Trustix Local Security Checks : Trustix Security Advisory TSLSA-2005-0047 (Multiple packages)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.55414
Kategorie:	Trustix Local Security Checks
Titel:	Trustix Security Advisory TSLSA-2005-0047 (Multiple packages)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory TSLSA-2005-0047. apache < TSL 3.0 > < TSL 2.2 > < TSEL 2 > - SECURITY Fix: ssl_engine_kernel.c in mod_ssl before 2.8.24, when using SSLVerifyClient optional in the global virtual host configuration, does not properly enforce SSLVerifyClient require in a per-location context, which allows remote attackers to bypass intended access restrictions. - The byte-range filter in Apache 2.0 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field. The Common Vulnerabilities and Exposures project has assigned the name CVE-2005-2700 and CVE-2005-2728 to this issue. openssh < TSL 3.0 > < TSL 2.2 > < TSEL 2 > - New Upstream - SECURITY Fix: An error in handling dynamic port forwardings when no listen address is specified, can cause GatewayPorts to be incorrectly activated. - An error in handling GSSAPI credential delegation can allow a user, who did not login using GSSAPI authentication, to be delegated with GSSAPI credentials. The Common Vulnerabilities and Exposures project has assigned the name CVE-2005-2798 to this issue. squid < TSL 3.0 > < TSL 2.2 > < TSEL 2 > - SECURITY Fix: Fixed DOS Vulnerability, Alex Masterov has reported a vulnerability in Squid, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error in the sslConnectTimeout() function after handling malformed requests. - Fixed Squid crashes with the assertion failure in certain conditions involving aborted requests. Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2005-0047 Risk factor : Critical CVSS Score: 10.0
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2005-2700 102197 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1 102198 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1 14721 http://www.securityfocus.com/bid/14721 16700 http://secunia.com/advisories/16700 16705 http://secunia.com/advisories/16705 16714 http://secunia.com/advisories/16714 16743 http://secunia.com/advisories/16743 16746 http://secunia.com/advisories/16746 16748 http://secunia.com/advisories/16748 16753 http://secunia.com/advisories/16753 16754 http://secunia.com/advisories/16754 16769 http://secunia.com/advisories/16769 16771 http://secunia.com/advisories/16771 16789 http://secunia.com/advisories/16789 16864 http://secunia.com/advisories/16864 16956 http://secunia.com/advisories/16956 17088 http://secunia.com/advisories/17088 17288 http://secunia.com/advisories/17288 17311 http://secunia.com/advisories/17311 17813 http://secunia.com/advisories/17813 19072 http://secunia.com/advisories/19072 19073 http://secunia.com/advisories/19073 19188 http://www.osvdb.org/19188 21848 http://secunia.com/advisories/21848 22523 http://secunia.com/advisories/22523 ADV-2005-1625 http://www.vupen.com/english/advisories/2005/1625 ADV-2005-2659 http://www.vupen.com/english/advisories/2005/2659 ADV-2006-0789 http://www.vupen.com/english/advisories/2006/0789 ADV-2006-4207 http://www.vupen.com/english/advisories/2006/4207 DSA-805 http://www.debian.org/security/2005/dsa-805 DSA-807 http://www.debian.org/security/2005/dsa-807 GLSA-200509-12 http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml HPSBUX01232 http://marc.info/?l=bugtraq&m=112870296926652&w=2 MDKSA-2005:161 http://www.mandriva.com/security/advisories?name=MDKSA-2005:161 OpenPKG-SA-2005.017 http://marc.info/?l=bugtraq&m=112604765028607&w=2 RHSA-2005:608 http://www.redhat.com/support/errata/RHSA-2005-608.html RHSA-2005:773 http://www.redhat.com/support/errata/RHSA-2005-773.html RHSA-2005:816 http://www.redhat.com/support/errata/RHSA-2005-816.html SSRT051043 SUSE-SA:2005:051 http://www.novell.com/linux/security/advisories/2005_51_apache2.html SUSE-SA:2005:052 http://www.novell.com/linux/security/advisories/2005_52_apache2.html SuSE-SA:2006:051 https://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html TSLSA-2005-0059 http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html USN-177-1 http://www.ubuntu.com/usn/usn-177-1 VU#744929 http://www.kb.cert.org/vuls/id/744929 [apache-modssl] 20050902 [ANNOUNCE] mod_ssl 2.8.24-1.3.33 http://marc.info/?l=apache-modssl&m=112569517603897&w=2 [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073139 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/ https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073149 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1888194 [4/13] - /httpd/site/trunk/content/security/json/ https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E [httpd-dev] 20190804 Re: svn commit: r1856807 - /httpd/test/framework/trunk/t/security/CVE-2019-0215.t https://lists.apache.org/thread.html/117bc3f09847ebf020b1bb70301ebcc105ddc446856150b63f37f8eb%40%3Cdev.httpd.apache.org%3E [httpd-dev] 20190806 Re: svn commit: r1856807 - /httpd/test/framework/trunk/t/security/CVE-2019-0215.t https://lists.apache.org/thread.html/5b1e7d66c5adf286f14f6cc0f857b6fca107444f68aed9e70eedab47%40%3Cdev.httpd.apache.org%3E http://people.apache.org/~jorton/CAN-2005-2700.diff http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167195 oval:org.mitre.oval:def:10416 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10416 Common Vulnerability Exposure (CVE) ID: CVE-2005-2728 BugTraq ID: 14660 http://www.securityfocus.com/bid/14660 Debian Security Information: DSA-805 (Google Search) http://www.gentoo.org/security/en/glsa/glsa-200508-15.xml HPdes Security Advisory: HPSBUX02074 http://www.securityfocus.com/archive/1/428138/100/0/threaded HPdes Security Advisory: SSRT051251 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10017 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1246 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1727 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A760 http://secunia.com/advisories/16559/ http://secunia.com/advisories/17036 http://secunia.com/advisories/17600 http://secunia.com/advisories/17831 http://secunia.com/advisories/17923 http://secunia.com/advisories/18161 http://secunia.com/advisories/18333 http://secunia.com/advisories/18517 SGI Security Advisory: 20060101-01-U ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U http://securityreason.com/securityalert/604 SuSE Security Announcement: SUSE-SA:2005:051 (Google Search) SuSE Security Announcement: SUSE-SA:2005:052 (Google Search) XForce ISS Database: apache-byterange-dos(22006) https://exchange.xforce.ibmcloud.com/vulnerabilities/22006 Common Vulnerability Exposure (CVE) ID: CVE-2005-2798 1014845 http://securitytracker.com/id?1014845 14729 http://www.securityfocus.com/bid/14729 16686 http://secunia.com/advisories/16686 17077 http://secunia.com/advisories/17077 17245 http://secunia.com/advisories/17245 18010 http://secunia.com/advisories/18010 18406 http://secunia.com/advisories/18406 18507 http://secunia.com/advisories/18507 18661 http://secunia.com/advisories/18661 18717 http://secunia.com/advisories/18717 19141 http://www.osvdb.org/19141 ADV-2006-0144 http://www.vupen.com/english/advisories/2006/0144 HPSBUX02090 http://www.securityfocus.com/archive/1/421411/100/0/threaded MDKSA-2005:172 http://www.mandriva.com/security/advisories?name=MDKSA-2005:172 RHSA-2005:527 http://www.redhat.com/support/errata/RHSA-2005-527.html SCOSA-2005.53 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.53/SCOSA-2005.53.txt SSRT051058 SUSE-SR:2006:003 http://lists.suse.com/archive/suse-security-announce/2006-Feb/0001.html USN-209-1 https://usn.ubuntu.com/209-1/ [openssh-unix-announce] 20050901 Announce: OpenSSH 4.2 released http://www.mindrot.org/pipermail/openssh-unix-announce/2005-September/000083.html hpux-secure-shell-dos(24064) https://exchange.xforce.ibmcloud.com/vulnerabilities/24064 http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm http://support.avaya.com/elmodocs2/security/ASA-2006-033.htm oval:org.mitre.oval:def:1345 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1345 oval:org.mitre.oval:def:1566 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1566 oval:org.mitre.oval:def:9717 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9717
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com