English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.57168
Kategorie:Slackware Local Security Checks
Titel:Slackware: Security Advisory (SSA:2006-209-01)
Zusammenfassung:The remote host is missing an update for the 'Apache' package(s) announced via the SSA:2006-209-01 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'Apache' package(s) announced via the SSA:2006-209-01 advisory.

Vulnerability Insight:
New Apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1,
10.2, and -current to fix a security issue with mod_rewrite.

More details about the issues may be found in the Common
Vulnerabilities and Exposures (CVE) database:

[link moved to references]

In addition, new mod_ssl packages for Apache 1.3.37 are available for
all of these versions of Slackware. This additional package does not
fix a security issue, but may be required on your system depending on
your Apache setup.


Here are the details from the Slackware 10.2 ChangeLog:
+--------------------------+
patches/packages/apache-1.3.37-i486-1_slack10.2.tgz:
Upgraded to apache-1.3.37.
From the announcement on httpd.apache.org:
This version of Apache is security fix release only. An off-by-one flaw
exists in the Rewrite module, mod_rewrite, as shipped with Apache 1.3
since 1.3.28, 2.0 since 2.0.46, and 2.2 since 2.2.0.
The Slackware Security Team feels that the vast majority of installations
will not be configured in a vulnerable way but still suggests upgrading to
the new apache and mod_ssl packages for maximum security.
For more details, see:
[link moved to references]
And see Apache's announcement here:
[link moved to references]
(* Security fix *)
patches/packages/mod_ssl-2.8.28_1.3.37-i486-1_slack10.2.tgz:
Upgraded to mod_ssl-2.8.28-1.3.37.
+--------------------------+

Affected Software/OS:
'Apache' package(s) on Slackware 8.1, Slackware 9.0, Slackware 9.1, Slackware 10.0, Slackware 10.1, Slackware 10.2, Slackware current.

Solution:
Please install the updated package(s).

CVSS Score:
7.6

CVSS Vector:
AV:N/AC:H/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2006-3747
1016601
http://securitytracker.com/id?1016601
102662
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1
102663
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1
1312
http://securityreason.com/securityalert/1312
19204
http://www.securityfocus.com/bid/19204
2006-0044
http://lwn.net/Alerts/194228/
20060728 Apache 1.3.29/2.X mod_rewrite Buffer Overflow Vulnerability CVE-2006-3747
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.html
20060728 Apache mod_rewrite Buffer Overflow Vulnerability
http://www.securityfocus.com/archive/1/441487/100/0/threaded
20060728 [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.html
http://www.securityfocus.com/archive/1/441485/100/0/threaded
20060728 rPSA-2006-0139-1 httpd mod_ssl
http://www.securityfocus.com/archive/1/441526/100/200/threaded
20060820 POC & exploit for Apache mod_rewrite off-by-one
http://www.securityfocus.com/archive/1/443870/100/0/threaded
21197
http://secunia.com/advisories/21197
21241
http://secunia.com/advisories/21241
21245
http://secunia.com/advisories/21245
21247
http://secunia.com/advisories/21247
21266
http://secunia.com/advisories/21266
21273
http://secunia.com/advisories/21273
21284
http://secunia.com/advisories/21284
21307
http://secunia.com/advisories/21307
21313
http://secunia.com/advisories/21313
21315
http://secunia.com/advisories/21315
21346
http://secunia.com/advisories/21346
21478
http://secunia.com/advisories/21478
21509
http://secunia.com/advisories/21509
22262
http://secunia.com/advisories/22262
22368
http://secunia.com/advisories/22368
22388
http://secunia.com/advisories/22388
22523
http://secunia.com/advisories/22523
23028
http://secunia.com/advisories/23028
23260
http://secunia.com/advisories/23260
26329
http://secunia.com/advisories/26329
27588
http://www.osvdb.org/27588
29420
http://secunia.com/advisories/29420
29849
http://secunia.com/advisories/29849
30430
http://secunia.com/advisories/30430
ADV-2006-3017
http://www.vupen.com/english/advisories/2006/3017
ADV-2006-3264
http://www.vupen.com/english/advisories/2006/3264
ADV-2006-3282
http://www.vupen.com/english/advisories/2006/3282
ADV-2006-3884
http://www.vupen.com/english/advisories/2006/3884
ADV-2006-3995
http://www.vupen.com/english/advisories/2006/3995
ADV-2006-4015
http://www.vupen.com/english/advisories/2006/4015
ADV-2006-4207
http://www.vupen.com/english/advisories/2006/4207
ADV-2006-4300
http://www.vupen.com/english/advisories/2006/4300
ADV-2006-4868
http://www.vupen.com/english/advisories/2006/4868
ADV-2007-2783
http://www.vupen.com/english/advisories/2007/2783
ADV-2008-0924
http://www.vupen.com/english/advisories/2008/0924/references
ADV-2008-1246
http://www.vupen.com/english/advisories/2008/1246/references
ADV-2008-1697
http://www.vupen.com/english/advisories/2008/1697
APPLE-SA-2008-03-18
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
APPLE-SA-2008-05-28
http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
DSA-1131
http://www.debian.org/security/2006/dsa-1131
DSA-1132
http://www.debian.org/security/2006/dsa-1132
GLSA-200608-01
http://security.gentoo.org/glsa/glsa-200608-01.xml
HPSBMA02250
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771
HPSBMA02328
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449
HPSBOV02683
http://marc.info/?l=bugtraq&m=130497311408250&w=2
HPSBUX02145
http://www.securityfocus.com/archive/1/445206/100/0/threaded
HPSBUX02164
http://www.securityfocus.com/archive/1/450321/100/0/threaded
MDKSA-2006:133
http://www.mandriva.com/security/advisories?name=MDKSA-2006:133
OpenPKG-SA-2006.015
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html
PK27875
http://www-1.ibm.com/support/docview.wss?uid=swg24013080
PK29154
http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154
PK29156
http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156
SSRT061202
SSRT061265
SSRT061275
SSRT071293
SSRT090208
SUSE-SA:2006:043
http://www.novell.com/linux/security/advisories/2006_43_apache.html
TA08-150A
http://www.us-cert.gov/cas/techalerts/TA08-150A.html
USN-328-1
http://www.ubuntu.com/usn/usn-328-1
VU#395412
http://www.kb.cert.org/vuls/id/395412
[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073139 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073149 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1888194 [4/13] - /httpd/site/trunk/content/security/json/
https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
apache-modrewrite-offbyone-bo(28063)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28063
http://docs.info.apple.com/article.html?artnum=307562
http://kbase.redhat.com/faq/FAQ_68_8653.shtm
http://svn.apache.org/viewvc?view=rev&revision=426144
http://www-1.ibm.com/support/docview.wss?uid=swg27007951
http://www.apache.org/dist/httpd/Announcement2.0.html
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117
https://issues.rpath.com/browse/RPL-538
CopyrightCopyright (C) 2012 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.