Test Kennung:	1.3.6.1.4.1.25623.1.0.56086
Kategorie:	Mandrake Local Security Checks
Titel:	Mandrake Security Advisory MDKSA-2006:007 (apache2)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to apache2 announced via advisory MDKSA-2006:007. A flaw was discovered in mod_imap when using the Referer directive with image maps that could be used by a remote attacker to perform a cross- site scripting attack, in certain site configurations, if a victim could be forced to visit a malicious URL using certain web browsers (CVE-2005-3352). Also, a NULL pointer dereference flaw was found in mod_ssl that affects server configurations where an SSL virtual host was configured with access controls and a custom 400 error document. This could allow a remote attacker to send a carefully crafted request to trigger the issue and cause a crash, but only with the non-default worker MPM (CVE-2005-3357). The provided packages have been patched to prevent these problems. Affected: 10.1, 10.2, 2006.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2006:007 Risk factor : High CVSS Score: 5.4
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2005-3352 AIX APAR: PK16139 http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only AIX APAR: PK25355 http://www-1.ibm.com/support/search.wss?rs=0&q=PK25355&apar=only http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2008//May/msg00001.html BugTraq ID: 15834 http://www.securityfocus.com/bid/15834 Cert/CC Advisory: TA08-150A http://www.us-cert.gov/cas/techalerts/TA08-150A.html Debian Security Information: DSA-1167 (Google Search) http://www.debian.org/security/2006/dsa-1167 http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html http://www.securityfocus.com/archive/1/425399/100/0/threaded http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml HPdes Security Advisory: HPSBMA02328 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449 HPdes Security Advisory: HPSBOV02683 http://marc.info/?l=bugtraq&m=130497311408250&w=2 HPdes Security Advisory: HPSBUX02145 http://www.securityfocus.com/archive/1/445206/100/0/threaded HPdes Security Advisory: HPSBUX02164 http://www.securityfocus.com/archive/1/450321/100/0/threaded HPdes Security Advisory: HPSBUX02172 http://www.securityfocus.com/archive/1/450315/100/0/threaded HPdes Security Advisory: SSRT061202 HPdes Security Advisory: SSRT061265 HPdes Security Advisory: SSRT061269 HPdes Security Advisory: SSRT071293 HPdes Security Advisory: SSRT090208 http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:007 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E http://www.openpkg.org/security/OpenPKG-SA-2005.029-apache.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10480 http://www.redhat.com/support/errata/RHSA-2006-0158.html RedHat Security Advisories: RHSA-2006:0159 http://rhn.redhat.com/errata/RHSA-2006-0159.html RedHat Security Advisories: RHSA-2006:0692 http://rhn.redhat.com/errata/RHSA-2006-0692.html http://securitytracker.com/id?1015344 http://secunia.com/advisories/17319 http://secunia.com/advisories/18008 http://secunia.com/advisories/18333 http://secunia.com/advisories/18339 http://secunia.com/advisories/18340 http://secunia.com/advisories/18429 http://secunia.com/advisories/18517 http://secunia.com/advisories/18526 http://secunia.com/advisories/18585 http://secunia.com/advisories/18743 http://secunia.com/advisories/19012 http://secunia.com/advisories/20046 http://secunia.com/advisories/20670 http://secunia.com/advisories/21744 http://secunia.com/advisories/22140 http://secunia.com/advisories/22368 http://secunia.com/advisories/22388 http://secunia.com/advisories/22669 http://secunia.com/advisories/23260 http://secunia.com/advisories/25239 http://secunia.com/advisories/29420 http://secunia.com/advisories/29849 http://secunia.com/advisories/30430 SGI Security Advisory: 20060101-01-U ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.685483 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.470158 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1 SuSE Security Announcement: SUSE-SA:2006:043 (Google Search) http://www.novell.com/linux/security/advisories/2006_43_apache.html SuSE Security Announcement: SUSE-SR:2006:004 (Google Search) http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html SuSE Security Announcement: SUSE-SR:2007:011 (Google Search) http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html http://www.trustix.org/errata/2005/0074/ http://www.ubuntulinux.org/usn/usn-241-1 http://www.vupen.com/english/advisories/2005/2870 http://www.vupen.com/english/advisories/2006/2423 http://www.vupen.com/english/advisories/2006/3995 http://www.vupen.com/english/advisories/2006/4015 http://www.vupen.com/english/advisories/2006/4300 http://www.vupen.com/english/advisories/2006/4868 http://www.vupen.com/english/advisories/2008/0924/references http://www.vupen.com/english/advisories/2008/1246/references http://www.vupen.com/english/advisories/2008/1697 Common Vulnerability Exposure (CVE) ID: CVE-2005-3357 1015447 http://securitytracker.com/id?1015447 102640 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102640-1 102662 16152 http://www.securityfocus.com/bid/16152 18307 http://secunia.com/advisories/18307 18333 18339 18340 18429 18517 18585 18743 19012 20060101-01-U 21848 http://secunia.com/advisories/21848 22233 http://secunia.com/advisories/22233 22368 22523 http://secunia.com/advisories/22523 22669 22992 http://secunia.com/advisories/22992 23260 29849 30430 ADV-2006-0056 http://www.vupen.com/english/advisories/2006/0056 ADV-2006-3920 http://www.vupen.com/english/advisories/2006/3920 ADV-2006-3995 ADV-2006-4207 http://www.vupen.com/english/advisories/2006/4207 ADV-2006-4300 ADV-2006-4868 ADV-2008-1246 ADV-2008-1697 APPLE-SA-2008-05-28 FEDORA-2006-052 FLSA-2006:175406 GLSA-200602-03 HPSBMA02328 HPSBOV02683 HPSBUX02145 HPSBUX02172 RHSA-2006:0159 SSRT061202 SSRT061269 SSRT071293 SSRT090208 SUSE-SR:2006:004 SuSE-SA:2006:051 https://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html TA08-150A TSLSA-2005-0074 USN-241-1 [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073139 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/ https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073149 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1888194 [4/13] - /httpd/site/trunk/content/security/json/ https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210603 svn commit: r1075360 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210606 svn commit: r1075467 [2/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E http://issues.apache.org/bugzilla/show_bug.cgi?id=37791 http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm http://svn.apache.org/viewcvs?rev=358026&view=rev http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117 oval:org.mitre.oval:def:11467 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11467
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.