Turbolinux Local Security Tests : Turbolinux TLSA-2005-94 (apache, httpd)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.55507
Kategorie:	Turbolinux Local Security Tests
Titel:	Turbolinux TLSA-2005-94 (apache, httpd)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to apache, httpd announced via advisory TLSA-2005-94. Apache is a powerful, full-featured, efficient, and freely-available Web server. Apache is also the most popular Web server on the Internet. - The mod_ssl fails to properly enforce client certificates authentication. - The byte-range filter in Apache allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field. An attacker may access web documents in a restricted section of a website without providing a valid client certificate. Allows remote attackers to cause a denial of service of the Apache server. Solution: Please use the turbopkg (zabom) tool to apply the update. http://www.securityspace.com/smysecure/catid.html?in=TLSA-2005-94 Risk factor : Critical CVSS Score: 10.0
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2005-2700 102197 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1 102198 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1 14721 http://www.securityfocus.com/bid/14721 16700 http://secunia.com/advisories/16700 16705 http://secunia.com/advisories/16705 16714 http://secunia.com/advisories/16714 16743 http://secunia.com/advisories/16743 16746 http://secunia.com/advisories/16746 16748 http://secunia.com/advisories/16748 16753 http://secunia.com/advisories/16753 16754 http://secunia.com/advisories/16754 16769 http://secunia.com/advisories/16769 16771 http://secunia.com/advisories/16771 16789 http://secunia.com/advisories/16789 16864 http://secunia.com/advisories/16864 16956 http://secunia.com/advisories/16956 17088 http://secunia.com/advisories/17088 17288 http://secunia.com/advisories/17288 17311 http://secunia.com/advisories/17311 17813 http://secunia.com/advisories/17813 19072 http://secunia.com/advisories/19072 19073 http://secunia.com/advisories/19073 19188 http://www.osvdb.org/19188 21848 http://secunia.com/advisories/21848 22523 http://secunia.com/advisories/22523 ADV-2005-1625 http://www.vupen.com/english/advisories/2005/1625 ADV-2005-2659 http://www.vupen.com/english/advisories/2005/2659 ADV-2006-0789 http://www.vupen.com/english/advisories/2006/0789 ADV-2006-4207 http://www.vupen.com/english/advisories/2006/4207 DSA-805 http://www.debian.org/security/2005/dsa-805 DSA-807 http://www.debian.org/security/2005/dsa-807 GLSA-200509-12 http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml HPSBUX01232 http://marc.info/?l=bugtraq&m=112870296926652&w=2 MDKSA-2005:161 http://www.mandriva.com/security/advisories?name=MDKSA-2005:161 OpenPKG-SA-2005.017 http://marc.info/?l=bugtraq&m=112604765028607&w=2 RHSA-2005:608 http://www.redhat.com/support/errata/RHSA-2005-608.html RHSA-2005:773 http://www.redhat.com/support/errata/RHSA-2005-773.html RHSA-2005:816 http://www.redhat.com/support/errata/RHSA-2005-816.html SSRT051043 SUSE-SA:2005:051 http://www.novell.com/linux/security/advisories/2005_51_apache2.html SUSE-SA:2005:052 http://www.novell.com/linux/security/advisories/2005_52_apache2.html SuSE-SA:2006:051 https://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html TSLSA-2005-0059 http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html USN-177-1 http://www.ubuntu.com/usn/usn-177-1 VU#744929 http://www.kb.cert.org/vuls/id/744929 [apache-modssl] 20050902 [ANNOUNCE] mod_ssl 2.8.24-1.3.33 http://marc.info/?l=apache-modssl&m=112569517603897&w=2 [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073139 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/ https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073149 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1888194 [4/13] - /httpd/site/trunk/content/security/json/ https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E [httpd-dev] 20190804 Re: svn commit: r1856807 - /httpd/test/framework/trunk/t/security/CVE-2019-0215.t https://lists.apache.org/thread.html/117bc3f09847ebf020b1bb70301ebcc105ddc446856150b63f37f8eb%40%3Cdev.httpd.apache.org%3E [httpd-dev] 20190806 Re: svn commit: r1856807 - /httpd/test/framework/trunk/t/security/CVE-2019-0215.t https://lists.apache.org/thread.html/5b1e7d66c5adf286f14f6cc0f857b6fca107444f68aed9e70eedab47%40%3Cdev.httpd.apache.org%3E http://people.apache.org/~jorton/CAN-2005-2700.diff http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167195 oval:org.mitre.oval:def:10416 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10416 Common Vulnerability Exposure (CVE) ID: CVE-2005-2728 BugTraq ID: 14660 http://www.securityfocus.com/bid/14660 Debian Security Information: DSA-805 (Google Search) http://www.gentoo.org/security/en/glsa/glsa-200508-15.xml HPdes Security Advisory: HPSBUX02074 http://www.securityfocus.com/archive/1/428138/100/0/threaded HPdes Security Advisory: SSRT051251 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10017 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1246 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1727 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A760 http://secunia.com/advisories/16559/ http://secunia.com/advisories/17036 http://secunia.com/advisories/17600 http://secunia.com/advisories/17831 http://secunia.com/advisories/17923 http://secunia.com/advisories/18161 http://secunia.com/advisories/18333 http://secunia.com/advisories/18517 SGI Security Advisory: 20060101-01-U ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U http://securityreason.com/securityalert/604 SuSE Security Announcement: SUSE-SA:2005:051 (Google Search) SuSE Security Announcement: SUSE-SA:2005:052 (Google Search) XForce ISS Database: apache-byterange-dos(22006) https://exchange.xforce.ibmcloud.com/vulnerabilities/22006
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com