_cache\", rpm:\"apache-mod_cache~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dav\", rpm:\"apache-mod_dav~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dbd\", rpm:\"apache-mod_dbd~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_deflate\", rpm:\"apache-mod_deflate~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_disk_cache\", rpm:\"apache-mod_disk_cache~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_file_cache\", rpm:\"apache-mod_file_cache~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ldap\", rpm:\"apache-mod_ldap~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_mem_cache\", rpm:\"apache-mod_mem_cache~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy\", rpm:\"apache-mod_proxy~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy_ajp\", rpm:\"apache-mod_proxy_ajp~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ssl\", rpm:\"apache-mod_ssl~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-modules\", rpm:\"apache-modules~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_userdir\", rpm:\"apache-mod_userdir~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-event\", rpm:\"apache-mpm-event~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-itk\", rpm:\"apache-mpm-itk~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-prefork\", rpm:\"apache-mpm-prefork~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-worker\", rpm:\"apache-mpm-worker~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-source\", rpm:\"apache-source~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:57", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1461.\n\nPostgreSQL, MySQL, PHP, and Apache have updates fixing a number of\nsecurity issues. For details, please visit the referenced security\nadvisories.\n\nAll users should upgrade to these updated packages, which resolve these\nissues. Users must restart the individual services, including postgresql,\nmysqld, and httpd, for this update to take effect.", "cvss3": {}, "published": "2009-09-28T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1461", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2446", "CVE-2007-6600", "CVE-2008-4456", "CVE-2009-3094", "CVE-2009-2687", "CVE-2009-3231", "CVE-2009-3230", "CVE-2009-3229", "CVE-2009-3095"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064945", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064945", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1461.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1461 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1461.\n\nPostgreSQL, MySQL, PHP, and Apache have updates fixing a number of\nsecurity issues. For details, please visit the referenced security\nadvisories.\n\nAll users should upgrade to these updated packages, which resolve these\nissues. Users must restart the individual services, including postgresql,\nmysqld, and httpd, for this update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64945\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-28 19:09:13 +0200 (Mon, 28 Sep 2009)\");\n script_cve_id(\"CVE-2008-4456\", \"CVE-2009-2446\", \"CVE-2009-2687\", \"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3229\", \"CVE-2009-3230\", \"CVE-2009-3231\", \"CVE-2007-6600\");\n script_tag(name:\"cvss_base\", value:\"8.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1461\");\n\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1461.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\n# Bug - app stack on RH5 uses Apache versioned on >=2.2.11, while at the\n# same time, versions based on 2.2.3 are considered valid for other non app\n# stack systems. So, if we're running appstack (trigger will be >2.2.11 based\n# http), we'll allow these checks to proceed, otherwise we'll abort early.\n\n# Abort if we're not on RH5, or we're missing RPMs\nkbrls = get_kb_item(\"ssh/login/release\");\nif(kbrls!=\"RHENT_5\") {\n exit(0);\n}\nrpms = get_kb_item(\"ssh/login/rpms\");\nif(!rpms) {\n exit(0);\n}\n\n# If have httpd and it's >=2.2.11, allow these checks, otherwise abort\npat = string(\"[\\n;](\", \"httpd\", \"~[^;]+);\");\nmatches = eregmatch(pattern:pat, string:rpms);\nrhas = 0;\nif(!isnull(matches)) {\n match2 = eregmatch(pattern:\"~(.*)~\", string:matches[1]);\n rhas = 1;\n}\nif(rhas==0) {\n exit(0);\n}\n\n# From here on out, it's the usual checks.\n\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.13~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.2.13~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.13~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.13~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.13~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.84~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.84~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mysql-cluster\", rpm:\"mysql-cluster~5.0.84~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mysql-debuginfo\", rpm:\"mysql-debuginfo~5.0.84~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.0.84~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mysql-libs\", rpm:\"mysql-libs~5.0.84~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.0.84~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.0.84~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-DBD-MySQL\", rpm:\"perl-DBD-MySQL~4.012~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-DBD-MySQL-debuginfo\", rpm:\"perl-DBD-MySQL-debuginfo~4.012~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-DBI\", rpm:\"perl-DBI~1.609~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-DBI-debuginfo\", rpm:\"perl-DBI-debuginfo~1.609~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-debuginfo\", rpm:\"postgresql-debuginfo~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-jdbc\", rpm:\"postgresql-jdbc~8.2.510~1jpp.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-jdbc-debuginfo\", rpm:\"postgresql-jdbc-debuginfo~8.2.510~1jpp.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-plperl\", rpm:\"postgresql-plperl~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-plpython\", rpm:\"postgresql-plpython~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-pltcl\", rpm:\"postgresql-pltcl~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-python\", rpm:\"postgresql-python~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-tcl\", rpm:\"postgresql-tcl~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pear\", rpm:\"php-pear~1.8.1~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:59", "description": "The remote host is missing an update to apache\nannounced via advisory MDVSA-2009:323.", "cvss3": {}, "published": "2009-12-10T00:00:00", "type": "openvas", "title": "Mandriva Security Advisory MDVSA-2009:323 (apache)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1191", "CVE-2008-2939", "CVE-2009-3094", "CVE-2008-1678", "CVE-2009-3555", "CVE-2009-1890", "CVE-2009-3095", "CVE-2009-1891", "CVE-2009-1195"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066414", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066414", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_323.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:323 (apache)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed with this update, please\nvisit the referenced security advisories.\n\nPackages for 2008.0 are being provided due to extended support for\nCorporate products.\n\nThis update provides a solution to these vulnerabilities.\n\nAffected: 2008.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:323\nhttp://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2\";\ntag_summary = \"The remote host is missing an update to apache\nannounced via advisory MDVSA-2009:323.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66414\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2008-1678\", \"CVE-2009-1191\", \"CVE-2008-2939\", \"CVE-2009-1195\", \"CVE-2009-1890\", \"CVE-2009-1891\", \"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3555\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandriva Security Advisory MDVSA-2009:323 (apache)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache-base\", rpm:\"apache-base~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-devel\", rpm:\"apache-devel~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-htcacheclean\", rpm:\"apache-htcacheclean~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_authn_dbd\", rpm:\"apache-mod_authn_dbd~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_cache\", rpm:\"apache-mod_cache~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dav\", rpm:\"apache-mod_dav~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_dbd\", rpm:\"apache-mod_dbd~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_deflate\", rpm:\"apache-mod_deflate~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_disk_cache\", rpm:\"apache-mod_disk_cache~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_file_cache\", rpm:\"apache-mod_file_cache~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ldap\", rpm:\"apache-mod_ldap~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_mem_cache\", rpm:\"apache-mod_mem_cache~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy\", rpm:\"apache-mod_proxy~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_proxy_ajp\", rpm:\"apache-mod_proxy_ajp~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_ssl\", rpm:\"apache-mod_ssl~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-modules\", rpm:\"apache-modules~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_userdir\", rpm:\"apache-mod_userdir~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-event\", rpm:\"apache-mpm-event~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-itk\", rpm:\"apache-mpm-itk~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-prefork\", rpm:\"apache-mpm-prefork~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mpm-worker\", rpm:\"apache-mpm-worker~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-source\", rpm:\"apache-source~2.2.6~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-27T10:55:53", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1461.\n\nPostgreSQL, MySQL, PHP, and Apache have updates fixing a number of\nsecurity issues. For details, please visit the referenced security\nadvisories.\n\nAll users should upgrade to these updated packages, which resolve these\nissues. Users must restart the individual services, including postgresql,\nmysqld, and httpd, for this update to take effect.", "cvss3": {}, "published": "2009-09-28T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1461", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2446", "CVE-2007-6600", "CVE-2008-4456", "CVE-2009-3094", "CVE-2009-2687", "CVE-2009-3231", "CVE-2009-3230", "CVE-2009-3229", "CVE-2009-3095"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:64945", "href": "http://plugins.openvas.org/nasl.php?oid=64945", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1461.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1461 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1461.\n\nPostgreSQL, MySQL, PHP, and Apache have updates fixing a number of\nsecurity issues. For details, please visit the referenced security\nadvisories.\n\nAll users should upgrade to these updated packages, which resolve these\nissues. Users must restart the individual services, including postgresql,\nmysqld, and httpd, for this update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(64945);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-28 19:09:13 +0200 (Mon, 28 Sep 2009)\");\n script_cve_id(\"CVE-2008-4456\", \"CVE-2009-2446\", \"CVE-2009-2687\", \"CVE-2009-3094\", \"CVE-2009-3095\", \"CVE-2009-3229\", \"CVE-2009-3230\", \"CVE-2009-3231\", \"CVE-2007-6600\");\n script_tag(name:\"cvss_base\", value:\"8.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1461\");\n\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1461.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\n# Bug - app stack on RH5 uses Apache versioned on >=2.2.11, while at the\n# same time, versions based on 2.2.3 are considered valid for other non app\n# stack systems. So, if we're running appstack (trigger will be >2.2.11 based\n# http), we'll allow these checks to proceed, otherwise we'll abort early.\n\n# Abort if we're not on RH5, or we're missing RPMs\nkbrls = get_kb_item(\"ssh/login/release\");\nif(kbrls!=\"RHENT_5\") {\n exit(0);\n}\nrpms = get_kb_item(\"ssh/login/rpms\");\nif(!rpms) {\n exit(0);\n}\n\n# If have httpd and it's >=2.2.11, allow these checks, otherwise abort\npat = string(\"[\\n;](\", \"httpd\", \"~[^;]+);\");\nmatches = eregmatch(pattern:pat, string:rpms);\nrhas = 0;\nif(!isnull(matches)) {\n match2 = eregmatch(pattern:\"~(.*)~\", string:matches[1]);\n rhas = 1;\n}\nif(rhas==0) {\n exit(0);\n}\n\n# From here on out, it's the usual checks.\n\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.13~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.2.13~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.13~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.13~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.13~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.84~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.84~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mysql-cluster\", rpm:\"mysql-cluster~5.0.84~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mysql-debuginfo\", rpm:\"mysql-debuginfo~5.0.84~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.0.84~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mysql-libs\", rpm:\"mysql-libs~5.0.84~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.0.84~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.0.84~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-DBD-MySQL\", rpm:\"perl-DBD-MySQL~4.012~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-DBD-MySQL-debuginfo\", rpm:\"perl-DBD-MySQL-debuginfo~4.012~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-DBI\", rpm:\"perl-DBI~1.609~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-DBI-debuginfo\", rpm:\"perl-DBI-debuginfo~1.609~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.10~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-debuginfo\", rpm:\"postgresql-debuginfo~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-jdbc\", rpm:\"postgresql-jdbc~8.2.510~1jpp.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-jdbc-debuginfo\", rpm:\"postgresql-jdbc-debuginfo~8.2.510~1jpp.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-plperl\", rpm:\"postgresql-plperl~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-plpython\", rpm:\"postgresql-plpython~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-pltcl\", rpm:\"postgresql-pltcl~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-python\", rpm:\"postgresql-python~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-tcl\", rpm:\"postgresql-tcl~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~8.2.14~1.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pear\", rpm:\"php-pear~1.8.1~2.el5s2\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:09:54", "description": "The remote host is missing Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002.\n One or more of the following components are affected:\n\n AppKit\n Application Firewall\n AFP Server\n Apache\n ClamAV\n CoreAudio\n CoreMedia\n CoreTypes\n CUPS\n curl\n Cyrus IMAP\n Cyrus SASL\n DesktopServices\n Disk Images\n Directory Services\n Dovecot\n Event Monitor\n FreeRADIUS\n FTP Server\n iChat Server\n ImageIO\n Image RAW\n Libsystem\n Mail\n Mailman\n MySQL\n OS Services\n Password Server\n perl\n PHP\n Podcast Producer\n Preferences\n PS Normalizer\n QuickTime\n Ruby\n Server Admin\n SMB\n Tomcat\n unzip\n vim\n Wiki Server\n X11\n xar", "cvss3": {}, "published": "2010-05-12T00:00:00", "type": "openvas", "title": "Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0060", "CVE-2010-0517", "CVE-2010-0505", "CVE-2009-2906", "CVE-2008-0564", "CVE-2010-0041", "CVE-2009-2446", "CVE-2009-3558", "CVE-2009-2417", "CVE-2008-0888", "CVE-2010-0498", "CVE-2010-0506", "CVE-2009-2632", "CVE-2008-5302", "CVE-2009-0033", "CVE-2008-4456", "CVE-2010-0515", "CVE-2010-0500", "CVE-2009-1904", "CVE-2010-0537", "CVE-2009-4030", "CVE-2010-0522", "CVE-2008-5303", "CVE-2010-0520", "CVE-2010-0504", "CVE-2010-0514", "CVE-2009-2693", "CVE-2010-0519", "CVE-2009-2042", "CVE-2010-0510", "CVE-2010-0511", "CVE-2009-0580", "CVE-2010-0512", "CVE-2009-0781", "CVE-2009-4214", "CVE-2008-5515", "CVE-2003-0063", "CVE-2009-2801", "CVE-2010-0055", "CVE-2009-0688", "CVE-2010-0523", "CVE-2010-0497", "CVE-2010-0503", "CVE-2010-0056", "CVE-2010-0533", "CVE-2010-0501", "CVE-2009-0316", "CVE-2009-3009", "CVE-2010-0062", "CVE-2009-4142", "CVE-2010-0507", "CVE-2010-0508", "CVE-2009-0689", "CVE-2009-0037", "CVE-2010-0525", "CVE-2009-2901", "CVE-2008-4101", "CVE-2010-0063", "CVE-2010-0065", "CVE-2010-0509", "CVE-2009-2422", "CVE-2009-3095", "CVE-2010-0058", "CVE-2010-0059", "CVE-2009-4017", "CVE-2010-0535", "CVE-2009-0783", "CVE-2009-4143", "CVE-2010-0043", "CVE-2010-0518", "CVE-2010-0526", "CVE-2010-0516", "CVE-2010-0513", "CVE-2009-3559", "CVE-2010-0502", "CVE-2008-7247", "CVE-2006-1329", "CVE-2009-2902", "CVE-2010-0057", "CVE-2008-2712", "CVE-2009-4019", "CVE-2010-0521", "CVE-2010-0393", "CVE-2010-0524", "CVE-2010-0064", "CVE-2010-0534", "CVE-2010-0042", "CVE-2009-3557"], "modified": "2017-02-22T00:00:00", "id": "OPENVAS:102039", "href": "http://plugins.openvas.org/nasl.php?oid=102039", "sourceData": "###################################################################\n# OpenVAS Vulnerability Test\n#\n# Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002\n#\n# LSS-NVT-2010-028\n#\n# Developed by LSS Security Team <http://security.lss.hr>\n#\n# Copyright (C) 2010 LSS <http://www.lss.hr>\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public\n# License along with this program. If not, see\n# <http://www.gnu.org/licenses/>.\n###################################################################\n\ntag_solution = \"Update your Mac OS X operating system.\n\n For more information see:\n http://support.apple.com/kb/HT4077\";\n\ntag_summary = \"The remote host is missing Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002.\n One or more of the following components are affected:\n\n AppKit\n Application Firewall\n AFP Server\n Apache\n ClamAV\n CoreAudio\n CoreMedia\n CoreTypes\n CUPS\n curl\n Cyrus IMAP\n Cyrus SASL\n DesktopServices\n Disk Images\n Directory Services\n Dovecot\n Event Monitor\n FreeRADIUS\n FTP Server\n iChat Server\n ImageIO\n Image RAW\n Libsystem\n Mail\n Mailman\n MySQL\n OS Services\n Password Server\n perl\n PHP\n Podcast Producer\n Preferences\n PS Normalizer\n QuickTime\n Ruby\n Server Admin\n SMB\n Tomcat\n unzip\n vim\n Wiki Server\n X11\n xar\";\n\n\nif(description)\n{\n script_id(102039);\n script_version(\"$Revision: 5394 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-22 10:22:42 +0100 (Wed, 22 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-12 14:48:44 +0200 (Wed, 12 May 2010)\");\n script_cve_id(\"CVE-2010-0056\",\"CVE-2009-2801\",\"CVE-2010-0057\",\"CVE-2010-0533\",\"CVE-2009-3095\",\"CVE-2010-0058\",\"CVE-2010-0059\",\"CVE-2010-0060\",\"CVE-2010-0062\",\"CVE-2010-0063\",\"CVE-2010-0393\",\"CVE-2009-2417\",\"CVE-2009-0037\",\"CVE-2009-2632\",\"CVE-2009-0688\",\"CVE-2010-0064\",\"CVE-2010-0537\",\"CVE-2010-0065\",\"CVE-2010-0497\",\"CVE-2010-0498\",\"CVE-2010-0535\",\"CVE-2010-0500\",\"CVE-2010-0524\",\"CVE-2010-0501\",\"CVE-2006-1329\",\"CVE-2010-0502\",\"CVE-2010-0503\",\"CVE-2010-0504\",\"CVE-2010-0505\",\"CVE-2010-0041\",\"CVE-2010-0042\",\"CVE-2010-0043\",\"CVE-2010-0506\",\"CVE-2010-0507\",\"CVE-2009-0689\",\"CVE-2010-0508\",\"CVE-2010-0525\",\"CVE-2008-0564\",\"CVE-2008-4456\",\"CVE-2008-7247\",\"CVE-2009-2446\",\"CVE-2009-4019\",\"CVE-2009-4030\",\"CVE-2010-0509\",\"CVE-2010-0510\",\"CVE-2008-5302\",\"CVE-2008-5303\",\"CVE-2009-3557\",\"CVE-2009-3558\",\"CVE-2009-3559\",\"CVE-2009-4017\",\"CVE-2009-4142\",\"CVE-2009-4143\",\"CVE-2010-0511\",\"CVE-2010-0512\",\"CVE-2010-0513\",\"CVE-2010-0514\",\"CVE-2010-0515\",\"CVE-2010-0516\",\"CVE-2010-0517\",\"CVE-2010-0518\",\"CVE-2010-0519\",\"CVE-2010-0520\",\"CVE-2010-0526\",\"CVE-2009-2422\",\"CVE-2009-3009\",\"CVE-2009-4214\",\"CVE-2009-1904\",\"CVE-2010-0521\",\"CVE-2010-0522\",\"CVE-2009-2906\",\"CVE-2009-0580\",\"CVE-2009-0033\",\"CVE-2009-0783\",\"CVE-2008-5515\",\"CVE-2009-0781\",\"CVE-2009-2901\",\"CVE-2009-2902\",\"CVE-2009-2693\",\"CVE-2008-0888\",\"CVE-2008-2712\",\"CVE-2008-4101\",\"CVE-2009-0316\",\"CVE-2010-0523\",\"CVE-2010-0534\",\"CVE-2009-2042\",\"CVE-2003-0063\",\"CVE-2010-0055\");\n script_name(\"Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 LSS\");\n script_family(\"Mac OS X Local Security Checks\");\n script_require_ports(\"Services/ssh\", 22);\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\",\"ssh/login/osx_version\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"pkg-lib-macosx.inc\");\ninclude(\"version_func.inc\");\n\nssh_osx_name = get_kb_item(\"ssh/login/osx_name\");\nif (!ssh_osx_name) exit (0);\n\nssh_osx_ver = get_kb_item(\"ssh/login/osx_version\");\nif (!ssh_osx_ver) exit (0);\n\nssh_osx_rls = ssh_osx_name + ' ' + ssh_osx_ver;\n\npkg_for_ver = make_list(\"Mac OS X 10.5.8\",\"Mac OS X Server 10.5.8\",\"Mac OS X 10.6.2\",\"Mac OS X Server 10.6.2\");\n\nif (rlsnotsupported(rls:ssh_osx_rls, list:pkg_for_ver)) { security_message(0); exit(0);}\n\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X 10.5.8\")) {\n if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X 10.5.8\"))) { security_message(0); exit(0);}\n else if ((ssh_osx_ver==osx_ver(ver:\"Mac OS X 10.5.8\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2010.002\"))) { security_message(0); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X Server 10.5.8\")) {\n if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X Server 10.5.8\"))) { security_message(0); exit(0);}\n else if ((ssh_osx_ver==osx_ver(ver:\"Mac OS X Server 10.5.8\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2010.002\"))) { security_message(0); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X 10.6.2\")) {\n if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:\"10.6.3\")) { security_message(0); exit(0); }\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X Server 10.6.2\")) {\n if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:\"10.6.3\")) { security_message(0); exit(0); }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:40:11", "description": "The remote host is missing Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002.", "cvss3": {}, "published": "2010-05-12T00:00:00", "type": "openvas", "title": "Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0060", "CVE-2010-0517", "CVE-2010-0505", "CVE-2009-2906", "CVE-2008-0564", "CVE-2010-0041", "CVE-2009-2446", "CVE-2009-3558", "CVE-2009-2417", "CVE-2008-0888", "CVE-2010-0498", "CVE-2010-0506", "CVE-2009-2632", "CVE-2008-5302", "CVE-2009-0033", "CVE-2008-4456", "CVE-2010-0515", "CVE-2010-0500", "CVE-2009-1904", "CVE-2010-0537", "CVE-2009-4030", "CVE-2010-0522", "CVE-2008-5303", "CVE-2010-0520", "CVE-2010-0504", "CVE-2010-0514", "CVE-2009-2693", "CVE-2010-0519", "CVE-2009-2042", "CVE-2010-0510", "CVE-2010-0511", "CVE-2009-0580", "CVE-2010-0512", "CVE-2009-0781", "CVE-2009-4214", "CVE-2008-5515", "CVE-2003-0063", "CVE-2009-2801", "CVE-2010-0055", "CVE-2009-0688", "CVE-2010-0523", "CVE-2010-0497", "CVE-2010-0503", "CVE-2010-0056", "CVE-2010-0533", "CVE-2010-0501", "CVE-2009-0316", "CVE-2009-3009", "CVE-2010-0062", "CVE-2009-4142", "CVE-2010-0507", "CVE-2010-0508", "CVE-2009-0689", "CVE-2009-0037", "CVE-2010-0525", "CVE-2009-2901", "CVE-2008-4101", "CVE-2010-0063", "CVE-2010-0065", "CVE-2010-0509", "CVE-2009-2422", "CVE-2009-3095", "CVE-2010-0058", "CVE-2010-0059", "CVE-2009-4017", "CVE-2010-0535", "CVE-2009-0783", "CVE-2009-4143", "CVE-2010-0043", "CVE-2010-0518", "CVE-2010-0526", "CVE-2010-0516", "CVE-2010-0513", "CVE-2009-3559", "CVE-2010-0502", "CVE-2008-7247", "CVE-2006-1329", "CVE-2009-2902", "CVE-2010-0057", "CVE-2008-2712", "CVE-2009-4019", "CVE-2010-0521", "CVE-2010-0393", "CVE-2010-0524", "CVE-2010-0064", "CVE-2010-0534", "CVE-2010-0042", "CVE-2009-3557"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310102039", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310102039", "sourceData": "###################################################################\n# OpenVAS Vulnerability Test\n# $Id: macosx_upd_10_6_3_secupd_2010-002.nasl 14307 2019-03-19 10:09:27Z cfischer $\n#\n# Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002\n#\n# LSS-NVT-2010-028\n#\n# Developed by LSS Security Team <http://security.lss.hr>\n#\n# Copyright (C) 2010 LSS <http://www.lss.hr>\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public\n# License along with this program. If not, see\n# <http://www.gnu.org/licenses/>.\n###################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.102039\");\n script_version(\"$Revision: 14307 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 11:09:27 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-12 14:48:44 +0200 (Wed, 12 May 2010)\");\n script_cve_id(\"CVE-2010-0056\", \"CVE-2009-2801\", \"CVE-2010-0057\", \"CVE-2010-0533\", \"CVE-2009-3095\",\n \"CVE-2010-0058\", \"CVE-2010-0059\", \"CVE-2010-0060\", \"CVE-2010-0062\", \"CVE-2010-0063\",\n \"CVE-2010-0393\", \"CVE-2009-2417\", \"CVE-2009-0037\", \"CVE-2009-2632\", \"CVE-2009-0688\",\n \"CVE-2010-0064\", \"CVE-2010-0537\", \"CVE-2010-0065\", \"CVE-2010-0497\", \"CVE-2010-0498\",\n \"CVE-2010-0535\", \"CVE-2010-0500\", \"CVE-2010-0524\", \"CVE-2010-0501\", \"CVE-2006-1329\",\n \"CVE-2010-0502\", \"CVE-2010-0503\", \"CVE-2010-0504\", \"CVE-2010-0505\", \"CVE-2010-0041\",\n \"CVE-2010-0042\", \"CVE-2010-0043\", \"CVE-2010-0506\", \"CVE-2010-0507\", \"CVE-2009-0689\",\n \"CVE-2010-0508\", \"CVE-2010-0525\", \"CVE-2008-0564\", \"CVE-2008-4456\", \"CVE-2008-7247\",\n \"CVE-2009-2446\", \"CVE-2009-4019\", \"CVE-2009-4030\", \"CVE-2010-0509\", \"CVE-2010-0510\",\n \"CVE-2008-5302\", \"CVE-2008-5303\", \"CVE-2009-3557\", \"CVE-2009-3558\", \"CVE-2009-3559\",\n \"CVE-2009-4017\", \"CVE-2009-4142\", \"CVE-2009-4143\", \"CVE-2010-0511\", \"CVE-2010-0512\",\n \"CVE-2010-0513\", \"CVE-2010-0514\", \"CVE-2010-0515\", \"CVE-2010-0516\", \"CVE-2010-0517\",\n \"CVE-2010-0518\", \"CVE-2010-0519\", \"CVE-2010-0520\", \"CVE-2010-0526\", \"CVE-2009-2422\",\n \"CVE-2009-3009\", \"CVE-2009-4214\", \"CVE-2009-1904\", \"CVE-2010-0521\", \"CVE-2010-0522\",\n \"CVE-2009-2906\", \"CVE-2009-0580\", \"CVE-2009-0033\", \"CVE-2009-0783\", \"CVE-2008-5515\",\n \"CVE-2009-0781\", \"CVE-2009-2901\", \"CVE-2009-2902\", \"CVE-2009-2693\", \"CVE-2008-0888\",\n \"CVE-2008-2712\", \"CVE-2008-4101\", \"CVE-2009-0316\", \"CVE-2010-0523\", \"CVE-2010-0534\",\n \"CVE-2009-2042\", \"CVE-2003-0063\", \"CVE-2010-0055\");\n script_name(\"Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 LSS\");\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.[56]\\.\");\n\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT4077\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002.\");\n\n script_tag(name:\"affected\", value:\"One or more of the following components are affected:\n\n AppKit\n\n Application Firewall\n\n AFP Server\n\n Apache\n\n ClamAV\n\n CoreAudio\n\n CoreMedia\n\n CoreTypes\n\n CUPS\n\n curl\n\n Cyrus IMAP\n\n Cyrus SASL\n\n DesktopServices\n\n Disk Images\n\n Directory Services\n\n Dovecot\n\n Event Monitor\n\n FreeRADIUS\n\n FTP Server\n\n iChat Server\n\n ImageIO\n\n Image RAW\n\n Libsystem\n\n Mail\n\n Mailman\n\n MySQL\n\n OS Services\n\n Password Server\n\n perl\n\n PHP\n\n Podcast Producer\n\n Preferences\n\n PS Normalizer\n\n QuickTime\n\n Ruby\n\n Server Admin\n\n SMB\n\n Tomcat\n\n unzip\n\n vim\n\n Wiki Server\n\n X11\n\n xar\");\n\n script_tag(name:\"solution\", value:\"Update your Mac OS X operating system. Please see the references for more information.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-macosx.inc\");\ninclude(\"version_func.inc\");\n\nssh_osx_name = get_kb_item(\"ssh/login/osx_name\");\nif (!ssh_osx_name) exit (0);\n\nssh_osx_ver = get_kb_item(\"ssh/login/osx_version\");\nif (!ssh_osx_ver || ssh_osx_ver !~ \"^10\\.[56]\\.\") exit (0);\n\nssh_osx_rls = ssh_osx_name + ' ' + ssh_osx_ver;\n\npkg_for_ver = make_list(\"Mac OS X 10.5.8\",\"Mac OS X Server 10.5.8\",\"Mac OS X 10.6.2\",\"Mac OS X Server 10.6.2\");\n\nif (rlsnotsupported(rls:ssh_osx_rls, list:pkg_for_ver)) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X 10.5.8\")) {\n if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X 10.5.8\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n else if((ssh_osx_ver == osx_ver(ver:\"Mac OS X 10.5.8\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2010.002\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X Server 10.5.8\")) {\n if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:\"Mac OS X Server 10.5.8\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n else if((ssh_osx_ver == osx_ver(ver:\"Mac OS X Server 10.5.8\")) && (isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2010.002\"))) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0);}\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X 10.6.2\")) {\n if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:\"10.6.3\")) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0); }\n}\nif (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:\"Mac OS X Server 10.6.2\")) {\n if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:\"10.6.3\")) { security_message( port: 0, data: \"The target host was found to be vulnerable\" ); exit(0); }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "slackware": [{"lastseen": "2021-07-28T14:46:55", "description": "New httpd packages are available for Slackware 12.0, 12.1, 12.2, 13.0,\nand -current to fix security issues.\n\nMore details about the issues may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095\n\n\nHere are the details from the Slackware 13.0 ChangeLog:\n\npatches/packages/httpd-2.2.14-i486-1_slack13.0.txz: Upgraded.\n This fixes a couple of security bugs when using mod_proxy_ftp.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/httpd-2.2.14-i486-1_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/httpd-2.2.14-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/httpd-2.2.14-i486-1_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/httpd-2.2.14-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/httpd-2.2.14-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/httpd-2.2.14-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/httpd-2.2.14-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 12.0 package:\nd98d0776aca79606bf2a192d26ad186e httpd-2.2.14-i486-1_slack12.0.tgz\n\nSlackware 12.1 package:\ne9548e750fd504edb7cef3c794fda093 httpd-2.2.14-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\nbf8d9f7284cfc1e2e00a90fd3c7f79ca httpd-2.2.14-i486-1_slack12.2.tgz\n\nSlackware 13.0 package:\na5e68df7ac3b4d5c065791e52eb08c2b httpd-2.2.14-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n489576badad7f3749f99783b8f034c7d httpd-2.2.14-x86_64-1_slack13.0.txz\n\nSlackware -current package:\nc2c52ef56eea0d9ad7a14801e11ab9e7 httpd-2.2.14-i486-1.txz\n\nSlackware x86_64 -current package:\n6bffc232ff17989a5c092dbd70b9229b httpd-2.2.14-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg httpd-2.2.14-i486-1_slack13.0.txz\n\nThen, restart httpd:\n > sh /etc/rc.d/rc.httpd restart", "cvss3": {}, "published": "2010-01-25T05:19:48", "type": "slackware", "title": "[slackware-security] httpd", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095"], "modified": "2010-01-25T05:19:48", "id": "SSA-2010-024-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.451468", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "description": "The Apache HTTP Server is a powerful, efficient, and extensible web server. ", "edition": 2, "cvss3": {}, "published": "2010-02-27T03:41:04", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: httpd-2.2.14-1.fc11", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2010-02-27T03:41:04", "id": "FEDORA:8A43D110815", "href": "", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "description": "The Apache HTTP Server is a powerful, efficient, and extensible web server. ", "edition": 2, "cvss3": {}, "published": "2009-12-18T04:22:30", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: httpd-2.2.14-1.fc12", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2009-12-18T04:22:30", "id": "FEDORA:F1AD728EDBF", "href": "", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "description": "The Apache HTTP Server is a powerful, efficient, and extensible web server. ", "edition": 2, "cvss3": {}, "published": "2009-12-10T04:17:40", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: httpd-2.2.14-1.fc10", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2009-12-10T04:17:40", "id": "FEDORA:59B0310F861", "href": "", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "seebug": [{"lastseen": "2017-11-19T18:31:27", "description": "No description provided by source.", "cvss3": {}, "published": "2009-11-20T00:00:00", "type": "seebug", "title": "apache2 vulnerabilities", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2009-11-20T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-12673", "id": "SSV:12673", "sourceData": "\n ===========================================================\r\nUbuntu Security Notice USN-860-1 November 19, 2009\r\napache2 vulnerabilities\r\nCVE-2009-3094, CVE-2009-3095, CVE-2009-3555\r\n===========================================================\r\n\r\nA security issue affects the following Ubuntu releases:\r\n\r\nUbuntu 6.06 LTS\r\nUbuntu 8.04 LTS\r\nUbuntu 8.10\r\nUbuntu 9.04\r\nUbuntu 9.10\r\n\r\nThis advisory also applies to the corresponding versions of\r\nKubuntu, Edubuntu, and Xubuntu.\r\n\r\nThe problem can be corrected by upgrading your system to the\r\nfollowing package versions:\r\n\r\nUbuntu 6.06 LTS:\r\n apache2-common 2.0.55-4ubuntu2.9\r\n\r\nUbuntu 8.04 LTS:\r\n apache2.2-common 2.2.8-1ubuntu0.14\r\n\r\nUbuntu 8.10:\r\n apache2.2-common 2.2.9-7ubuntu3.5\r\n\r\nUbuntu 9.04:\r\n apache2.2-common 2.2.11-2ubuntu2.5\r\n\r\nUbuntu 9.10:\r\n apache2.2-common 2.2.12-1ubuntu2.1\r\n\r\nIn general, a standard system upgrade is sufficient to effect the\r\nnecessary changes.\r\n\r\nDetails follow:\r\n\r\nMarsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3\r\nprotocols. If an attacker could perform a man in the middle attack at the\r\nstart of a TLS connection, the attacker could inject arbitrary content at\r\nthe beginning of the user's session. The flaw is with TLS renegotiation and\r\npotentially affects any software that supports this feature. Attacks\r\nagainst the HTTPS protocol are known, with the severity of the issue\r\ndepending on the safeguards used in the web application. Until the TLS\r\nprotocol and underlying libraries are adjusted to defend against this\r\nvulnerability, a partial, temporary workaround has been applied to Apache\r\nthat disables client initiated TLS renegotiation. This update does not\r\nprotect against server initiated TLS renegotiation when using\r\nSSLVerifyClient and SSLCipherSuite on a per Directory or Location basis.\r\nUsers can defend againt server inititiated TLS renegotiation attacks by\r\nadjusting their Apache configuration to use SSLVerifyClient and\r\nSSLCipherSuite only on the server or virtual host level. (CVE-2009-3555)\r\n\r\nIt was discovered that mod_proxy_ftp in Apache did not properly sanitize\r\nits input when processing replies to EPASV and PASV commands. An attacker\r\ncould use this to cause a denial of service in the Apache child process.\r\n(CVE-2009-3094)\r\n\r\nAnother flaw was discovered in mod_proxy_ftp. If Apache is configured as a\r\nreverse proxy, an attacker could send a crafted HTTP header to bypass\r\nintended access controls and send arbitrary commands to the FTP server.\r\n(CVE-2009-3095)\r\n\r\n\r\nUpdated packages for Ubuntu 6.06 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.di \\\r\nff.gz Size/MD5: 130638 5d172b0ca228238e211940fad6b0935d\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.ds \\\r\nc Size/MD5: 1156 a6d575c4c0ef0ef9c4c77e7f6ddfb02d\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\r\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2. \\\r\n9_all.deb Size/MD5: 2125884 643115e9135b9bf626f3a65cfc5f2ed3\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubunt \\\r\nu2.9_amd64.deb Size/MD5: 834492 818915da9848657833480b1ead6b4a12\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55- \\\r\n4ubuntu2.9_amd64.deb Size/MD5: 229578 9086ac3033e0425ecd150b31b377ee76\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4 \\\r\nubuntu2.9_amd64.deb Size/MD5: 224594 85a4480344a072868758c466f6a98747\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4u \\\r\nbuntu2.9_amd64.deb Size/MD5: 229128 446b52088b9744fb776e53155403a474\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4 \\\r\nubuntu2.9_amd64.deb Size/MD5: 172850 17e4cd95ecb9d0390274fca9625c2e5e\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55- \\\r\n4ubuntu2.9_amd64.deb Size/MD5: 173636 b501407d01fa07e5807c28cd1db16cd7\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu \\\r\n2.9_amd64.deb Size/MD5: 95454 a06ee30ec14b35003ebcb821624bc2af\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_am \\\r\nd64.deb Size/MD5: 37510 4c063b1b8d831ea8a02d5ec691995dec\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2. \\\r\n9_amd64.deb Size/MD5: 287048 9cdc7502ebc526d4bc7df9b59a9d8925\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_am \\\r\nd64.deb Size/MD5: 145624 4b613a57da2ca57678e8c8f0c1628556\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubunt \\\r\nu2.9_i386.deb Size/MD5: 787870 67b1855dc984e5296ac9580e2a2f0a0c\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55- \\\r\n4ubuntu2.9_i386.deb Size/MD5: 204122 edf40b0ff5c1824b2d6232da247ce480\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4 \\\r\nubuntu2.9_i386.deb Size/MD5: 200060 6267a56fcef78f6300372810ce36ea41\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4u \\\r\nbuntu2.9_i386.deb Size/MD5: 203580 c487929bbf45b5a4dc3d035d86f7b3a0\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4 \\\r\nubuntu2.9_i386.deb Size/MD5: 172876 bae257127c3d137e407a7db744f3d57a\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55- \\\r\n4ubuntu2.9_i386.deb Size/MD5: 173660 9dd0e108ab4d3382799b29d901bf4502\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu \\\r\n2.9_i386.deb Size/MD5: 93410 d5d602c75a28873f1cd7523857e0dd80\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_i3 \\\r\n86.deb Size/MD5: 37508 22049e1ea8ea88259ff3f6e94482cfb3\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2. \\\r\n9_i386.deb Size/MD5: 263066 43fa2ae3b43c4743c98c45ac22fb0250\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_i3 \\\r\n86.deb Size/MD5: 133484 e70b7f81859cb92e0c50084e92216526\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubunt \\\r\nu2.9_powerpc.deb Size/MD5: 860622 6d386da8da90d363414846dbc7fa7f08\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55- \\\r\n4ubuntu2.9_powerpc.deb Size/MD5: 221470 8c207b379f7ba646c94759d3e9079dd4\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4 \\\r\nubuntu2.9_powerpc.deb Size/MD5: 217132 069cab77278b101c3c4a5b172f36ba9b\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4u \\\r\nbuntu2.9_powerpc.deb Size/MD5: 220968 2f6ba65769fc964eb6dfec8a842f7621\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4 \\\r\nubuntu2.9_powerpc.deb Size/MD5: 172874 89137c84b5a33f526daf3f8b4c047a7e\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55- \\\r\n4ubuntu2.9_powerpc.deb Size/MD5: 173662 23e576721faccb4aef732cf98e2358d4\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu \\\r\n2.9_powerpc.deb Size/MD5: 105198 44f9e698567784555db7d7d971b9fce2\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_po \\\r\nwerpc.deb Size/MD5: 37518 fe7caa2a3cf6d4227ac34692de30635e\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2. \\\r\n9_powerpc.deb Size/MD5: 282644 ec0306c04778cf8c8edd622aabb0363c\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_po \\\r\nwerpc.deb Size/MD5: 142730 d43356422176ca29440f3e0572678093\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubunt \\\r\nu2.9_sparc.deb Size/MD5: 805078 0f1f6a9b04ad5ce4ea29fd0e44bf18a4\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55- \\\r\n4ubuntu2.9_sparc.deb Size/MD5: 211674 eb19532b9b759c806e9a95a4ffbfad9b\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4 \\\r\nubuntu2.9_sparc.deb Size/MD5: 207344 9e5770a4c94cbc4f9bc8cc11a6a038f1\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4u \\\r\nbuntu2.9_sparc.deb Size/MD5: 210948 6d1d2357cec5b88c1c2269e5c16724bc\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4 \\\r\nubuntu2.9_sparc.deb Size/MD5: 172882 d04dd123def1bc4cfbf2ac0095432eea\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55- \\\r\n4ubuntu2.9_sparc.deb Size/MD5: 173662 6be46bbb9e92224020da49d657cb4cd4\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu \\\r\n2.9_sparc.deb Size/MD5: 94510 9df6ae07a9218d6159b1eebde5d58606\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_sp \\\r\narc.deb Size/MD5: 37506 89856bb1433e67fb23c8d34423d3e0a5\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2. \\\r\n9_sparc.deb Size/MD5: 269070 bf585dec777b0306cd80663c11b020df\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_sp \\\r\narc.deb Size/MD5: 131466 340eaf2d2c1f129c7676a152776cfcf3\r\n\r\nUpdated packages for Ubuntu 8.04 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.di \\\r\nff.gz Size/MD5: 141838 37d5c93b425758839cbef5afea5353a2\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.ds \\\r\nc Size/MD5: 1381 78c9a13cc2af0dbf3958a3fc98aeea84\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8.orig.tar.gz\r\n Size/MD5: 6125771 39a755eb0f584c279336387b321e3dfc\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.8-1ubuntu0.1 \\\r\n4_all.deb Size/MD5: 1929318 d4faaf64c2c0af807848ea171a4efa90\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1 \\\r\nubuntu0.14_all.deb Size/MD5: 72920 065d63c19b22f0f7a8f7c28952b0b408\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.8-1ubuntu0.1 \\\r\n4_all.deb Size/MD5: 6258048 33c48a093bbb868ea108a50c051437cf\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14_al \\\r\nl.deb Size/MD5: 45850 07a9463a8e4fdf1a48766d5ad08b9a3c\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubu \\\r\nntu0.14_amd64.deb Size/MD5: 253080 3c6467ee604002a5b8ebffff8554c568\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1u \\\r\nbuntu0.14_amd64.deb Size/MD5: 248676 3c83ce9eb0a27f18b9c3a8c3e651cafa\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ub \\\r\nuntu0.14_amd64.deb Size/MD5: 252490 cf379a515d967d89d2009be9e06d4833\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1u \\\r\nbuntu0.14_amd64.deb Size/MD5: 205592 af6cb62114d2e70bf859c32008a66433\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1 \\\r\nubuntu0.14_amd64.deb Size/MD5: 206350 9c3d5ef8e55eee98cc3e75f2ed9ffaff\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0 \\\r\n.14_amd64.deb Size/MD5: 141660 958585d6391847cd5a618464054f7d37\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubun \\\r\ntu0.14_amd64.deb Size/MD5: 803974 76d23bd94465a2f96711dc1c41b31af0\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubu \\\r\nntu0.14_i386.deb Size/MD5: 236060 ad4c00dc10b406cc312982b7113fa468\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1u \\\r\nbuntu0.14_i386.deb Size/MD5: 231580 07ae6a192e6c859e49d48f2b2158df40\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ub \\\r\nuntu0.14_i386.deb Size/MD5: 235308 18a44bbffcebde8f2d66fe3a6bdbab6d\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1u \\\r\nbuntu0.14_i386.deb Size/MD5: 205594 73ec71599d4c8a42a69ac3099b9d50cf\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1 \\\r\nubuntu0.14_i386.deb Size/MD5: 206374 c1524e4fa8265e7eaac046b114b8c463\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0 \\\r\n.14_i386.deb Size/MD5: 140644 379a125b8b5b51ff8033449755ab87b8\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubun \\\r\ntu0.14_i386.deb Size/MD5: 755574 9de96c8719740c2525e3c0cf7836d60b\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_lp \\\r\nia.deb Size/MD5: 235578 0265d4f6ccee2d7b5ee10cfff48fed08\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_ \\\r\nlpia.deb Size/MD5: 231234 611499fb33808ecdd232e2c5350f6838\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_l \\\r\npia.deb Size/MD5: 234738 d7757d2da2e542ce0fdad5994be1d8bd\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_ \\\r\nlpia.deb Size/MD5: 205592 c10ac9eb401184c379b7993b6a62cde3\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14 \\\r\n_lpia.deb Size/MD5: 206358 fc91c0159b096e744c42014e6e5f8909\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_lpia.d \\\r\neb Size/MD5: 141212 f87d5f443e5d8e1c3eda6f976b3ceb06\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_lpi \\\r\na.deb Size/MD5: 749716 86ae389b81b057288ff3c0b69ef68656\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_po \\\r\nwerpc.deb Size/MD5: 254134 4337f858972022fa196c9a1f9bb724fb\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_ \\\r\npowerpc.deb Size/MD5: 249596 44a6e21ff8fa81d09dab19cab4caffdb\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_p \\\r\nowerpc.deb Size/MD5: 253698 f101a1709f21320716d4c9afb356f24f\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_ \\\r\npowerpc.deb Size/MD5: 205604 3f4d4f6733257a7037e35101ef792352\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14 \\\r\n_powerpc.deb Size/MD5: 206386 06402188459de8dab5279b5bfef768fa\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_powerp \\\r\nc.deb Size/MD5: 158390 0acffbdb7e5602b434c4f2805f8dc4d0\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_pow \\\r\nerpc.deb Size/MD5: 906022 28c3e8b63d123a4ca0632b3fed6720b5\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_sp \\\r\narc.deb Size/MD5: 237422 5651f53b09c0f36e1333c569980a0eb0\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_ \\\r\nsparc.deb Size/MD5: 233152 1165607c64c57c84212b6b106254e885\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_s \\\r\nparc.deb Size/MD5: 236606 bbe00d0707c279a16eca35258dd8f13a\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_ \\\r\nsparc.deb Size/MD5: 205598 76afcd4085fa6f39055a5a3f1ef34a43\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14 \\\r\n_sparc.deb Size/MD5: 206372 5c67270e0a19d1558cf17cb21a114833\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_sparc. \\\r\ndeb Size/MD5: 143838 28e9c3811feeac70b846279e82c23430\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_spa \\\r\nrc.deb Size/MD5: 765398 92c5b054b80b6258a1c4caac8248a40a\r\n\r\nUpdated packages for Ubuntu 8.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.dif \\\r\nf.gz Size/MD5: 137715 0e8a6128ff37a1c064d4ce881b5d3df9\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.dsc \\\r\n Size/MD5: 1788 5e3c3d53b68ea3053bcca3a5e19f5911\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9.orig.tar.gz\r\n Size/MD5: 6396996 80d3754fc278338033296f0d41ef2c04\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.9-7ubuntu3.5 \\\r\n_all.deb Size/MD5: 2041786 cd1e98fb2064bad51f7845f203a07d79\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.9-7ubuntu3.5 \\\r\n_all.deb Size/MD5: 6538578 32e07db65f1e7b3002aedc3afce1748c\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5_all \\\r\n.deb Size/MD5: 45474 0f1b4fb499af61a596241bd4f0f4d35d\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubu \\\r\nntu3.5_amd64.deb Size/MD5: 254968 f2004f847cc5cbc730599352ad1f7dc6\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7u \\\r\nbuntu3.5_amd64.deb Size/MD5: 249196 fb001fc4f192e9b8ae1bb7161925413c\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ub \\\r\nuntu3.5_amd64.deb Size/MD5: 254360 419b942bad4cf4d959afcfa3ce4314e2\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7u \\\r\nbuntu3.5_amd64.deb Size/MD5: 208524 0d87bf6acbf1ab5dc48c68debe7c0d26\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9- \\\r\n7ubuntu3.5_amd64.deb Size/MD5: 84490 2a4df4b619debe549f48ac3e9e764305\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu \\\r\n3.5_amd64.deb Size/MD5: 82838 215665711684d5b5dd04cdfa23d36462\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7 \\\r\nubuntu3.5_amd64.deb Size/MD5: 209550 496d387e315370c0cd83489db663a356\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3 \\\r\n.5_amd64.deb Size/MD5: 147762 48061b9015c78b39b7afd834f4c81ae0\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubun \\\r\ntu3.5_amd64.deb Size/MD5: 820242 3497441009bc9db76a87fd2447ba433c\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubu \\\r\nntu3.5_i386.deb Size/MD5: 241376 488812d1a311fd67dafd5b18b6813920\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7u \\\r\nbuntu3.5_i386.deb Size/MD5: 236082 9256681808703f40e822c81b53f4ce3e\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ub \\\r\nuntu3.5_i386.deb Size/MD5: 240668 2b6b7c11a88ed5a280f603305bee880e\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7u \\\r\nbuntu3.5_i386.deb Size/MD5: 208532 e0eccceba6cae5fb12f431ff0283a23e\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9- \\\r\n7ubuntu3.5_i386.deb Size/MD5: 83922 ea5f69f36e344e493cce5d9c0bc69c46\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu \\\r\n3.5_i386.deb Size/MD5: 82320 0d9b2f9afff4b9efe924b59e9bb039ea\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7 \\\r\nubuntu3.5_i386.deb Size/MD5: 209554 f4e53148ae30d5c4f060d455e4f11f95\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3 \\\r\n.5_i386.deb Size/MD5: 146596 5ed6a4af9378bacfb7d4a034d9923915\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubun \\\r\ntu3.5_i386.deb Size/MD5: 778564 ffd7752394933004094c13b00113b263\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_lpi \\\r\na.deb Size/MD5: 238358 4955c7d577496ea4f3573345fad028a4\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_l \\\r\npia.deb Size/MD5: 232964 76aecf38baba17a8a968329b818ec74a\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_lp \\\r\nia.deb Size/MD5: 237626 83f32bd08e2e206bbdb9f92cfb1a37e5\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_l \\\r\npia.deb Size/MD5: 208528 6672fb116e108687669c89197732fbb0\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5 \\\r\n_lpia.deb Size/MD5: 83870 b8f875f197017aec0fe8203c203065d7\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_lpia.d \\\r\neb Size/MD5: 82296 d6724391ed540b351e2b660ba98af1ca\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_ \\\r\nlpia.deb Size/MD5: 209550 263b43fb11c6d954d5a4bf7839e720a4\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_lpia.de \\\r\nb Size/MD5: 146282 a225b8d0f48e141eea28b2369d4595c0\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_lpia \\\r\n.deb Size/MD5: 766494 454c737e191429c43ad3f28c9e0294a0\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_pow \\\r\nerpc.deb Size/MD5: 261510 d3e1155682726cc28859156e647d97b3\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_p \\\r\nowerpc.deb Size/MD5: 256082 e49d894a6e9ab612a3cbd2f189ca3d8d\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_po \\\r\nwerpc.deb Size/MD5: 260850 bc3cd7677cd630ac00424e73a3a6b343\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_p \\\r\nowerpc.deb Size/MD5: 208542 ae1cc6b1323832528ad8f0e7130ec87d\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5 \\\r\n_powerpc.deb Size/MD5: 84558 68452b686e89320007e9c5367ce36345\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_powerp \\\r\nc.deb Size/MD5: 82908 2b8c5fc4bdec1017735dc16eba41d0a6\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_ \\\r\npowerpc.deb Size/MD5: 209562 a8da7487e3dcd1bdff008956728b8dd3\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_powerpc \\\r\n.deb Size/MD5: 161030 a5ffe07d5e3050c8a54c4fccd3732263\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_powe \\\r\nrpc.deb Size/MD5: 926240 8282583e86e84bd256959540f39a515d\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_spa \\\r\nrc.deb Size/MD5: 246720 e54b4b9b354001a910ec9027dc90b0d2\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_s \\\r\nparc.deb Size/MD5: 241280 1eea25472875056e34cd2c3283c60171\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_sp \\\r\narc.deb Size/MD5: 246024 5709e7421814ecfb83fff5804d429971\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_s \\\r\nparc.deb Size/MD5: 208528 25cdfd0177da7e5484d3d44f93257863\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5 \\\r\n_sparc.deb Size/MD5: 84096 3ffbacffcc23ffc640a2ce05d35437bf\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_sparc. \\\r\ndeb Size/MD5: 82470 17d1ca84f9455c492013f4f754a1d365\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_ \\\r\nsparc.deb Size/MD5: 209546 696ef3652703523aea6208a4e51e48f1\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_sparc.d \\\r\neb Size/MD5: 150932 44c89e0249c85eed09b6f3a6a23db59d\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_spar \\\r\nc.deb Size/MD5: 783902 773a80d7a85a452016da3b10b1f3ae43\r\n\r\nUpdated packages for Ubuntu 9.04:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.di \\\r\nff.gz Size/MD5: 141023 50d6737005a6d4fe601e223a39293f99\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.ds \\\r\nc Size/MD5: 1795 59720f4d7ad291c986d92ec120750c3d\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11.orig.tar.gz\r\n Size/MD5: 6806786 03e0a99a5de0f3f568a0087fb9993af9\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.11-2ubuntu2. \\\r\n5_all.deb Size/MD5: 2219326 d29c903489b894ddf88b23a0fec23e5c\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5_al \\\r\nl.deb Size/MD5: 46636 ee03585b00f277ed98c0de07a683317a\r\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-src_2.2.11-2ubun \\\r\ntu2.5_all.deb Size/MD5: 6948222 a3505a83c13cf36c86248079127dd84d\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ub \\\r\nuntu2.5_amd64.deb Size/MD5: 259028 5e9bddefad4c58c3ef9fd15d7a06988d\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2 \\\r\nubuntu2.5_amd64.deb Size/MD5: 253218 ee1bfbb759ffade3a52a6782e2f4b66d\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2u \\\r\nbuntu2.5_amd64.deb Size/MD5: 258414 8ef063026de9790bac1965427ce1b584\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2 \\\r\nubuntu2.5_amd64.deb Size/MD5: 213294 09701d434bd102e4205e551b4525afd1\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11- \\\r\n2ubuntu2.5_amd64.deb Size/MD5: 214258 e98de48ea01e1132c5f1248a9a018745\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu \\\r\n2.5_amd64.deb Size/MD5: 151140 2f7c7f14b843b2c24de8c67356406449\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubu \\\r\nntu2.5_amd64.deb Size/MD5: 826834 28abdf1c7be886e9be2825d351abaec7\r\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2. \\\r\n2.11-2ubuntu2.5_amd64.deb Size/MD5: 87818 670c62615e107920c45893b3377ab2a0\r\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2u \\\r\nbuntu2.5_amd64.deb Size/MD5: 86094 5a7c68fd37066287b4819cba4cfed1f2\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ub \\\r\nuntu2.5_i386.deb Size/MD5: 245538 952540b7679ebc8d3ffc953f32d3be0f\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2 \\\r\nubuntu2.5_i386.deb Size/MD5: 240048 08a7fd4888ffd9188890e57c613c4be7\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2u \\\r\nbuntu2.5_i386.deb Size/MD5: 244914 955bb5121da808d44aa994386d90723f\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2 \\\r\nubuntu2.5_i386.deb Size/MD5: 213308 dd16143608ff8c41cb2d5cd27212a57e\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11- \\\r\n2ubuntu2.5_i386.deb Size/MD5: 214280 1e1f5d6feef40413f823a19126a018e3\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu \\\r\n2.5_i386.deb Size/MD5: 150046 0769d86d26282d1d31615050ae5b8915\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubu \\\r\nntu2.5_i386.deb Size/MD5: 784198 8760e9c37147d0472dbbfe941c058829\r\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2. \\\r\n2.11-2ubuntu2.5_i386.deb Size/MD5: 87182 21980cb1035d05f69b857870bbcbc085\r\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2u \\\r\nbuntu2.5_i386.deb Size/MD5: 85572 6a1b8a5e4cb19e815e88335757b06cf3\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_lp \\\r\nia.deb Size/MD5: 242386 859ad63822b7e82c81cd6dcaca088c4a\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_ \\\r\nlpia.deb Size/MD5: 236924 200538ce94218c9d8af8532636bfd40a\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_l \\\r\npia.deb Size/MD5: 241822 3a3183ea4ee77d2677919d3b698f92a1\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_ \\\r\nlpia.deb Size/MD5: 213286 bf81273b1db0a4a621085171c2b2b421\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5 \\\r\n_lpia.deb Size/MD5: 214264 ed278dab71289d2baae2ea409382fbf8\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_lpia.d \\\r\neb Size/MD5: 149758 75f6e2d7bd1cdfe5b1806062c3c859df\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_lpi \\\r\na.deb Size/MD5: 773424 c7cdc26051bd9443ae25b73776537fb5\r\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubun \\\r\ntu2.5_lpia.deb Size/MD5: 87132 32e7ea89c96a0afce7ce1da457d947fb\r\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_l \\\r\npia.deb Size/MD5: 85550 1d9b5963aa6ea5c01492ec417ab8510a\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_po \\\r\nwerpc.deb Size/MD5: 265476 5d03fe6b2da8de98c876941ff78b066f\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_ \\\r\npowerpc.deb Size/MD5: 260478 3e3aeaaf496cc86c62a831c59994c1f2\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_p \\\r\nowerpc.deb Size/MD5: 265154 5eae30e7a33c09b37483f3aab595d0e9\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_ \\\r\npowerpc.deb Size/MD5: 213314 879534ebabbb8be86b606e1800dc9cf8\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5 \\\r\n_powerpc.deb Size/MD5: 214286 922033231a6aa67ecca1c400d47f09c1\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_powerp \\\r\nc.deb Size/MD5: 164444 74faf68f0baeffcd011155ca9b201039\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_pow \\\r\nerpc.deb Size/MD5: 932416 2911758e4ad1b3b401369621301ea76f\r\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubun \\\r\ntu2.5_powerpc.deb Size/MD5: 87876 1d45c033ec5498c092f30188cf1d481e\r\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_p \\\r\nowerpc.deb Size/MD5: 86154 52c1d8806d52fef6f43ab53662953953\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_sp \\\r\narc.deb Size/MD5: 250786 4e8e98dcba5543394ed5f07d141ce408\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_ \\\r\nsparc.deb Size/MD5: 245094 a82bf04fc92b8c275b0c0f25cc81ff91\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_s \\\r\nparc.deb Size/MD5: 250110 092cf734813ae1d127d7b4f498f936c1\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_ \\\r\nsparc.deb Size/MD5: 213312 98d7062a6bdb58637f7e850b76bfbc80\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5 \\\r\n_sparc.deb Size/MD5: 214286 a378e2e0418631cec0f398379a446172\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_sparc. \\\r\ndeb Size/MD5: 154284 ce8b7bbccd359675b70426df15becfed\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_spa \\\r\nrc.deb Size/MD5: 789298 11f088b18425b97367d5bc141da2ef2f\r\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubun \\\r\ntu2.5_sparc.deb Size/MD5: 87384 477b6594866c8c73a8a3603e7e646c68\r\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_s \\\r\nparc.deb Size/MD5: 85686 5562ea5a0e6f01ba12adda3afb65c1b0\r\n\r\nUpdated packages for Ubuntu 9.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.di \\\r\nff.gz Size/MD5: 185244 1ef59f9642bd9efa35e0808ea804cd0b\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.ds \\\r\nc Size/MD5: 1888 d3bfdecefdd8b1adec8ab35dcf85d2b3\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12.orig.tar.gz\r\n Size/MD5: 6678149 17f017b571f88aa60abebfe2945d7caf\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.12-1ubuntu2. \\\r\n1_all.deb Size/MD5: 2246560 be12bcc117bf165ffd3401486186762e\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.12-1ub \\\r\nuntu2.1_all.deb Size/MD5: 2336 009d381342b0be5280835a46c91f01d9\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.12-1 \\\r\nubuntu2.1_all.deb Size/MD5: 2374 7545a3750acea08e95bee86f6a3247e2\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.12-1u \\\r\nbuntu2.1_all.deb Size/MD5: 2314 17719223d92d46821098ce178b5947d6\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.12-1ubu \\\r\nntu2.1_all.deb Size/MD5: 284782 4321e3201d8e8d1a9e3c6fbe6864102b\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1_al \\\r\nl.deb Size/MD5: 1424 7b4d96008368549d5600a8c1f64a7559\r\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-mpm-itk_2.2.12-1 \\\r\nubuntu2.1_all.deb Size/MD5: 2366 46add3d428c97fa69a8848a3e4025bb0\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1 \\\r\nubuntu2.1_amd64.deb Size/MD5: 137080 91e4f72d0f1f0abe91555e1497558fc2\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12- \\\r\n1ubuntu2.1_amd64.deb Size/MD5: 138176 5fd6a5ed536306528f9f2c1a0281ad70\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu \\\r\n2.1_amd64.deb Size/MD5: 156646 cfa55666363303b3f44a24fa2929bf01\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu \\\r\n2.1_amd64.deb Size/MD5: 1399630 82b36d57faa29a646e72a1125600c11c\r\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2. \\\r\n2.12-1ubuntu2.1_amd64.deb Size/MD5: 92488 ddebef9d1a537520380f85b63c512bef\r\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1u \\\r\nbuntu2.1_amd64.deb Size/MD5: 90880 c6d163edf145da8ff6d102dc0dd1f8d7\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1 \\\r\nubuntu2.1_i386.deb Size/MD5: 137102 69dcd0519ca612e02102f52dcb50bf7f\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12- \\\r\n1ubuntu2.1_i386.deb Size/MD5: 138200 17221b53903d664823a55faa1ec4d9a9\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu \\\r\n2.1_i386.deb Size/MD5: 155166 4347806710edff47fc051b4a68d5b448\r\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu \\\r\n2.1_i386.deb Size/MD5: 1309136 d9a7df212b315fc6f77fc87fa8eb4a04\r\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2. \\\r\n2.12-1ubuntu2.1_i386.deb Size/MD5: 91876 289bf732dd4750a2ce61ab121b04b079\r\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1u \\\r\nbuntu2.1_i386.deb Size/MD5: 90316 add7f446f6b524343c0066a486dd299a\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_ \\\r\nlpia.deb Size/MD5: 137088 571e9f0370b5687acff25f71c4efe33e\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1 \\\r\n_lpia.deb Size/MD5: 138192 816a6e033f02114553bbb3627b9c6f9c\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_lpia.d \\\r\neb Size/MD5: 155090 af8272dc794250c30cd2f66b82486dc2\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_lpia.d \\\r\neb Size/MD5: 1290606 4c51de07f5a6fe9612de45369e6f35a5\r\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubun \\\r\ntu2.1_lpia.deb Size/MD5: 91830 06866386df811127f4fd71d6fb2a9e2a\r\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_l \\\r\npia.deb Size/MD5: 90312 9e68bd8111503135a4eae7265b0084ae\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_ \\\r\npowerpc.deb Size/MD5: 137096 61b24dbeb12d7998e5d7014c26410a99\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1 \\\r\n_powerpc.deb Size/MD5: 138202 599898ff374bde8bfa388e2615064c5a\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_powerp \\\r\nc.deb Size/MD5: 161058 fea8f5b9a80bef9c4cb3405bc37160af\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_powerp \\\r\nc.deb Size/MD5: 1390150 fb1a244728a509586b77d02930fcf10f\r\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubun \\\r\ntu2.1_powerpc.deb Size/MD5: 92400 572c3b0aa5ab717e8c4e4e8248aff1ff\r\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_p \\\r\nowerpc.deb Size/MD5: 90774 82011ebc757d31e690698cf9913e3adc\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_ \\\r\nsparc.deb Size/MD5: 137098 7f566dfade1678c72eac7dd923ab5987\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1 \\\r\n_sparc.deb Size/MD5: 138202 09fbc3145d768cf1f204d47b50e21528\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_sparc. \\\r\ndeb Size/MD5: 159488 7cb6c81588adaee162b8c85a1f69e7a7\r\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_sparc. \\\r\ndeb Size/MD5: 1297936 106b0b71f5e928c1d543973b5b1f015b\r\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubun \\\r\ntu2.1_sparc.deb Size/MD5: 92166 28899fe31226880dfa961d8b05e8fa43\r\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_s \\\r\nparc.deb Size/MD5: 90554 f207de0099ed259e2af736e8c82f91c2\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-12673", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-11-19T18:30:25", "description": "BUGTRAQ ID: 36260\r\nCVE ID: CVE-2009-3094\r\n\r\nApache HTTP Server\u662f\u4e00\u6b3e\u6d41\u884c\u7684Web\u670d\u52a1\u5668\u3002\r\n\r\nApache\u7684mod_proxy_ftp\u6a21\u5757\u4e2dmodules/proxy/proxy_ftp.c\u6587\u4ef6\u7684ap_proxy_ftp_handler\u51fd\u6570\u4e2d\u5b58\u5728\u7a7a\u6307\u9488\u5f15\u7528\u6f0f\u6d1e\uff0c\u6b63\u5728\u88ab\u4ee3\u7406\u7684\u6076\u610fFTP\u670d\u52a1\u5668\u53ef\u4ee5\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684EPSV\u6216PASV\u547d\u4ee4\u56de\u590d\u5bfc\u81f4httpd\u5b50\u8fdb\u7a0b\u5d29\u6e83\uff0c\u9020\u6210\u6709\u9650\u7684\u62d2\u7edd\u670d\u52a1\u3002\n\nApache Group Apache 2.2.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nApache Group\r\n------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.apache.org/dist/httpd/httpd-2.2.14.tar.gz\r\n\r\nRedHat\r\n------\r\nRedHat\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08RHSA-2009:1579-02\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nRHSA-2009:1579-02\uff1aModerate: httpd security update\r\n\u94fe\u63a5\uff1ahttps://www.redhat.com/support/errata/RHSA-2009-1579.html", "cvss3": {}, "published": "2009-11-13T00:00:00", "type": "seebug", "title": "Apache mod_proxy_ftp\u6a21\u5757\u7a7a\u6307\u9488\u5f15\u7528\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2009-3094"], "modified": "2009-11-13T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-12628", "id": "SSV:12628", "sourceData": "", "sourceHref": "", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-11-19T18:30:15", "description": "BUGTRAQ ID: 36254\r\nCVE ID: CVE-2009-3095\r\n\r\nApache HTTP Server\u662f\u4e00\u6b3e\u6d41\u884c\u7684Web\u670d\u52a1\u5668\u3002\r\n\r\nApache\u670d\u52a1\u5668\u7684mod_proxy_ftp\u6a21\u5757\u4e2d\u5b58\u5728\u8fdc\u7a0b\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u3002\u5728\u9006\u5411\u4ee3\u7406\u914d\u7f6e\u4e2d\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8fd9\u4e2a\u6f0f\u6d1e\u901a\u8fc7\u521b\u5efa\u7279\u5236\u7684HTTP Authorization\u5934\u7ed5\u8fc7\u9884\u671f\u7684\u8bbf\u95ee\u9650\u5236\uff0c\u5411FTP\u670d\u52a1\u5668\u53d1\u9001\u4efb\u610f\u547d\u4ee4\u3002\n\nApache Group Apache 2.2.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nApache Group\r\n------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.apache.org/dist/httpd/httpd-2.2.14.tar.gz\r\n\r\nRedHat\r\n------\r\nRedHat\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08RHSA-2009:1579-02\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nRHSA-2009:1579-02\uff1aModerate: httpd security update\r\n\u94fe\u63a5\uff1ahttps://www.redhat.com/support/errata/RHSA-2009-1579.html", "cvss3": {}, "published": "2009-11-13T00:00:00", "type": "seebug", "title": "Apache mod_proxy_ftp\u6a21\u5757\u8fdc\u7a0b\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2009-3095"], "modified": "2009-11-13T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-12626", "id": "SSV:12626", "sourceData": "", "sourceHref": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2022-02-25T23:55:38", "description": "Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 \nprotocols. If an attacker could perform a machine-in-the-middle attack at the \nstart of a TLS connection, the attacker could inject arbitrary content at \nthe beginning of the user's session. The flaw is with TLS renegotiation and \npotentially affects any software that supports this feature. Attacks \nagainst the HTTPS protocol are known, with the severity of the issue \ndepending on the safeguards used in the web application. Until the TLS \nprotocol and underlying libraries are adjusted to defend against this \nvulnerability, a partial, temporary workaround has been applied to Apache \nthat disables client initiated TLS renegotiation. This update does not \nprotect against server initiated TLS renegotiation when using \nSSLVerifyClient and SSLCipherSuite on a per Directory or Location basis. \nUsers can defend againt server inititiated TLS renegotiation attacks by \nadjusting their Apache configuration to use SSLVerifyClient and \nSSLCipherSuite only on the server or virtual host level. (CVE-2009-3555)\n\nIt was discovered that mod_proxy_ftp in Apache did not properly sanitize \nits input when processing replies to EPASV and PASV commands. An attacker \ncould use this to cause a denial of service in the Apache child process. \n(CVE-2009-3094)\n\nAnother flaw was discovered in mod_proxy_ftp. If Apache is configured as a \nreverse proxy, an attacker could send a crafted HTTP header to bypass \nintended access controls and send arbitrary commands to the FTP server. \n(CVE-2009-3095)\n", "cvss3": {}, "published": "2009-11-19T00:00:00", "type": "ubuntu", "title": "Apache vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3555", "CVE-2009-3094", "CVE-2009-3095"], "modified": "2009-11-19T00:00:00", "id": "USN-860-1", "href": "https://ubuntu.com/security/notices/USN-860-1", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "redhat": [{"lastseen": "2021-10-21T04:43:07", "description": "The Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. This update partially mitigates this flaw for SSL\nsessions to HTTP servers using mod_ssl by rejecting client-requested\nrenegotiation. (CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers. An\nattack is still possible in configurations that require a server-initiated\nrenegotiation. Refer to the following Knowledgebase article for further\ninformation: http://kbase.redhat.com/faq/docs/DOC-20491\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\nmodule. A malicious FTP server to which requests are being proxied could\nuse this flaw to crash an httpd child process via a malformed reply to the\nEPSV or PASV commands, resulting in a limited denial of service.\n(CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a reverse\nproxy configuration, a remote attacker could use this flaw to bypass\nintended access restrictions by creating a carefully-crafted HTTP\nAuthorization header, allowing the attacker to send arbitrary commands to\nthe FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "redhat", "title": "(RHSA-2009:1579) Moderate: httpd security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2018-05-26T00:26:18", "id": "RHSA-2009:1579", "href": "https://access.redhat.com/errata/RHSA-2009:1579", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-10-21T04:43:58", "description": "The Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. This update partially mitigates this flaw for SSL\nsessions to HTTP servers using mod_ssl by rejecting client-requested\nrenegotiation. (CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers. An\nattack is still possible in configurations that require a server-initiated\nrenegotiation. Refer to the following Knowledgebase article for further\ninformation: http://kbase.redhat.com/faq/docs/DOC-20491\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\nmodule. A malicious FTP server to which requests are being proxied could\nuse this flaw to crash an httpd child process via a malformed reply to the\nEPSV or PASV commands, resulting in a limited denial of service.\n(CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a reverse\nproxy configuration, a remote attacker could use this flaw to bypass\nintended access restrictions by creating a carefully-crafted HTTP\nAuthorization header, allowing the attacker to send arbitrary commands to\nthe FTP server. (CVE-2009-3095)\n\nAll users of JBoss Enterprise Web Server 1.0.0 should upgrade to these\nupdated packages, which contain backported patches to correct these issues.\nAfter installing the updated packages, Red Hat Enterprise Linux 4 users\nmust restart the httpd22 service, and Red Hat Enterprise Linux 5 users must\nrestart the httpd service, for the update to take effect.", "cvss3": {}, "published": "2010-01-06T00:00:00", "type": "redhat", "title": "(RHSA-2010:0011) Moderate: httpd and httpd22 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2016-04-04T14:31:40", "id": "RHSA-2010:0011", "href": "https://access.redhat.com/errata/RHSA-2010:0011", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-10-21T04:45:47", "description": "The Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. This update partially mitigates this flaw for SSL\nsessions to HTTP servers using mod_ssl by rejecting client-requested\nrenegotiation. (CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers. An\nattack is still possible in configurations that require a server-initiated\nrenegotiation. Refer to the following Knowledgebase article for further\ninformation: http://kbase.redhat.com/faq/docs/DOC-20491\n\nA denial of service flaw was found in the Apache mod_deflate module. This\nmodule continued to compress large files until compression was complete,\neven if the network connection that requested the content was closed before\ncompression completed. This would cause mod_deflate to consume large\namounts of CPU if mod_deflate was enabled for a large file. (CVE-2009-1891)\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\nmodule. A malicious FTP server to which requests are being proxied could\nuse this flaw to crash an httpd child process via a malformed reply to the\nEPSV or PASV commands, resulting in a limited denial of service.\n(CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a reverse\nproxy configuration, a remote attacker could use this flaw to bypass\nintended access restrictions by creating a carefully-crafted HTTP\nAuthorization header, allowing the attacker to send arbitrary commands to\nthe FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "redhat", "title": "(RHSA-2009:1580) Moderate: httpd security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1891", "CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2017-09-08T07:59:33", "id": "RHSA-2009:1580", "href": "https://access.redhat.com/errata/RHSA-2009:1580", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-10-19T20:39:56", "description": "Red Hat Application Stack v2.4 is an integrated open source application\nstack, that includes Red Hat Enterprise Linux 5 and JBoss Enterprise\nApplication Platform (EAP). JBoss EAP is provided through the JBoss EAP\nchannels on the Red Hat Network.\n\nPostgreSQL was updated to version 8.2.14, fixing the following security\nissues:\n\nA flaw was found in the way PostgreSQL handles LDAP-based authentication.\nIf PostgreSQL was configured to use LDAP authentication and the LDAP server\nwas configured to allow anonymous binds, anyone able to connect to a given\ndatabase could use this flaw to log in as any database user, including a\nPostgreSQL superuser, without supplying a password. (CVE-2009-3231)\n\nIt was discovered that the upstream patch for CVE-2007-6600 included in the\nRed Hat Security Advisory RHSA-2008:0040 did not include protection against\nmisuse of the RESET ROLE and RESET SESSION AUTHORIZATION commands. An\nauthenticated user could use this flaw to install malicious code that would\nlater execute with superuser privileges. (CVE-2009-3230)\n\nA flaw was found in the way PostgreSQL handles external plug-ins. This flaw\ncould allow remote, authenticated users without superuser privileges to\ncrash the back-end server by using the LOAD command on libraries in\n\"/var/lib/pgsql/plugins/\" that have already been loaded, causing a\ntemporary denial of service during crash recovery. (CVE-2009-3229)\n\nMySQL was updated to version 5.0.84, fixing the following security issues:\n\nAn insufficient HTML entities quoting flaw was found in the mysql command\nline client's HTML output mode. If an attacker was able to inject arbitrary\nHTML tags into data stored in a MySQL database, which was later retrieved\nusing the mysql command line client and its HTML output mode, they could\nperform a cross-site scripting (XSS) attack against victims viewing the\nHTML output in a web browser. (CVE-2008-4456)\n\nMultiple format string flaws were found in the way the MySQL server logs\nuser commands when creating and deleting databases. A remote, authenticated\nattacker with permissions to CREATE and DROP databases could use these\nflaws to formulate a specifically-crafted SQL command that would cause a\ntemporary denial of service (open connections to mysqld are terminated).\n(CVE-2009-2446)\n\nNote: To exploit the CVE-2009-2446 flaws, the general query log (the mysqld\n\"--log\" command line option or the \"log\" option in \"/etc/my.cnf\") must be\nenabled. This logging is not enabled by default.\n\nPHP was updated to version 5.2.10, fixing the following security issue:\n\nAn insufficient input validation flaw was discovered in the PHP\nexif_read_data() function, used to read Exchangeable image file format\n(Exif) metadata from images. An attacker could create a specially-crafted\nimage that could cause the PHP interpreter to crash or disclose portions of\nits memory while reading the Exif metadata from the image. (CVE-2009-2687)\n\nApache httpd has been updated with backported patches to correct the\nfollowing security issues:\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\nmodule. A malicious FTP server to which requests are being proxied could\nuse this flaw to crash an httpd child process via a malformed reply to the\nEPSV or PASV commands, resulting in a limited denial of service.\n(CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a reverse\nproxy configuration, a remote attacker could use this flaw to bypass\nintended access restrictions by creating a carefully-crafted HTTP\nAuthorization header, allowing the attacker to send arbitrary commands to\nthe FTP server. (CVE-2009-3095)\n\nAlso, the following packages have been updated:\n\n* postgresql-jdbc to 8.2.510\n* php-pear to 1.8.1\n* perl-DBI to 1.609\n* perl-DBD-MySQL to 4.012\n\nAll users should upgrade to these updated packages, which resolve these\nissues. Users must restart the individual services, including postgresql,\nmysqld, and httpd, for this update to take effect.", "cvss3": {}, "published": "2009-09-23T00:00:00", "type": "redhat", "title": "(RHSA-2009:1461) Important: Red Hat Application Stack v2.4 security and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6600", "CVE-2008-4456", "CVE-2009-2446", "CVE-2009-2687", "CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3229", "CVE-2009-3230", "CVE-2009-3231"], "modified": "2019-03-22T19:44:39", "id": "RHSA-2009:1461", "href": "https://access.redhat.com/errata/RHSA-2009:1461", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:42", "description": "[2.2.3-31.0.1.el5_4.2]\n- replace index.html with Oracle's index page oracle_index.html\n- update vstring and distro in specfile\n[2.2.3-31.2]\n- add security fixes for CVE-2009-3094, CVE-2009-3095, CVE-2009-3555 (#534041) ", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "oraclelinux", "title": "httpd security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3555", "CVE-2009-3095"], "modified": "2009-11-11T00:00:00", "id": "ELSA-2009-1579", "href": "http://linux.oracle.com/errata/ELSA-2009-1579.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:58", "description": "[2.0.52-41.ent.6.0.1]\n- use oracle index page oracle_index.html\n- update vstring and distro in specfile\n[2.0.52-41.ent.6]\n- add security fixes for CVE-2009-3555, CVE-2009-1891, CVE-2009-3094,\n and CVE-2009-3095 (#534039)", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "oraclelinux", "title": "httpd security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-3555", "CVE-2009-3095", "CVE-2009-1891"], "modified": "2009-11-11T00:00:00", "id": "ELSA-2009-1580", "href": "http://linux.oracle.com/errata/ELSA-2009-1580.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2021-10-22T00:47:02", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1934-1 security@debian.org\nhttp://www.debian.org/security/ Stefan Fritsch\nNovember 16, 2009 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : apache2\nVulnerability : multiple issues\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2009-3094 CVE-2009-3095 CVE-2009-3555\n\n\nA design flaw has been found in the TLS and SSL protocol that allows\nan attacker to inject arbitrary content at the beginning of a TLS/SSL\nconnection. The attack is related to the way how TLS and SSL handle\nsession renegotiations. CVE-2009-3555 has been assigned to this\nvulnerability.\n\nAs a partial mitigation against this attack, this apache2 update\ndisables client-initiated renegotiations. This should fix the\nvulnerability for the majority of Apache configurations in use.\n\nNOTE: This is not a complete fix for the problem. The attack is\nstill possible in configurations where the server initiates the\nrenegotiation. This is the case for the following configurations\n(the information in the changelog of the updated packages is\nslightly inaccurate):\n\n- - The "SSLVerifyClient" directive is used in a Directory or Location\n context.\n- - The "SSLCipherSuite" directive is used in a Directory or Location\n context.\n\nAs a workaround, you may rearrange your configuration in a way that\nSSLVerifyClient and SSLCipherSuite are only used on the server or\nvirtual host level.\n\nA complete fix for the problem will require a protocol change. Further\ninformation will be included in a separate announcement about this\nissue.\n\n\nIn addition, this update fixes the following issues in Apache's\nmod_proxy_ftp:\n\nCVE-2009-3094: Insufficient input validation in the mod_proxy_ftp\nmodule allowed remote FTP servers to cause a denial of service (NULL\npointer dereference and child process crash) via a malformed reply to\nan EPSV command.\n\nCVE-2009-3095: Insufficient input validation in the mod_proxy_ftp\nmodule allowed remote authenticated attackers to bypass intended access\nrestrictions and send arbitrary FTP commands to an FTP server.\n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.2.9-10+lenny6. This version also includes some non-security\nbug fixes that were scheduled for inclusion in the next stable point\nrelease (Debian 5.0.4).\n\nThe oldstable distribution (etch), these problems have been fixed in\nversion 2.2.3-4+etch11.\n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), these problems will be fixed in version 2.2.14-2.\n\nThis advisory also provides updated apache2-mpm-itk packages which\nhave been recompiled against the new apache2 packages.\n\nUpdated apache2-mpm-itk packages for the armel architecture are not\nincluded yet. They will be released as soon as they become available.\n\n\nWe recommend that you upgrade your apache2 and apache2-mpm-itk packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch (oldstable)\n- -------------------------------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.dsc\n Size/MD5 checksum: 1071 dff8f31d88ede35bb87f92743d2db202\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3.orig.tar.gz\n Size/MD5 checksum: 6342475 f72ffb176e2dc7b322be16508c09f63c\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.diff.gz\n Size/MD5 checksum: 124890 c9b197b2a4bade4e92f3c65b88eea614\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.3-4+etch11_all.deb\n Size/MD5 checksum: 2247064 357f2daba8360eaf00b0157326c4d258\n http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.3-4+etch11_all.deb\n Size/MD5 checksum: 6668542 043a6a14dc48aae5fa8101715f4ddf81\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11_all.deb\n Size/MD5 checksum: 41626 27661a99c55641d534a5ffe4ea828c4b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.2.3-4+etch11_all.deb\n Size/MD5 checksum: 275872 8ff0ac120a46e235a9253df6be09e4d5\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 346016 02b337e48ef627e13d79ad3919bc380d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 407682 f01d7e23f206baed1e42c60e15fe240f\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 1017408 1c8dccbed0a309ed0b74b83667f1d587\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 449704 b227ff8c9bceaa81488fec48b81f18f6\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 450266 766ba095925ee31c175716084f41b3cf\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 444898 3b1d9a9531c82872d36ce295d6cba581\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 407030 eedabbc4930b3c14012f57ec7956847b\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_alpha.deb\n Size/MD5 checksum: 184920 2d152290678598aeacd32564c2ec37c2\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 409010 15d5dda7eb1e9e8d406cd9ff4b25e60f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 408330 0bf271280295146f4ded8c02335e8fc1\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 1000068 f92b3deafb9ce263d0d66b753231a003\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 436268 9ef6b02f0ecf9905c14114a464c86f80\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 432320 b734b0c2f1d2177a828cff7d8e34d17c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 342152 ef061f914027b41b788a31758d7c4e96\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 436766 deb97a3637ae8be3e016e37c038bc470\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_amd64.deb\n Size/MD5 checksum: 172802 0550f661c804ef0c0ec31e1928f5f97d\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 421056 b55b215aee8398e6388a73b421229db7\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 408940 8782732ef6487ef268abf2856ec5e2c0\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 408140 f3627e52eaf7a011a5a624ea25fa058b\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 968448 ac1354c562e7969e47561f4cba3a859b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 346166 a8729d03737330075908c2b8b2f5ce0b\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_arm.deb\n Size/MD5 checksum: 157634 53c277ca7e52e7e60a523183e87beec3\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 421782 b17f7ce0bfd6fee4877d9bccaf82770e\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 417026 03b845039bf49fba64f064acda350f43\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 444058 16fb9ac5807fcf161321ffc8467e963d\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_hppa.deb\n Size/MD5 checksum: 179532 b1f7b89ac1e830b72e30c9476b813263\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 352116 f34f19a1bf40a37695ac0aeb3f5b6d10\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 443324 e7106e9195fcd9f34ced7bccb009cbb7\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 1078948 29a60062b3f7676f768dda1d4cdb78fd\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 439968 6ff5b95ba06596c04f2fc7dc3adac7ac\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 410880 28ce1d24c4e152624c38330d34781636\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 409994 2ce21d9fc51fbbeb5e05ac7c418d7e11\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 409776 04bafa059e90c14851f290c02fc7a29e\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 963818 f2755fd250837dd878a24ffc8527855d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 425034 fc0b075a77853494886719b1bf4d7092\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 421206 d2758678dc6dcfb2298a5e69dbd199d0\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 425510 5df035120241567d62ba4154a7ade25f\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_i386.deb\n Size/MD5 checksum: 161256 614f006996e6309829bf7c80bb95e3ed\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 410518 833b5256083de5f76d83354f63916af2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 343876 435638e472ccb187c7713f96840cf156\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 407664 9929d570df08ea81c10235d8cfad8cec\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_ia64.deb\n Size/MD5 checksum: 231808 505ed0109a851680126951f228f4ed40\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 491120 d1ef23e9bbd457b1c30d50234050b112\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 498202 f430c9b4231122f996799b45d68596a3\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 407018 f721b04b90b8b2b5ec76916488395bdd\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 360664 08763e41786b3c5b28cf3e27d234419d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 497388 6ef80d442fbf5046e78b9b2a0637adb9\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 1204566 d1cc5f38e5683c539db6673611585b67\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 430112 01c3cf5fc888bff3967c95736b3caf40\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 407674 688656128f0f46e8b35da61d731e244f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 434122 791a223b58a6a3a00fdd5517decc6ff2\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 951736 68a93c433a24dd42b461907c2b61c6d2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 407022 10cf7a6fa3ad60183a80b7fddc08ed98\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 350066 ab3498abf9ddc41f0665be9c2912beab\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 434784 2d07f9376a7c7eb6229e0c5238e604fc\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mips.deb\n Size/MD5 checksum: 169932 db0ecd6b89594ecbff3bacd9d184f808\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 428958 3c7b9e69ccbeb0db17d437ece3717b65\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 407040 61a67a76dd0acfaeb747d5ee745cb3fa\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 433736 74adf126949edfd4b1af734b3a8255f8\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 951730 3c9d5a12163e7d1c939d26829a4454f1\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 407694 0297490b8b4aff5e1a4527a9c897fbee\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 350302 843a3c227ba43dc4b882c96cad62a6eb\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 434220 b18b6688a18a11d7bfa20d486c13ae64\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mipsel.deb\n Size/MD5 checksum: 168814 6eedc4fb9e8027cf6d11c427a1cc4f8c\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 1061292 0a43b7054755c361229d5e14db9c3156\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 432806 ebe9b3113da3361dabf67acd291f9d93\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_powerpc.deb\n Size/MD5 checksum: 168374 ab7eb4de4a4c224a94698ebb67f627ea\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 433416 0c53941e7e8765780e4e4a71f81a592b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 354920 0682a419e0d59ff5a2af1f322991b157\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 410150 69ddc8b0b8ec235e65eabde0adbc1db7\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 428826 f556fd9726b4c66bbe6fdc05b84d9918\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 409396 d4b779470977873916bff7353829f172\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 437364 0d844765789f2fcc4cf0c24e755b4c3d\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 994710 63d476187cc9eed384ff792ce8b6f471\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 443278 114375b6439d8a9cf344dd4829c7b6d2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 407682 e0db3031b4bb381a0f3178569d4c514a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 442268 219d9f7f67d2a53a3c3e700c68a6d682\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 348624 ac97c9840e0cb11a1cf1e44fd1875015\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 407026 6233c65e8860b416d7a6265ae2c2eda4\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_s390.deb\n Size/MD5 checksum: 177986 634687237fd58d539bc9492415a94b77\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 418896 96bdf44ad9d8c1d86ee3aaf383c9dcce\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 412078 c9aab17ccba1846ea02df78f636a28a6\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 342696 7dd353d553f6a495c506b22f60ff2a0d\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_sparc.deb\n Size/MD5 checksum: 158054 60de9a240c905bdb6ffa0ab6c032096d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 422966 edb7194c73d08c0bdb1eed6bd19ceb53\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 422444 ad0a85ada33d687e1fc67b0fa3c40244\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 960150 0dae013a3e07502409918ff649cb1375\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 411290 88e769a08329b6728c6fd0770d241874\n\n\nDebian GNU/Linux 5.0 alias lenny (stable)\n- -----------------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9.orig.tar.gz\n Size/MD5 checksum: 6396996 80d3754fc278338033296f0d41ef2c04\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.dsc\n Size/MD5 checksum: 1673 f6846ac2d9cbd7887629a9c503154310\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.diff.gz\n Size/MD5 checksum: 145719 fd456ef168b7f1ca1055ffbca1df53db\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.9-10+lenny6_all.deb\n Size/MD5 checksum: 2060318 c2499fa1040a9ace89c1a969de4db870\n http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.9-10+lenny6_all.deb\n Size/MD5 checksum: 6736558 e09131a305cf2e51d3c14ed7c1beaf5d\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6_all.deb\n Size/MD5 checksum: 45238 922ce7e9d14885bab9c9cbbfab99fbd3\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 209720 29861b61a3ae0912a7eb1ba2096b0421\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 84444 af60f321516a06fc9588433ba2c1a88e\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 256598 730d50c0f57ba7aad84e6897217bf42d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 2402082 b932e642a152e30f948437d7313d2dcf\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 82728 bb04bbeae7865acad1ae89e943702623\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_alpha.deb\n Size/MD5 checksum: 198236 61b2f1529a056145d9ea8a87c5c5e8c0\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 208690 f6d15e0b6fa15a3738e9130b4044ce37\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 849014 dddd323a55b010c29a8626194b71a7a1\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 147844 40f11b60e0f5154680f16c1c67943101\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 261662 7b88269d9ce2877809a0f47daa4e756d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 262336 eced46181f89a7f8ee636c0dce4789f7\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 210246 bb629f54f383bfcce66a6bf0bc1a2b6d\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 825462 051201fb8baa9a7a961961dd5082929a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 257694 3b8c5bff06a870ccd062ce53771a43a4\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 211268 5e07756440fecd3a3ee3815a6cff3ff5\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 258424 92c5467fbef1d4da6803507b679df099\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 82532 40718aa8ebb6532404fad4b5ee2a1e09\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 84140 743b1e0fd988539a7346bddbcd573767\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 253708 bcc5c9f767c1e62913af45827f04b83f\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_amd64.deb\n Size/MD5 checksum: 195214 42f4650b895a51b853c253bbbd1e2cc0\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 2455308 9b8792a5defa5193d825d31dc47b43f2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 144980 240232c2f4932579c60ecee786c0af26\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 224760 9615e8207a01d2759de57b58cd885286\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 83230 c840cb7342a3a83e0587fd3baacce760\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 2327178 39819fd5f56728620aaefdbe10887c2b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 147202 f7ebf064272389cf2dd7db7bfe3ff267\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_arm.deb\n Size/MD5 checksum: 161596 b7a2763998f12394ecae68df6ec73fbb\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 223898 fbd3f6bc3340643f55862e5b14947345\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 786918 a142a6fbee216aaa87378bdc53773eb2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 209812 2e4b61b494abdd8e52b219456a82e499\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 219946 4ac3564788d25b492a833e2df463b41e\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 81412 abe1efff8619aac89534c3f4d57c5356\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 211008 865b518f1a18de1020feb2212b137a6c\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 212612 2b8654bdda7346a2a7804800e9a11d8e\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 802766 535b466511548a5264b0da3a3a348381\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 226068 8921ab3294cf45178f3b90fd51fbafc3\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 213694 38498cbd15341da4279e4193a4708c6c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 226354 57f22f55c3ca485b5974e1f2a4ef1414\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 83934 6a6a2de840f638874d8ae05611f142b9\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 82284 b225eb7806650013baccae619ad08f2b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 2340926 83bb45aa97542f6f796780c8a2d24c8b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 221894 872e3f1df2080a84cca36f48e6c8e575\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 151226 3172e8ba667991da2881ea6a7b2781cc\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 84022 f603a1c369bbc7d05efe1ad99325e020\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 153048 0568fcb47c9cad398c7fd7abe2276828\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 82214 f27d31e710ba6640471c47a6fc240aad\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 246406 f18257777ba62d65ceb3aa4842415c74\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 241578 e71e710d7889e79b85e4c20b539a4d26\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 211730 a9913999aac5559db1e75835d87a2efd\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 896810 e8e2d9459750e5d9be76c00923a25696\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 245816 6a876fb502903c7bfcb5a4b8dad71a7a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 213028 f072f0ca44edc122c1b3e1da847f1c8c\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_hppa.deb\n Size/MD5 checksum: 183316 41a32b0fd061c4f2afbd740af5e8325a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 2385020 366e6e9bd1dec0ba6a784813785f13d3\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 82366 ab10d1ab26c914777c5296fe9ccfe027\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 241326 2ee9101bf92fcac69249094b3ca11e2a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 240776 43a654cf0439fc97997a57baec5e2995\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 84104 f73a1bff0a8a4426e63803c4e5c67c60\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 783440 053ba7ef4fbb56547200c32c35ac8a0e\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 143414 c20c10a3eadac1c494a5750888875800\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 237396 06841f14531fab0adb92177af849c8be\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 211420 69c67bd0052c70322924b901ba5f5428\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 2324892 87c51cc1fb8ae2532adcfa601a7b5af4\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 212726 11b86a68880fa98a130e449dec0fbbcc\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_i386.deb\n Size/MD5 checksum: 179396 4ae5716372fe19991b0d8a4cc751d45f\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 162732 0a9a153e3703f9dbd33e325d67373bce\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_ia64.deb\n Size/MD5 checksum: 247068 39445ee73d2076bfa589a5840a3d6024\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 1036624 80b366704dc888c2bea8d84c316faf33\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 208668 c2b06d3c767fa737fbf5e1c3d50d001c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 311692 77ff8879c2853c4b33903299ec3120c8\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 312616 1c20b667ebbd43b0ee1b01cd1cdd991d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 83920 a383c7aef1758f963c019793af7b5f92\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 2317952 803f0b941814cbbc49f4e37bc3b9ca95\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 209700 59ab45d2c7c2168a941ff2fc842268e1\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 304670 067ece69f8b9518f9b18cd948c4df971\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 85802 9294d252435e8026d6135bf8efdfaf46\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 2465158 a36366e07810785cd1f2dc3b020d3486\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 780460 a5daeb91029f3b027a810ee22456ebd3\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 233408 ec9001ee4c996d0b14a9e67d9ce380ec\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 82082 1fc55f0526e3bf90c2156364055a1627\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mips.deb\n Size/MD5 checksum: 171444 789208a77578e49ebca9be904c99aff3\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 83688 8612d0c31dee19c557723b08354c20d7\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 149712 ac8ddf3ab4a3b0fb255adbc588e57305\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 209718 8af3815f7794f4e60d72ba52d3bd19c4\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 229494 c2ef345862009f2a2b979205fec22567\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 208698 246c0001aaa98be577f6c5f004330285\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 233980 ce7b3760443a98b0ddc0607a7a9842bf\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 228110 e45b1c3294102e26eee671b860f4aabc\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 208710 1403636fff03ab43353cdffdef62ffd7\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 83708 9b1c257025920f6dd0a7a2b231c97141\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 209740 546504d6f0a2a449e9bcd618f4700ce5\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 82128 31209b35ecb423f2d88347df6c08eddb\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 2420074 b57ff2a01ee7f29d0dcba4214dc7fc21\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 232140 3dfff4c54077cb221e19533f19538834\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 778974 d9d0084ea48aaa56d2f99c632711d084\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mipsel.deb\n Size/MD5 checksum: 169470 f04a239ba4f1d6ae4ff8ce0960f784fd\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 232796 8ced513dc28d7165fd76076803b98188\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 150024 c2a66c2c63eeb66df98b136cceadc780\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 84570 b43f074242385089dda2aae2e9ae1595\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 915976 723f3349b829894595b913099f06ecc2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 257408 c4bab781417526a0dfdb2240ab2fef07\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 2495210 6fb817120bcb095006fd09d2318f28ee\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_powerpc.deb\n Size/MD5 checksum: 195192 6b4d950e48c6cdfd00d403e42b719b40\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 208684 ece82cc979cff6832d51a6caf51f38b5\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 82908 c54a24103b503b5de1b27993ee33610f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 160960 361e2bae65d5f1303073d8e4d88ccdb7\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 209714 81fbc6671b2d4137dc52232e9d572ea9\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 258234 6dbd57dc907e93b5e9dcd3058e99b30f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 253294 696e2e9219d6e029c0c6f024045a4d5f\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 82544 4e332ccedffd13b1e7b866fe71cf8a9b\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_s390.deb\n Size/MD5 checksum: 197642 e32a924a47b90452356956e3fe39d34e\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 255970 197eea5c422ecf37ec592bf9612c3b2f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 208694 33dddaec24eb4475411eb55abb5d5e71\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 150912 2aa00b2fb3b84a536030f5b5635115bc\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 209726 cf54089c8a33087820f8c9359e461625\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 2409108 1b6e40f5d2772a0a1f26424f4b470136\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 824586 ff52926d953f8b5cbde82ac31176dedb\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 259924 655aca8f56383ebd106ded50d8f557ea\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 260610 12751082d3f1466735d1b3d395d63690\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 84310 9aa451ccb1513c05f4ccc0319124181e\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 2231018 fcdbb08c45ff474592590fac0aa78dac\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 84568 6dcf4195e216a22ef2919806d55d5098\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 237224 9bf96cc5f932643b1c55c6a9fa238af1\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 241474 ed8557af547d9d55a075fca5cf88488d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 82888 bde0baf83e2e972b398be6a500f77125\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_sparc.deb\n Size/MD5 checksum: 177562 09cbb49296407c83ef1575b003dfb129\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 241014 2c10b920cdfec918af3eb148e29fca0f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 212798 28edff7612bb824fc20d88c29b8b7e1f\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 781748 63e7003956d73b1a04e544c00eaa7728\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 213976 b7e758d0a2e6574944d27e2d6e40f60c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 146596 c37cea33bed94a68326b511a66bf050e\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2009-11-16T19:30:33", "type": "debian", "title": "[SECURITY] [DSA-1934-1] New apache2 packages fix several issues", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2009-11-16T19:30:33", "id": "DEBIAN:DSA-1934-1:699DB", "href": "https://lists.debian.org/debian-security-announce/2009/msg00257.html", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-03-26T15:32:59", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1934-1 security@debian.org\nhttp://www.debian.org/security/ Stefan Fritsch\nNovember 16, 2009 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : apache2\nVulnerability : multiple issues\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2009-3094 CVE-2009-3095 CVE-2009-3555\n\n\nA design flaw has been found in the TLS and SSL protocol that allows\nan attacker to inject arbitrary content at the beginning of a TLS/SSL\nconnection. The attack is related to the way how TLS and SSL handle\nsession renegotiations. CVE-2009-3555 has been assigned to this\nvulnerability.\n\nAs a partial mitigation against this attack, this apache2 update\ndisables client-initiated renegotiations. This should fix the\nvulnerability for the majority of Apache configurations in use.\n\nNOTE: This is not a complete fix for the problem. The attack is\nstill possible in configurations where the server initiates the\nrenegotiation. This is the case for the following configurations\n(the information in the changelog of the updated packages is\nslightly inaccurate):\n\n- - The "SSLVerifyClient" directive is used in a Directory or Location\n context.\n- - The "SSLCipherSuite" directive is used in a Directory or Location\n context.\n\nAs a workaround, you may rearrange your configuration in a way that\nSSLVerifyClient and SSLCipherSuite are only used on the server or\nvirtual host level.\n\nA complete fix for the problem will require a protocol change. Further\ninformation will be included in a separate announcement about this\nissue.\n\n\nIn addition, this update fixes the following issues in Apache's\nmod_proxy_ftp:\n\nCVE-2009-3094: Insufficient input validation in the mod_proxy_ftp\nmodule allowed remote FTP servers to cause a denial of service (NULL\npointer dereference and child process crash) via a malformed reply to\nan EPSV command.\n\nCVE-2009-3095: Insufficient input validation in the mod_proxy_ftp\nmodule allowed remote authenticated attackers to bypass intended access\nrestrictions and send arbitrary FTP commands to an FTP server.\n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.2.9-10+lenny6. This version also includes some non-security\nbug fixes that were scheduled for inclusion in the next stable point\nrelease (Debian 5.0.4).\n\nThe oldstable distribution (etch), these problems have been fixed in\nversion 2.2.3-4+etch11.\n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), these problems will be fixed in version 2.2.14-2.\n\nThis advisory also provides updated apache2-mpm-itk packages which\nhave been recompiled against the new apache2 packages.\n\nUpdated apache2-mpm-itk packages for the armel architecture are not\nincluded yet. They will be released as soon as they become available.\n\n\nWe recommend that you upgrade your apache2 and apache2-mpm-itk packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch (oldstable)\n- -------------------------------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.dsc\n Size/MD5 checksum: 1071 dff8f31d88ede35bb87f92743d2db202\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3.orig.tar.gz\n Size/MD5 checksum: 6342475 f72ffb176e2dc7b322be16508c09f63c\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.diff.gz\n Size/MD5 checksum: 124890 c9b197b2a4bade4e92f3c65b88eea614\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.3-4+etch11_all.deb\n Size/MD5 checksum: 2247064 357f2daba8360eaf00b0157326c4d258\n http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.3-4+etch11_all.deb\n Size/MD5 checksum: 6668542 043a6a14dc48aae5fa8101715f4ddf81\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11_all.deb\n Size/MD5 checksum: 41626 27661a99c55641d534a5ffe4ea828c4b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.2.3-4+etch11_all.deb\n Size/MD5 checksum: 275872 8ff0ac120a46e235a9253df6be09e4d5\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 346016 02b337e48ef627e13d79ad3919bc380d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 407682 f01d7e23f206baed1e42c60e15fe240f\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 1017408 1c8dccbed0a309ed0b74b83667f1d587\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 449704 b227ff8c9bceaa81488fec48b81f18f6\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 450266 766ba095925ee31c175716084f41b3cf\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 444898 3b1d9a9531c82872d36ce295d6cba581\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 407030 eedabbc4930b3c14012f57ec7956847b\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_alpha.deb\n Size/MD5 checksum: 184920 2d152290678598aeacd32564c2ec37c2\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 409010 15d5dda7eb1e9e8d406cd9ff4b25e60f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 408330 0bf271280295146f4ded8c02335e8fc1\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 1000068 f92b3deafb9ce263d0d66b753231a003\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 436268 9ef6b02f0ecf9905c14114a464c86f80\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 432320 b734b0c2f1d2177a828cff7d8e34d17c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 342152 ef061f914027b41b788a31758d7c4e96\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 436766 deb97a3637ae8be3e016e37c038bc470\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_amd64.deb\n Size/MD5 checksum: 172802 0550f661c804ef0c0ec31e1928f5f97d\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 421056 b55b215aee8398e6388a73b421229db7\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 408940 8782732ef6487ef268abf2856ec5e2c0\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 408140 f3627e52eaf7a011a5a624ea25fa058b\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 968448 ac1354c562e7969e47561f4cba3a859b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 346166 a8729d03737330075908c2b8b2f5ce0b\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_arm.deb\n Size/MD5 checksum: 157634 53c277ca7e52e7e60a523183e87beec3\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 421782 b17f7ce0bfd6fee4877d9bccaf82770e\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 417026 03b845039bf49fba64f064acda350f43\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 444058 16fb9ac5807fcf161321ffc8467e963d\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_hppa.deb\n Size/MD5 checksum: 179532 b1f7b89ac1e830b72e30c9476b813263\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 352116 f34f19a1bf40a37695ac0aeb3f5b6d10\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 443324 e7106e9195fcd9f34ced7bccb009cbb7\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 1078948 29a60062b3f7676f768dda1d4cdb78fd\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 439968 6ff5b95ba06596c04f2fc7dc3adac7ac\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 410880 28ce1d24c4e152624c38330d34781636\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 409994 2ce21d9fc51fbbeb5e05ac7c418d7e11\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 409776 04bafa059e90c14851f290c02fc7a29e\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 963818 f2755fd250837dd878a24ffc8527855d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 425034 fc0b075a77853494886719b1bf4d7092\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 421206 d2758678dc6dcfb2298a5e69dbd199d0\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 425510 5df035120241567d62ba4154a7ade25f\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_i386.deb\n Size/MD5 checksum: 161256 614f006996e6309829bf7c80bb95e3ed\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 410518 833b5256083de5f76d83354f63916af2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 343876 435638e472ccb187c7713f96840cf156\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 407664 9929d570df08ea81c10235d8cfad8cec\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_ia64.deb\n Size/MD5 checksum: 231808 505ed0109a851680126951f228f4ed40\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 491120 d1ef23e9bbd457b1c30d50234050b112\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 498202 f430c9b4231122f996799b45d68596a3\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 407018 f721b04b90b8b2b5ec76916488395bdd\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 360664 08763e41786b3c5b28cf3e27d234419d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 497388 6ef80d442fbf5046e78b9b2a0637adb9\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 1204566 d1cc5f38e5683c539db6673611585b67\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 430112 01c3cf5fc888bff3967c95736b3caf40\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 407674 688656128f0f46e8b35da61d731e244f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 434122 791a223b58a6a3a00fdd5517decc6ff2\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 951736 68a93c433a24dd42b461907c2b61c6d2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 407022 10cf7a6fa3ad60183a80b7fddc08ed98\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 350066 ab3498abf9ddc41f0665be9c2912beab\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 434784 2d07f9376a7c7eb6229e0c5238e604fc\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mips.deb\n Size/MD5 checksum: 169932 db0ecd6b89594ecbff3bacd9d184f808\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 428958 3c7b9e69ccbeb0db17d437ece3717b65\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 407040 61a67a76dd0acfaeb747d5ee745cb3fa\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 433736 74adf126949edfd4b1af734b3a8255f8\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 951730 3c9d5a12163e7d1c939d26829a4454f1\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 407694 0297490b8b4aff5e1a4527a9c897fbee\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 350302 843a3c227ba43dc4b882c96cad62a6eb\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 434220 b18b6688a18a11d7bfa20d486c13ae64\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mipsel.deb\n Size/MD5 checksum: 168814 6eedc4fb9e8027cf6d11c427a1cc4f8c\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 1061292 0a43b7054755c361229d5e14db9c3156\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 432806 ebe9b3113da3361dabf67acd291f9d93\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_powerpc.deb\n Size/MD5 checksum: 168374 ab7eb4de4a4c224a94698ebb67f627ea\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 433416 0c53941e7e8765780e4e4a71f81a592b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 354920 0682a419e0d59ff5a2af1f322991b157\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 410150 69ddc8b0b8ec235e65eabde0adbc1db7\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 428826 f556fd9726b4c66bbe6fdc05b84d9918\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 409396 d4b779470977873916bff7353829f172\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 437364 0d844765789f2fcc4cf0c24e755b4c3d\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 994710 63d476187cc9eed384ff792ce8b6f471\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 443278 114375b6439d8a9cf344dd4829c7b6d2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 407682 e0db3031b4bb381a0f3178569d4c514a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 442268 219d9f7f67d2a53a3c3e700c68a6d682\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 348624 ac97c9840e0cb11a1cf1e44fd1875015\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 407026 6233c65e8860b416d7a6265ae2c2eda4\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_s390.deb\n Size/MD5 checksum: 177986 634687237fd58d539bc9492415a94b77\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 418896 96bdf44ad9d8c1d86ee3aaf383c9dcce\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 412078 c9aab17ccba1846ea02df78f636a28a6\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 342696 7dd353d553f6a495c506b22f60ff2a0d\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_sparc.deb\n Size/MD5 checksum: 158054 60de9a240c905bdb6ffa0ab6c032096d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 422966 edb7194c73d08c0bdb1eed6bd19ceb53\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 422444 ad0a85ada33d687e1fc67b0fa3c40244\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 960150 0dae013a3e07502409918ff649cb1375\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 411290 88e769a08329b6728c6fd0770d241874\n\n\nDebian GNU/Linux 5.0 alias lenny (stable)\n- -----------------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9.orig.tar.gz\n Size/MD5 checksum: 6396996 80d3754fc278338033296f0d41ef2c04\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.dsc\n Size/MD5 checksum: 1673 f6846ac2d9cbd7887629a9c503154310\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.diff.gz\n Size/MD5 checksum: 145719 fd456ef168b7f1ca1055ffbca1df53db\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.9-10+lenny6_all.deb\n Size/MD5 checksum: 2060318 c2499fa1040a9ace89c1a969de4db870\n http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.9-10+lenny6_all.deb\n Size/MD5 checksum: 6736558 e09131a305cf2e51d3c14ed7c1beaf5d\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6_all.deb\n Size/MD5 checksum: 45238 922ce7e9d14885bab9c9cbbfab99fbd3\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 209720 29861b61a3ae0912a7eb1ba2096b0421\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 84444 af60f321516a06fc9588433ba2c1a88e\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 256598 730d50c0f57ba7aad84e6897217bf42d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 2402082 b932e642a152e30f948437d7313d2dcf\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 82728 bb04bbeae7865acad1ae89e943702623\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_alpha.deb\n Size/MD5 checksum: 198236 61b2f1529a056145d9ea8a87c5c5e8c0\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 208690 f6d15e0b6fa15a3738e9130b4044ce37\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 849014 dddd323a55b010c29a8626194b71a7a1\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 147844 40f11b60e0f5154680f16c1c67943101\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 261662 7b88269d9ce2877809a0f47daa4e756d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 262336 eced46181f89a7f8ee636c0dce4789f7\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 210246 bb629f54f383bfcce66a6bf0bc1a2b6d\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 825462 051201fb8baa9a7a961961dd5082929a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 257694 3b8c5bff06a870ccd062ce53771a43a4\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 211268 5e07756440fecd3a3ee3815a6cff3ff5\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 258424 92c5467fbef1d4da6803507b679df099\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 82532 40718aa8ebb6532404fad4b5ee2a1e09\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 84140 743b1e0fd988539a7346bddbcd573767\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 253708 bcc5c9f767c1e62913af45827f04b83f\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_amd64.deb\n Size/MD5 checksum: 195214 42f4650b895a51b853c253bbbd1e2cc0\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 2455308 9b8792a5defa5193d825d31dc47b43f2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 144980 240232c2f4932579c60ecee786c0af26\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 224760 9615e8207a01d2759de57b58cd885286\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 83230 c840cb7342a3a83e0587fd3baacce760\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 2327178 39819fd5f56728620aaefdbe10887c2b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 147202 f7ebf064272389cf2dd7db7bfe3ff267\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_arm.deb\n Size/MD5 checksum: 161596 b7a2763998f12394ecae68df6ec73fbb\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 223898 fbd3f6bc3340643f55862e5b14947345\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 786918 a142a6fbee216aaa87378bdc53773eb2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 209812 2e4b61b494abdd8e52b219456a82e499\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 219946 4ac3564788d25b492a833e2df463b41e\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 81412 abe1efff8619aac89534c3f4d57c5356\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 211008 865b518f1a18de1020feb2212b137a6c\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 212612 2b8654bdda7346a2a7804800e9a11d8e\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 802766 535b466511548a5264b0da3a3a348381\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 226068 8921ab3294cf45178f3b90fd51fbafc3\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 213694 38498cbd15341da4279e4193a4708c6c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 226354 57f22f55c3ca485b5974e1f2a4ef1414\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 83934 6a6a2de840f638874d8ae05611f142b9\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 82284 b225eb7806650013baccae619ad08f2b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 2340926 83bb45aa97542f6f796780c8a2d24c8b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 221894 872e3f1df2080a84cca36f48e6c8e575\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 151226 3172e8ba667991da2881ea6a7b2781cc\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 84022 f603a1c369bbc7d05efe1ad99325e020\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 153048 0568fcb47c9cad398c7fd7abe2276828\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 82214 f27d31e710ba6640471c47a6fc240aad\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 246406 f18257777ba62d65ceb3aa4842415c74\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 241578 e71e710d7889e79b85e4c20b539a4d26\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 211730 a9913999aac5559db1e75835d87a2efd\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 896810 e8e2d9459750e5d9be76c00923a25696\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 245816 6a876fb502903c7bfcb5a4b8dad71a7a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 213028 f072f0ca44edc122c1b3e1da847f1c8c\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_hppa.deb\n Size/MD5 checksum: 183316 41a32b0fd061c4f2afbd740af5e8325a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 2385020 366e6e9bd1dec0ba6a784813785f13d3\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 82366 ab10d1ab26c914777c5296fe9ccfe027\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 241326 2ee9101bf92fcac69249094b3ca11e2a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 240776 43a654cf0439fc97997a57baec5e2995\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 84104 f73a1bff0a8a4426e63803c4e5c67c60\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 783440 053ba7ef4fbb56547200c32c35ac8a0e\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 143414 c20c10a3eadac1c494a5750888875800\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 237396 06841f14531fab0adb92177af849c8be\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 211420 69c67bd0052c70322924b901ba5f5428\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 2324892 87c51cc1fb8ae2532adcfa601a7b5af4\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 212726 11b86a68880fa98a130e449dec0fbbcc\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_i386.deb\n Size/MD5 checksum: 179396 4ae5716372fe19991b0d8a4cc751d45f\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 162732 0a9a153e3703f9dbd33e325d67373bce\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_ia64.deb\n Size/MD5 checksum: 247068 39445ee73d2076bfa589a5840a3d6024\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 1036624 80b366704dc888c2bea8d84c316faf33\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 208668 c2b06d3c767fa737fbf5e1c3d50d001c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 311692 77ff8879c2853c4b33903299ec3120c8\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 312616 1c20b667ebbd43b0ee1b01cd1cdd991d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 83920 a383c7aef1758f963c019793af7b5f92\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 2317952 803f0b941814cbbc49f4e37bc3b9ca95\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 209700 59ab45d2c7c2168a941ff2fc842268e1\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 304670 067ece69f8b9518f9b18cd948c4df971\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 85802 9294d252435e8026d6135bf8efdfaf46\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 2465158 a36366e07810785cd1f2dc3b020d3486\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 780460 a5daeb91029f3b027a810ee22456ebd3\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 233408 ec9001ee4c996d0b14a9e67d9ce380ec\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 82082 1fc55f0526e3bf90c2156364055a1627\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mips.deb\n Size/MD5 checksum: 171444 789208a77578e49ebca9be904c99aff3\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 83688 8612d0c31dee19c557723b08354c20d7\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 149712 ac8ddf3ab4a3b0fb255adbc588e57305\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 209718 8af3815f7794f4e60d72ba52d3bd19c4\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 229494 c2ef345862009f2a2b979205fec22567\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 208698 246c0001aaa98be577f6c5f004330285\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 233980 ce7b3760443a98b0ddc0607a7a9842bf\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 228110 e45b1c3294102e26eee671b860f4aabc\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 208710 1403636fff03ab43353cdffdef62ffd7\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 83708 9b1c257025920f6dd0a7a2b231c97141\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 209740 546504d6f0a2a449e9bcd618f4700ce5\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 82128 31209b35ecb423f2d88347df6c08eddb\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 2420074 b57ff2a01ee7f29d0dcba4214dc7fc21\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 232140 3dfff4c54077cb221e19533f19538834\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 778974 d9d0084ea48aaa56d2f99c632711d084\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mipsel.deb\n Size/MD5 checksum: 169470 f04a239ba4f1d6ae4ff8ce0960f784fd\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 232796 8ced513dc28d7165fd76076803b98188\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 150024 c2a66c2c63eeb66df98b136cceadc780\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 84570 b43f074242385089dda2aae2e9ae1595\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 915976 723f3349b829894595b913099f06ecc2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 257408 c4bab781417526a0dfdb2240ab2fef07\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 2495210 6fb817120bcb095006fd09d2318f28ee\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_powerpc.deb\n Size/MD5 checksum: 195192 6b4d950e48c6cdfd00d403e42b719b40\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 208684 ece82cc979cff6832d51a6caf51f38b5\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 82908 c54a24103b503b5de1b27993ee33610f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 160960 361e2bae65d5f1303073d8e4d88ccdb7\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 209714 81fbc6671b2d4137dc52232e9d572ea9\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 258234 6dbd57dc907e93b5e9dcd3058e99b30f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 253294 696e2e9219d6e029c0c6f024045a4d5f\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 82544 4e332ccedffd13b1e7b866fe71cf8a9b\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_s390.deb\n Size/MD5 checksum: 197642 e32a924a47b90452356956e3fe39d34e\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 255970 197eea5c422ecf37ec592bf9612c3b2f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 208694 33dddaec24eb4475411eb55abb5d5e71\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 150912 2aa00b2fb3b84a536030f5b5635115bc\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 209726 cf54089c8a33087820f8c9359e461625\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 2409108 1b6e40f5d2772a0a1f26424f4b470136\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 824586 ff52926d953f8b5cbde82ac31176dedb\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 259924 655aca8f56383ebd106ded50d8f557ea\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 260610 12751082d3f1466735d1b3d395d63690\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 84310 9aa451ccb1513c05f4ccc0319124181e\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 2231018 fcdbb08c45ff474592590fac0aa78dac\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 84568 6dcf4195e216a22ef2919806d55d5098\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 237224 9bf96cc5f932643b1c55c6a9fa238af1\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 241474 ed8557af547d9d55a075fca5cf88488d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 82888 bde0baf83e2e972b398be6a500f77125\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_sparc.deb\n Size/MD5 checksum: 177562 09cbb49296407c83ef1575b003dfb129\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 241014 2c10b920cdfec918af3eb148e29fca0f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 212798 28edff7612bb824fc20d88c29b8b7e1f\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 781748 63e7003956d73b1a04e544c00eaa7728\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 213976 b7e758d0a2e6574944d27e2d6e40f60c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 146596 c37cea33bed94a68326b511a66bf050e\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2009-11-16T19:30:33", "type": "debian", "title": "[SECURITY] [DSA-1934-1] New apache2 packages fix several issues", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2009-11-16T19:30:33", "id": "DEBIAN:DSA-1934-1:46132", "href": "https://lists.debian.org/debian-security-announce/2009/msg00257.html", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "centos": [{"lastseen": "2022-02-27T11:59:31", "description": "**CentOS Errata and Security Advisory** CESA-2009:1579\n\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. This update partially mitigates this flaw for SSL\nsessions to HTTP servers using mod_ssl by rejecting client-requested\nrenegotiation. (CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers. An\nattack is still possible in configurations that require a server-initiated\nrenegotiation. Refer to the following Knowledgebase article for further\ninformation: http://kbase.redhat.com/faq/docs/DOC-20491\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\nmodule. A malicious FTP server to which requests are being proxied could\nuse this flaw to crash an httpd child process via a malformed reply to the\nEPSV or PASV commands, resulting in a limited denial of service.\n(CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a reverse\nproxy configuration, a remote attacker could use this flaw to bypass\nintended access restrictions by creating a carefully-crafted HTTP\nAuthorization header, allowing the attacker to send arbitrary commands to\nthe FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2009-November/053235.html\nhttps://lists.centos.org/pipermail/centos-announce/2009-November/053236.html\nhttps://lists.centos.org/pipermail/centos-announce/2009-November/053245.html\nhttps://lists.centos.org/pipermail/centos-announce/2009-November/053246.html\n\n**Affected packages:**\nhttpd\nhttpd-devel\nhttpd-manual\nmod_ssl\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2009:1579", "cvss3": {}, "published": "2009-11-12T22:37:02", "type": "centos", "title": "httpd, mod_ssl security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2009-11-14T01:22:50", "id": "CESA-2009:1579", "href": "https://lists.centos.org/pipermail/centos-announce/2009-November/053235.html", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-02-27T11:59:32", "description": "**CentOS Errata and Security Advisory** CESA-2009:1580\n\n\nThe Apache HTTP Server is a popular Web server.\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. This update partially mitigates this flaw for SSL\nsessions to HTTP servers using mod_ssl by rejecting client-requested\nrenegotiation. (CVE-2009-3555)\n\nNote: This update does not fully resolve the issue for HTTPS servers. An\nattack is still possible in configurations that require a server-initiated\nrenegotiation. Refer to the following Knowledgebase article for further\ninformation: http://kbase.redhat.com/faq/docs/DOC-20491\n\nA denial of service flaw was found in the Apache mod_deflate module. This\nmodule continued to compress large files until compression was complete,\neven if the network connection that requested the content was closed before\ncompression completed. This would cause mod_deflate to consume large\namounts of CPU if mod_deflate was enabled for a large file. (CVE-2009-1891)\n\nA NULL pointer dereference flaw was found in the Apache mod_proxy_ftp\nmodule. A malicious FTP server to which requests are being proxied could\nuse this flaw to crash an httpd child process via a malformed reply to the\nEPSV or PASV commands, resulting in a limited denial of service.\n(CVE-2009-3094)\n\nA second flaw was found in the Apache mod_proxy_ftp module. In a reverse\nproxy configuration, a remote attacker could use this flaw to bypass\nintended access restrictions by creating a carefully-crafted HTTP\nAuthorization header, allowing the attacker to send arbitrary commands to\nthe FTP server. (CVE-2009-3095)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2009-November/053237.html\nhttps://lists.centos.org/pipermail/centos-announce/2009-November/053238.html\n\n**Affected packages:**\nhttpd\nhttpd-devel\nhttpd-manual\nhttpd-suexec\nmod_ssl\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2009:1580", "cvss3": {}, "published": "2009-11-12T22:39:15", "type": "centos", "title": "httpd, mod_ssl security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1891", "CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555"], "modified": "2009-11-12T22:40:52", "id": "CESA-2009:1580", "href": "https://lists.centos.org/pipermail/centos-announce/2009-November/053237.html", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "f5": [{"lastseen": "2016-03-19T09:01:59", "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "cvss3": {}, "published": "2015-12-23T00:00:00", "type": "f5", "title": "SOL22234807 - Apache vulnerability CVE-2009-3094", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3094"], "modified": "2015-12-23T00:00:00", "id": "SOL22234807", "href": "http://support.f5.com/kb/en-us/solutions/public/k/22/sol22234807.html", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-06-08T00:16:08", "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 \n11.4.0 - 11.6.0| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 \n11.0.0 - 11.6.0| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP PSM| None| 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nARX| None| 6.0.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.0.0 - 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| Not vulnerable| None\n\nNone\n\n * K9970: Subscribing to email notifications regarding F5 products\n * K9957: Creating a custom RSS feed to view new and updated documents\n * K4602: Overview of the F5 security vulnerability response policy\n * K4918: Overview of the F5 critical issue hotfix policy\n", "cvss3": {}, "published": "2015-12-24T02:16:00", "type": "f5", "title": "Apache vulnerability CVE-2009-3094", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3094"], "modified": "2016-01-09T02:32:00", "id": "F5:K22234807", "href": "https://support.f5.com/csp/article/K22234807", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:22:58", "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "cvss3": {}, "published": "2015-12-23T00:00:00", "type": "f5", "title": "SOL80080243 - Apache vulnerability CVE-2009-3095", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3095"], "modified": "2015-12-23T00:00:00", "id": "SOL80080243", "href": "http://support.f5.com/kb/en-us/solutions/public/k/80/sol80080243.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-06-08T00:16:08", "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 \n11.4.0 - 11.6.0| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 \n11.0.0 - 11.6.0| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP PSM| None| 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nARX| None| 6.0.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.0.0 - 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| Not vulnerable| None\n\nNone\n\n * K9970: Subscribing to email notifications regarding F5 products\n * K9957: Creating a custom RSS feed to view new and updated documents\n * K4602: Overview of the F5 security vulnerability response policy\n * K4918: Overview of the F5 critical issue hotfix policy\n * K167: Downloading software and firmware from F5\n", "cvss3": {}, "published": "2015-12-23T23:52:00", "type": "f5", "title": "Apache vulnerability CVE-2009-3095", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3095"], "modified": "2016-01-09T02:32:00", "id": "F5:K80080243", "href": "https://support.f5.com/csp/article/K80080243", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debiancve": [{"lastseen": "2022-03-26T15:30:39", "description": "The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command.", "cvss3": {}, "published": "2009-09-08T18:30:00", "type": "debiancve", "title": "CVE-2009-3094", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3094"], "modified": "2009-09-08T18:30:00", "id": "DEBIANCVE:CVE-2009-3094", "href": "https://security-tracker.debian.org/tracker/CVE-2009-3094", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-03-26T15:30:39", "description": "The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11.", "cvss3": {}, "published": "2009-09-08T18:30:00", "type": "debiancve", "title": "CVE-2009-3095", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3095"], "modified": "2009-09-08T18:30:00", "id": "DEBIANCVE:CVE-2009-3095", "href": "https://security-tracker.debian.org/tracker/CVE-2009-3095", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "cve": [{"lastseen": "2022-03-23T21:33:22", "description": "The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command.", "cvss3": {}, "published": "2009-09-08T18:30:00", "type": "cve", "title": "CVE-2009-3094", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3094"], "modified": "2021-06-06T11:15:00", "cpe": ["cpe:/a:apache:http_server:2.2.13", "cpe:/a:apache:http_server:2.0.63"], "id": "CVE-2009-3094", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3094", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:apache:http_server:2.0.63:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T21:33:22", "description": "The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11.", "cvss3": {}, "published": "2009-09-08T18:30:00", "type": "cve", "title": "CVE-2009-3095", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3095"], "modified": "2021-06-06T11:15:00", "cpe": ["cpe:/o:fedoraproject:fedora:10", "cpe:/o:suse:linux_enterprise_server:9", "cpe:/o:opensuse:opensuse:10.3", "cpe:/o:suse:linux_enterprise_server:11", "cpe:/o:fedoraproject:fedora:12", "cpe:/o:debian:debian_linux:4.0", "cpe:/o:opensuse:opensuse:11.0", "cpe:/o:suse:linux_enterprise_server:10", "cpe:/o:suse:linux_enterprise_desktop:10", "cpe:/a:apache:http_server:2.2.13", "cpe:/o:opensuse:opensuse:11.1"], "id": "CVE-2009-3095", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3095", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:suse:linux_enterprise_desktop:10:sp3:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp2:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"]}], "httpd": [{"lastseen": "2021-07-28T15:48:19", "description": "A NULL pointer dereference flaw was found in the mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service.", "cvss3": {}, "published": "2009-09-04T00:00:00", "type": "httpd", "title": "Apache Httpd < 2.2.14 : mod_proxy_ftp DoS", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3094"], "modified": "2009-10-05T00:00:00", "id": "HTTPD:A79620D4A49D1F0D9BE6A18FD0CA234C", "href": "https://httpd.apache.org/security_report.html", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T15:48:19", "description": "A NULL pointer dereference flaw was found in the mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service.", "cvss3": {}, "published": "2009-09-04T00:00:00", "type": "httpd", "title": "Apache Httpd < 2.0.64 : mod_proxy_ftp DoS", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3094"], "modified": "2010-10-19T00:00:00", "id": "HTTPD:8A9EA6A1EAB14616DF1ADA0F0A9A83AC", "href": "https://httpd.apache.org/security_report.html", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T15:48:19", "description": "A flaw was found in the mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server.", "cvss3": {}, "published": "2009-09-03T00:00:00", "type": "httpd", "title": "Apache Httpd < 2.0.64 : mod_proxy_ftp FTP command injection", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3095"], "modified": "2010-10-19T00:00:00", "id": "HTTPD:8ADBA65FA3C1159D891E4B039CB4BFA5", "href": "https://httpd.apache.org/security_report.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T15:48:19", "description": "A flaw was found in the mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server.", "cvss3": {}, "published": "2009-09-03T00:00:00", "type": "httpd", "title": "Apache Httpd < 2.2.14 : mod_proxy_ftp FTP command injection", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3095"], "modified": "2009-10-05T00:00:00", "id": "HTTPD:FF76CF8F03BE59B7AD0119034B0022DB", "href": "https://httpd.apache.org/security_report.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:59:28", "description": "The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the\nmod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows\nremote FTP servers to cause a denial of service (NULL pointer dereference\nand child process crash) via a malformed reply to an EPSV command.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=521619>\n", "cvss3": {}, "published": "2009-09-08T00:00:00", "type": "ubuntucve", "title": "CVE-2009-3094", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3094"], "modified": "2009-09-08T00:00:00", "id": "UB:CVE-2009-3094", "href": "https://ubuntu.com/security/CVE-2009-3094", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-11-22T21:59:28", "description": "The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers\nto bypass intended access restrictions and send arbitrary commands to an\nFTP server via vectors related to the embedding of these commands in the\nAuthorization HTTP header, as demonstrated by a certain module in VulnDisco\nPack Professional 8.11.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=522209>\n", "cvss3": {}, "published": "2009-09-08T00:00:00", "type": "ubuntucve", "title": "CVE-2009-3095", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3095"], "modified": "2009-09-08T00:00:00", "id": "UB:CVE-2009-3095", "href": "https://ubuntu.com/security/CVE-2009-3095", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "suse": [{"lastseen": "2016-09-04T12:33:55", "description": "The Apache web server was updated to fix various security issues: - the option IncludesNOEXEC could be bypassed via .htaccess (CVE-2009-1195) - mod_proxy could run into an infinite loop when used as reverse proxy (CVE-2009-1890) - mod_deflate continued to compress large files even after a network connection was closed, causing mod_deflate to consume large amounts of CPU (CVE-2009-1891) - The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. (CVE-2009-3094) - access restriction bypass in mod_proxy_ftp module (CVE-2009-3095)\n#### Solution\nThere is no known workaround, please install the update packages.", "cvss3": {}, "published": "2009-10-26T13:21:56", "type": "suse", "title": "potential code execution in apache2,libapr1", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2009-3094", "CVE-2009-1890", "CVE-2009-3095", "CVE-2009-2412", "CVE-2009-1891", "CVE-2009-1195"], "modified": "2009-10-26T13:21:56", "id": "SUSE-SA:2009:050", "href": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "kaspersky": [{"lastseen": "2021-12-23T00:42:58", "description": "### *Detect date*:\n10/19/2010\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Apache httpd. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, inject code or execute arbitrary code. Below is a complete list of vulnerabilities\n\n### *Affected products*:\nApache httpd 2.0 versions 2.0.63 and earlier\n\n### *Solution*:\nUpdate to latest version\n\n### *Original advisories*:\n[Apache changelog](<http://httpd.apache.org/security/vulnerabilities_20.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Apache HTTP Server](<https://threats.kaspersky.com/en/product/Apache-HTTP-Server/>)\n\n### *CVE-IDS*:\n[CVE-2010-1452](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452>)5.0Critical \n[CVE-2009-3720](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720>)5.0Critical \n[CVE-2008-2939](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939>)4.3Warning \n[CVE-2009-3094](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094>)2.6Warning \n[CVE-2008-2364](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364>)5.0Critical \n[CVE-2009-1891](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891>)7.1High \n[CVE-2009-3560](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560>)5.0Critical \n[CVE-2010-1623](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623>)5.0Critical \n[CVE-2009-3095](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095>)7.5Critical \n[CVE-2010-0434](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434>)4.3Warning", "cvss3": {}, "published": "2010-10-19T00:00:00", "type": "kaspersky", "title": "KLA10066 Multiple vulnerabilities in Apache httpd", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2364", "CVE-2008-2939", "CVE-2009-1891", "CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3560", "CVE-2009-3720", "CVE-2010-0434", "CVE-2010-1452", "CVE-2010-1623"], "modified": "2020-05-22T00:00:00", "id": "KLA10066", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10066/", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "metasploit": [{"lastseen": "2021-04-07T02:43:39", "description": "\n", "edition": 2, "cvss3": {}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "RHSA-2010:0602: Red Hat Certificate System 7.3 security update", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-2090", "CVE-2005-3510", "CVE-2006-3835", "CVE-2006-3918", "CVE-2006-5752", "CVE-2007-0450", "CVE-2007-1349", "CVE-2007-1358", "CVE-2007-1863", "CVE-2007-3304", "CVE-2007-3382", "CVE-2007-3385", "CVE-2007-3847", "CVE-2007-4465", "CVE-2007-5000", "CVE-2007-5116", "CVE-2007-5333", "CVE-2007-5461", "CVE-2007-6388", "CVE-2008-0005", "CVE-2008-0128", "CVE-2008-1232", "CVE-2008-1927", "CVE-2008-2364", "CVE-2008-2370", "CVE-2008-2939", "CVE-2008-5515", "CVE-2009-0023", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-1891", "CVE-2009-1955", "CVE-2009-1956", "CVE-2009-2412", "CVE-2009-3094", "CVE-2009-3095", "CVE-2009-4901", "CVE-2010-0407", "CVE-2010-0434"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/LINUXRPM-RHSA-2010-0602/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "threatpost": [{"lastseen": "2018-10-06T23:08:12", "description": "Apple Mega Patch Covers 88 Mac OS X Vulnerabilities\n\nApple today released one of its biggest Mac OS X security updates in recent memory, covering a whopping with fixes for 88 documented vulnerabilities.\n\nThe Mac OS X v10.6.3 update, which is considered \u201ccritical,\u201d covers flaws that could lead to remote code execution, information disclosure and denial-of-service attacks.\n\nSecurity Update 2010-002 / Mac OS X v10.6.3 is now available and\n\naddresses the following:\n\nAppKit\n\nCVE-ID: CVE-2010-0056\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Spell checking a maliciously crafted document may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A buffer overflow exists in the spell checking feature\n\nused by Cocoa applications. Spell checking a maliciously crafted\n\ndocument may lead to an unexpected application termination or\n\narbitrary code execution. This issue is addressed through improved\n\nbounds checking. This issue does not affect Mac OS X v10.6 systems.\n\nCredit: Apple.\n\nApplication Firewall\n\nCVE-ID: CVE-2009-2801\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Certain rules in the Application Firewall may become\n\ninactive after restart\n\nDescription: A timing issue in the Application Firewall may cause\n\ncertain rules to become inactive after reboot. The issue is addressed\n\nthrough improved handling of Firewall rules. This issue does not\n\naffect Mac OS X v10.6 systems. Credit to Michael Kisor of\n\nOrganicOrb.com for reporting this issue.\n\nAFP Server\n\nCVE-ID: CVE-2010-0057\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: When guest access is disabled, a remote user may be able to\n\nmount AFP shares as a guest\n\nDescription: An access control issue in AFP Server may allow a\n\nremote user to mount AFP shares as a guest, even if guest access is\n\ndisabled. This issue is addressed through improved access control\n\nchecks. Credit: Apple.\n\nAFP Server\n\nCVE-ID: CVE-2010-0533\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A remote user with guest access to an AFP share may access\n\nthe contents of world-readable files outside the Public share\n\nDescription: A directory traversal issue exists in the path\n\nvalidation for AFP shares. A remote user may enumerate the parent\n\ndirectory of the share root, and read or write files within that\n\ndirectory that are accessible to the \u2018nobody\u2019 user. This issue is\n\naddressed through improved handling of file paths. Credit to Patrik\n\nKarlsson of cqure.net for reporting this issue.\n\nApache\n\nCVE-ID: CVE-2009-3095\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may be able to bypass access control\n\nrestrictions\n\nDescription: An input validation issue exists in Apache\u2019s handling\n\nof proxied FTP requests. A remote attacker with the ability to issue\n\nrequests through the proxy may be able to bypass access control\n\nrestrictions specified in the Apache configuration. This issue is\n\naddressed by updating Apache to version 2.2.14.\n\nClamAV\n\nCVE-ID: CVE-2010-0058\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: ClamAV virus definitions may not receive updates\n\nDescription: A configuration issue introduced in Security Update\n\n2009-005 prevents freshclam from running. This may prevent virus\n\ndefinitions from being updated. This issue is addressed by updating\n\nfreshclam\u2019s launchd plist ProgramArguments key values. This issue\n\ndoes not affect Mac OS X v10.6 systems. Credit to Bayard Bell, Wil\n\nShipley of Delicious Monster, and David Ferrero of Zion Software, LLC\n\nfor reporting this issue.\n\nCoreAudio\n\nCVE-ID: CVE-2010-0059\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Playing maliciously crafted audio content may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nQDM2 encoded audio content. Playing maliciously crafted audio content\n\nmay lead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed through improved bounds checking.\n\nCredit to an anonymous researcher working with TippingPoint\u2019s Zero\n\nDay Initiative for reporting this issue.\n\nCoreAudio\n\nCVE-ID: CVE-2010-0060\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Playing maliciously crafted audio content may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nQDMC encoded audio content. Playing maliciously crafted audio content\n\nmay lead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed through improved bounds checking.\n\nCredit to an anonymous researcher working with TippingPoint\u2019s Zero\n\nDay Initiative for reporting this issue.\n\nCoreMedia\n\nCVE-ID: CVE-2010-0062\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in CoreMedia\u2019s handling\n\nof H.263 encoded movie files. Viewing a maliciously crafted movie\n\nfile may lead to an unexpected application termination or arbitrary\n\ncode execution. This issue is addressed by performing additional\n\nvalidation of H.263 encoded movie files. Credit to Damian Put working\n\nwith TippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nCoreTypes\n\nCVE-ID: CVE-2010-0063\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Users are not warned before opening certain potentially\n\nunsafe content types\n\nDescription: This update adds .ibplugin and .url to the system\u2019s\n\nlist of content types that will be flagged as potentially unsafe\n\nunder certain circumstances, such as when they are downloaded from a\n\nweb page. While these content types are not automatically launched,\n\nif manually opened they could lead to the execution of a malicious\n\nJavaScript payload or arbitrary code execution. This update improves\n\nthe system\u2019s ability to notify users before handling content types\n\nused by Safari. Credit to Clint Ruoho of Laconic Security for\n\nreporting this issue.\n\nCUPS\n\nCVE-ID: CVE-2010-0393\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A local user may be able to obtain system privileges\n\nDescription: A format string issue exists in the lppasswd CUPS\n\nutility. This may allow a local user to obtain system privileges. Mac\n\nOS X v10.6 systems are only affected if the setuid bit has been set\n\non the binary. This issue is addressed by using default directories\n\nwhen running as a setuid process. Credit to Ronald Volgers for\n\nreporting this issue.\n\ncurl\n\nCVE-ID: CVE-2009-2417\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A man-in-the-middle attacker may be able to impersonate a\n\ntrusted server\n\nDescription: A canonicalization issue exists in curl\u2019s handling of\n\nNULL characters in the subject\u2019s Common Name (CN) field of X.509\n\ncertificates. This may lead to man-in-the-middle attacks against\n\nusers of the curl command line tool, or applications using libcurl.\n\nThis issue is addressed through improved handling of NULL characters.\n\ncurl\n\nCVE-ID: CVE-2009-0037\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Using curl with -L may allow a remote attacker to read or\n\nwrite local files\n\nDescription: curl will follow HTTP and HTTPS redirects when used\n\nwith the -L option. When curl follows a redirect, it allows file://\n\nURLs. This may allow a remote attacker to access local files. This\n\nissue is addressed through improved validation of redirects. This\n\nissue does not affect Mac OS X v10.6 systems. Credit to Daniel\n\nStenberg of Haxx AB for reporting this issue.\n\nCyrus IMAP\n\nCVE-ID: CVE-2009-2632\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: A local user may be able to obtain the privileges of the\n\nCyrus user\n\nDescription: A buffer overflow exists in the handling of sieve\n\nscripts. By running a maliciously crafted sieve script, a local user\n\nmay be able to obtain the privileges of the Cyrus user. This issue is\n\naddressed through improved bounds checking. This issue does not\n\naffect Mac OS X v10.6 systems.\n\nCyrus SASL\n\nCVE-ID: CVE-2009-0688\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: An unauthenticated remote attacker may cause unexpected\n\napplication termination or arbitrary code execution\n\nDescription: A buffer overflow exists in the Cyrus SASL\n\nauthentication module. Using Cyrus SASL authentication may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed through improved bounds checking. This issue does\n\nnot affect Mac OS X v10.6 systems.\n\nDesktopServices\n\nCVE-ID: CVE-2010-0064\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Items copied in the Finder may be assigned an unexpected\n\nfile owner\n\nDescription: When performing an authenticated copy in the Finder,\n\noriginal file ownership may be unexpectedly copied. This update\n\naddresses the issue by ensuring that copied files are owned by the\n\nuser performing the copy. This issue does not affect systems prior to\n\nMac OS X v10.6. Credit to Gerrit DeWitt of Auburn University (Auburn,\n\nAL) for reporting this issue.\n\nDesktopServices\n\nCVE-ID: CVE-2010-0537\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may gain access to user data via a multi-\n\nstage attack\n\nDescription: A path resolution issue in DesktopServices is\n\nvulnerable to a multi-stage attack. A remote attacker must first\n\nentice the user to mount an arbitrarily named share, which may be\n\ndone via a URL scheme. When saving a file using the default save\n\npanel in any application, and using \u201cGo to folder\u201d or dragging\n\nfolders to the save panel, the data may be unexpectedly saved to the\n\nmalicious share. This issue is addressed through improved path\n\nresolution. This issue does not affect systems prior to Mac OS X\n\nv10.6. Credit to Sidney San Martin working with DeepTech, Inc. for\n\nreporting this issue.\n\nDisk Images\n\nCVE-ID: CVE-2010-0065\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Mounting a maliciously crafted disk image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nbzip2 compressed disk images. Mounting a maliciously crafted disk\n\nimage may lead to an unexpected application termination or arbitrary\n\ncode execution. This issue is addressed through improved bounds\n\nchecking. Credit: Apple.\n\nDisk Images\n\nCVE-ID: CVE-2010-0497\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Mounting a maliciously crafted disk image may lead to\n\narbitrary code execution\n\nDescription: A design issue exists in the handling of internet\n\nenabled disk images. Mounting an internet enabled disk image\n\ncontaining a package file type will open it rather than revealing it\n\nin the Finder. This file quarantine feature helps to mitigate this\n\nissue by providing a warning dialog for unsafe file types. This issue\n\nis addressed through improved handling of package file types on\n\ninternet enabled disk images. Credit to Brian Mastenbrook working\n\nwith TippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nDirectory Services\n\nCVE-ID: CVE-2010-0498\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A local user may obtain system privileges\n\nDescription: An authorization issue in Directory Services\u2019 handling\n\nof record names may allow a local user to obtain system privileges.\n\nThis issue is addressed through improved authorization checks.\n\nCredit: Apple.\n\nDovecot\n\nCVE-ID: CVE-2010-0535\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: An authenticated user may be able to send and receive mail\n\neven if the user is not on the SACL of users who are permitted to do\n\nso\n\nDescription: An access control issue exists in Dovecot when Kerberos\n\nauthentication is enabled. This may allow an authenticated user to\n\nsend and receive mail even if the user is not on the service access\n\ncontrol list (SACL) of users who are permitted to do so. This issue\n\nis addressed through improved access control checks. This issue does\n\nnot affect systems prior to Mac OS X v10.6.\n\nEvent Monitor\n\nCVE-ID: CVE-2010-0500\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may cause arbitrary systems to be added to\n\nthe firewall blacklist\n\nDescription: A reverse DNS lookup is performed on remote ssh clients\n\nthat fail to authenticate. A plist injection issue exists in the\n\nhandling of resolved DNS names. This may allow a remote attacker to\n\ncause arbitrary systems to be added to the firewall blacklist. This\n\nissue is addressed by properly escaping resolved DNS names. Credit:\n\nApple.\n\nFreeRADIUS\n\nCVE-ID: CVE-2010-0524\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may obtain access to a network via RADIUS\n\nauthentication\n\nDescription: A certificate authentication issue exists in the\n\ndefault Mac OS X configuration of the FreeRADIUS server. A remote\n\nattacker may use EAP-TLS with an arbitrary valid certificate to\n\nauthenticate and connect to a network configured to use FreeRADIUS\n\nfor authentication. This issue is addressed by disabling support for\n\nEAP-TLS in the configuration. RADIUS clients should use EAP-TTLS\n\ninstead. This issue only affects Mac OS X Server systems. Credit to\n\nChris Linstruth of Qnet for reporting this issue.\n\nFTP Server\n\nCVE-ID: CVE-2010-0501\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Users may be able to retrieve files outside the FTP root\n\ndirectory\n\nDescription: A directory traversal issue exists in FTP Server. This\n\nmay allow a user to retrieve files outside the FTP root directory.\n\nThis issue is addressed through improved handling of file names. This\n\nissue only affects Mac OS X Server systems. Credit: Apple.\n\niChat Server\n\nCVE-ID: CVE-2006-1329\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: An implementation issue exists in jabberd\u2019s handling of\n\nSASL negotiation. A remote attacker may be able to terminate the\n\noperation of jabberd. This issue is addressed through improved\n\nhandling of SASL negotiation. This issue only affects Mac OS X Server\n\nsystems.\n\niChat Server\n\nCVE-ID: CVE-2010-0502\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Chat messages may not be logged\n\nDescription: A design issue exists in iChat Server\u2019s support for\n\nconfigurable group chat logging. iChat Server only logs messages with\n\ncertain message types. This may allow a remote user to send a message\n\nthrough the server without it being logged. The issue is addressed by\n\nremoving the capability to disable group chat logs, and logging all\n\nmessages that are sent through the server. This issue only affects\n\nMac OS X Server systems. Credit: Apple.\n\niChat Server\n\nCVE-ID: CVE-2010-0503\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: An authenticated user may be able to cause an unexpected\n\napplication termination or arbitrary code execution\n\nDescription: A use-after-free issue exists in iChat Server. An\n\nauthenticated user may be able to cause an unexpected application\n\ntermination or arbitrary code execution. This issue is addressed\n\nthrough improved memory reference tracking. This issue only affects\n\nMac OS X Server systems, and does not affect versions 10.6 or later.\n\niChat Server\n\nCVE-ID: CVE-2010-0504\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: An authenticated user may be able to cause an unexpected\n\napplication termination or arbitrary code execution\n\nDescription: Multiple stack buffer overflow issues exist in iChat\n\nServer. An authenticated user may be able to cause an unexpected\n\napplication termination or arbitrary code execution. These issues are\n\naddressed through improved memory management. These issues only\n\naffect Mac OS X Server systems. Credit: Apple.\n\nImageIO\n\nCVE-ID: CVE-2010-0505\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted JP2 image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in the handling of JP2\n\nimages. Viewing a maliciously crafted JP2 image may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed through improved bounds checking. Credit to Chris\n\nRies of Carnegie Mellon University Computing Service, and researcher\n\n\u201c85319bb6e6ab398b334509c50afce5259d42756e\u201d working with\n\nTippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nImageIO\n\nCVE-ID: CVE-2010-0041\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Visiting a maliciously crafted website may result in sending\n\ndata from Safari\u2019s memory to the website\n\nDescription: An uninitialized memory access issue exists in\n\nImageIO\u2019s handling of BMP images. Visiting a maliciously crafted\n\nwebsite may result in sending data from Safari\u2019s memory to the\n\nwebsite. This issue is addressed through improved memory\n\ninitialization and additional validation of BMP images. Credit to\n\nMatthew \u2018j00ru\u2019 Jurczyk of Hispasec for reporting this issue.\n\nImageIO\n\nCVE-ID: CVE-2010-0042\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Visiting a maliciously crafted website may result in sending\n\ndata from Safari\u2019s memory to the website\n\nDescription: An uninitialized memory access issue exists in\n\nImageIO\u2019s handling of TIFF images. Visiting a maliciously crafted\n\nwebsite may result in sending data from Safari\u2019s memory to the\n\nwebsite. This issue is addressed through improved memory\n\ninitialization and additional validation of TIFF images. Credit to\n\nMatthew \u2018j00ru\u2019 Jurczyk of Hispasec for reporting this issue.\n\nImageIO\n\nCVE-ID: CVE-2010-0043\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Processing a maliciously crafted TIFF image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nTIFF images. Processing a maliciously crafted TIFF image may lead to\n\nan unexpected application termination or arbitrary code execution.\n\nThis issue is addressed through improved memory handling. This issue\n\ndoes not affect systems prior to Mac OS X v10.6. Credit to Gus\n\nMueller of Flying Meat for reporting this issue.\n\nImage RAW\n\nCVE-ID: CVE-2010-0506\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Viewing a maliciously crafted NEF image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A buffer overflow exists in Image RAW\u2019s handling of NEF\n\nimages. Viewing a maliciously crafted NEF image may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed through improved bounds checking. This issue does\n\nnot affect Mac OS X v10.6 systems. Credit: Apple.\n\nImage RAW\n\nCVE-ID: CVE-2010-0507\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted PEF image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A buffer overflow exists in Image RAW\u2019s handling of PEF\n\nimages. Viewing a maliciously crafted PEF image may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed through improved bounds checking. Credit to Chris\n\nRies of Carnegie Mellon University Computing Services for reporting\n\nthis issue.\n\nLibsystem\n\nCVE-ID: CVE-2009-0689\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Applications that convert untrusted data between binary\n\nfloating point and text may be vulnerable to an unexpected\n\napplication termination or arbitrary code execution\n\nDescription: A buffer overflow exists in the floating point binary\n\nto text conversion code within Libsystem. An attacker who can cause\n\nan application to convert a floating point value into a long string,\n\nor to parse a maliciously crafted string as a floating point value,\n\nmay be able to cause an unexpected application termination or\n\narbitrary code execution. This issue is addressed through improved\n\nbounds checking. Credit to Maksymilian Arciemowicz of\n\nSecurityReason.com for reporting this issue.\n\nMail\n\nCVE-ID: CVE-2010-0508\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Rules associated with a deleted mail account remain in\n\neffect\n\nDescription: When a mail account is deleted, user-defined filter\n\nrules associated with that account remain active. This may result in\n\nunexpected actions. This issue is addressed by disabling associated\n\nrules when a mail account is deleted.\n\nMail\n\nCVE-ID: CVE-2010-0525\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Mail may use a weaker encryption key for outgoing email\n\nDescription: A logic issue exists in Mail\u2019s handling of encryption\n\ncertificates. When multiple certificates for the recipient exist in\n\nthe keychain, Mail may select an encryption key that is not intended\n\nfor encipherment. This may lead to a security issue if the chosen key\n\nis weaker than expected. This issue is addressed by ensuring that the\n\nkey usage extension within certificates is evaluated when selecting a\n\nmail encryption key. Credit to Paul Suh of ps Enable, Inc. for\n\nreporting this issue.\n\nMailman\n\nCVE-ID: CVE-2008-0564\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: Multiple vulnerabilities in Mailman 2.1.9\n\nDescription: Multiple cross-site scripting issues exist in Mailman\n\n2.1.9. These issues are addressed by updating Mailman to version\n\n2.1.13. Further information is available via the Mailman site at\n\nhttp://mail.python.org/pipermail/mailman-\n\nannounce/2009-January/000128.html These issues only affect Mac OS X\n\nServer systems, and do not affect versions 10.6 or later.\n\nMySQL\n\nCVE-ID: CVE-2008-4456, CVE-2008-7247, CVE-2009-2446, CVE-2009-4019,\n\nCVE-2009-4030\n\nAvailable for: Mac OS X Server v10.6 through v10.6.2\n\nImpact: Multiple vulnerabilities in MySQL 5.0.82\n\nDescription: MySQL is updated to version 5.0.88 to address multiple\n\nvulnerabilities, the most serious of which may lead to arbitrary code\n\nexecution. These issues only affect Mac OS X Server systems. Further\n\ninformation is available via the MySQL web site at\n\nhttp://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html\n\nOS Services\n\nCVE-ID: CVE-2010-0509\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A local user may be able to obtain elevated privileges\n\nDescription: A privilege escalation issue exists in SFLServer, as it\n\nruns as group \u2018wheel\u2019 and accesses files in users\u2019 home directories.\n\nThis issue is addressed through improved privilege management. Credit\n\nto Kevin Finisterre of DigitalMunition for reporting this issue.\n\nPassword Server\n\nCVE-ID: CVE-2010-0510\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may be able to log in with an outdated\n\npassword\n\nDescription: An implementation issue in Password Server\u2019s handling\n\nof replication may cause passwords to not be replicated. A remote\n\nattacker may be able to log in to a system using an outdated\n\npassword. This issue is addressed through improved handling of\n\npassword replication. This issue only affects Mac OS X Server\n\nsystems. Credit to Jack Johnson of Anchorage School District for\n\nreporting this issue.\n\nperl\n\nCVE-ID: CVE-2008-5302, CVE-2008-5303\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: A local user may cause arbitrary files to be deleted\n\nDescription: Multiple race condition issues exist in the rmtree\n\nfunction of the perl module File::Path. A local user with write\n\naccess to a directory that is being deleted may cause arbitrary files\n\nto be removed with the privileges of the perl process. This issue is\n\naddressed through improved handling of symbolic links. This issue\n\ndoes not affect Mac OS X v10.6 systems.\n\nPHP\n\nCVE-ID: CVE-2009-3557, CVE-2009-3558, CVE-2009-3559, CVE-2009-4017\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Multiple vulnerabilities in PHP 5.3.0\n\nDescription: PHP is updated to version 5.3.1 to address multiple\n\nvulnerabilities, the most serious of which may lead to arbitary code\n\nexecution. Further information is available via the PHP website at\n\nhttp://www.php.net/\n\nPHP\n\nCVE-ID: CVE-2009-3557, CVE-2009-3558, CVE-2009-3559, CVE-2009-4142,\n\nCVE-2009-4143\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Multiple vulnerabilities in PHP 5.2.11\n\nDescription: PHP is updated to version 5.2.12 to address multiple\n\nvulnerabilities, the most serious of which may lead to cross-site\n\nscripting. Further information is available via the PHP website at\n\nhttp://www.php.net/\n\nPodcast Producer\n\nCVE-ID: CVE-2010-0511\n\nAvailable for: Mac OS X Server v10.6 through v10.6.2\n\nImpact: An unauthorized user may be able to access a Podcast\n\nComposer workflow\n\nDescription: When a Podcast Composer workflow is overwritten, the\n\naccess restrictions are removed. This may allow an unauthorized user\n\nto access a Podcast Composer workflow. This issue is addressed\n\nthrough improved handling of workflow access restrictions. Podcast\n\nComposer was introduced in Mac OS X Server v10.6.\n\nPreferences\n\nCVE-ID: CVE-2010-0512\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A network user may be able to bypass system login\n\nrestrictions\n\nDescription: An implementation issue exists in the handling of\n\nsystem login restrictions for network accounts. If the network\n\naccounts allowed to log in to the system at the Login Window are\n\nidentified by group membership only, the restriction will not be\n\nenforced, and all network users will be allowed to log in to the\n\nsystem. The issue is addressed through improved group restriction\n\nmanagement in the Accounts preference pane. This issue only affects\n\nsystems configured to use a network account server, and does not\n\naffect systems prior to Mac OS X v10.6. Credit to Christopher D.\n\nGrieb of University of Michigan MSIS for reporting this issue.\n\nPS Normalizer\n\nCVE-ID: CVE-2010-0513\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted PostScript file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A stack buffer overflow exists in the handling of\n\nPostScript files. Viewing a maliciously crafted PostScript file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of PostScript files. On Mac OS X v10.6 systems this issue\n\nis mitigated by the -fstack-protector compiler flag. Credit: Apple.\n\nQuickTime\n\nCVE-ID: CVE-2010-0062\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in QuickTime\u2019s handling\n\nof H.263 encoded movie files. Viewing a maliciously crafted movie\n\nfile may lead to an unexpected application termination or arbitrary\n\ncode execution. This issue is addressed by performing additional\n\nvalidation of H.263 encoded movie files. Credit to Damian Put working\n\nwith TippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0514\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in the handling of H.261\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of H.261 encoded movie files. Credit to Will Dormann of\n\nthe CERT/CC for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0515\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption in the handling of H.264 encoded\n\nmovie files. Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed by performing additional validation of H.264\n\nencoded movie files.\n\nQuickTime\n\nCVE-ID: CVE-2010-0516\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow in the handling of RLE encoded\n\nmovie files. Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed by performing additional validation of RLE encoded\n\nmovie files. Credit to an anonymous researcher working with\n\nTippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0517\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow in the handling of M-JPEG\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of M-JPEG encoded movie files. Credit to Damian Put\n\nworking with TippingPoint\u2019s Zero Day Initiative for reporting this\n\nissue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0518\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nSorenson encoded movie files. Viewing a maliciously crafted movie\n\nfile may lead to an unexpected application termination or arbitrary\n\ncode execution. This issue is addressed by performing additional\n\nvalidation of Sorenson encoded movie files. Credit to Will Dormann of\n\nthe CERT/CC for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0519\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: An integer overflow exists in the handling of FlashPix\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed through improved bounds checking.\n\nCredit to an anonymous researcher working with TippingPoint\u2019s Zero\n\nDay Initiative for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0520\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in the handling of FLC\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of FLC encoded movie files. Credit to Moritz Jodeit of\n\nn.runs AG, working with TippingPoint\u2019s Zero Day Initiative, and\n\nNicols Joly of VUPEN Security for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0526\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted MPEG file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in the handling of MPEG\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of MPEG encoded movie files. Credit to an anonymous\n\nresearcher working with TippingPoint\u2019s Zero Day Initiative for\n\nreporting this issue.\n\nRuby\n\nCVE-ID: CVE-2009-2422, CVE-2009-3009, CVE-2009-4214\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Multiple issues in Ruby on Rails\n\nDescription: Multiple vulnerabilities exist in Ruby on Rails, the\n\nmost serious of which may lead to cross-site scripting. On Mac OS X\n\nv10.6 systems, these issues are addressed by updating Ruby on Rails\n\nto version 2.3.5. Mac OS X v10.5 systems are affected only by\n\nCVE-2009-4214, and this issue is addressed through improved\n\nvalidation of arguments to strip_tags.\n\nRuby\n\nCVE-ID: CVE-2009-1904\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Running a Ruby script that uses untrusted input to\n\ninitialize a BigDecimal object may lead to an unexpected application\n\ntermination\n\nDescription: A stack exhaustion issue exists in Ruby\u2019s handling of\n\nBigDecimal objects with very large values. Running a Ruby script that\n\nuses untrusted input to initialize a BigDecimal object may lead to an\n\nunexpected application termination. For Mac OS X v10.6 systems, this\n\nissue is addressed by updating Ruby to version 1.8.7-p173. For Mac OS\n\nv10.5 systems, this issue is addressed by updating Ruby to version\n\n1.8.6-p369.\n\nServer Admin\n\nCVE-ID: CVE-2010-0521\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may extract information from Open\n\nDirectory\n\nDescription: A design issue exists in the handling of authenticated\n\ndirectory binding. A remote attacker may be able to anonymously\n\nextract information from Open Directory, even if the \u201cRequire\n\nauthenticated binding between directory and clients\u201d option is\n\nenabled. The issue is addressed by removing this configuration\n\noption. This issue only affects Mac OS X Server systems. Credit to\n\nScott Gruby of Gruby Solutions, and Mathias Haack of GRAVIS\n\nComputervertriebsgesellschaft mbH for reporting this issue.\n\nServer Admin\n\nCVE-ID: CVE-2010-0522\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: A former administrator may have unauthorized access to\n\nscreen sharing\n\nDescription: A user who is removed from the \u2018admin\u2019 group may still\n\nconnect to the server using screen sharing. This issue is addressed\n\nthrough improved handling of administrator privileges. This issue\n\nonly affects Mac OS X Server systems, and does not affect version\n\n10.6 or later. Credit: Apple.\n\nSMB\n\nCVE-ID: CVE-2009-2906\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: An infinite loop issue exists in Samba\u2019s handling of\n\nSMB \u2018oplock\u2019 break notifications. A remote attacker may be able to\n\ntrigger an infinite loop in smbd, causing it to consume excessive CPU\n\nresources. The issue is addressed through improved handling of\n\n\u2018oplock\u2019 break notifications.\n\nTomcat\n\nCVE-ID: CVE-2009-0580, CVE-2009-0033
