Test Kennung:	1.3.6.1.4.1.25623.1.0.61476
Kategorie:	Slackware Local Security Checks
Titel:	Slackware: Security Advisory (SSA:2008-210-02)
Zusammenfassung:	The remote host is missing an update for the 'httpd' package(s) announced via the SSA:2008-210-02 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'httpd' package(s) announced via the SSA:2008-210-02 advisory. Vulnerability Insight: New httpd packages are available for Slackware 12.0, 12.1, and -current to fix XSS security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: [links moved to references] Here are the details from the Slackware 12.1 ChangeLog: +--------------------------+ patches/packages/httpd-2.2.9-i486-1_slack12.1.tgz: Upgraded to httpd-2.2.9. This release fixes flaws which could allow XSS attacks. For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'httpd' package(s) on Slackware 12.0, Slackware 12.1, Slackware current. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5000 AIX APAR: PK58024 http://www-1.ibm.com/support/docview.wss?uid=swg1PK58024 AIX APAR: PK58074 http://www-1.ibm.com/support/docview.wss?uid=swg1PK58074 AIX APAR: PK63273 http://www-1.ibm.com/support/docview.wss?uid=swg1PK63273 AIX APAR: PK65782 http://www-1.ibm.com/support/docview.wss?uid=swg24019245 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2008//May/msg00001.html BugTraq ID: 26838 http://www.securityfocus.com/bid/26838 Bugtraq: 20080716 rPSA-2008-0035-1 httpd mod_ssl (Google Search) http://www.securityfocus.com/archive/1/494428/100/0/threaded Bugtraq: 20090821 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server (Google Search) http://www.securityfocus.com/archive/1/505990/100/0/threaded Cert/CC Advisory: TA08-150A http://www.us-cert.gov/cas/techalerts/TA08-150A.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00562.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00541.html HPdes Security Advisory: HPSBMA02388 http://www.securityfocus.com/archive/1/498523/100/0/threaded HPdes Security Advisory: HPSBOV02683 http://marc.info/?l=bugtraq&m=130497311408250&w=2 HPdes Security Advisory: HPSBUX02308 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501 HPdes Security Advisory: SSRT080010 HPdes Security Advisory: SSRT080059 HPdes Security Advisory: SSRT090208 http://www.mandriva.com/security/advisories?name=MDVSA-2008:014 http://www.mandriva.com/security/advisories?name=MDVSA-2008:015 http://www.mandriva.com/security/advisories?name=MDVSA-2008:016 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E http://lists.vmware.com/pipermail/security-announce/2009/000062.html http://www.osvdb.org/39134 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9539 http://www.redhat.com/support/errata/RHSA-2008-0004.html http://www.redhat.com/support/errata/RHSA-2008-0005.html http://www.redhat.com/support/errata/RHSA-2008-0006.html http://www.redhat.com/support/errata/RHSA-2008-0007.html http://www.redhat.com/support/errata/RHSA-2008-0008.html http://www.redhat.com/support/errata/RHSA-2008-0009.html http://www.redhat.com/support/errata/RHSA-2008-0261.html http://securitytracker.com/id?1019093 http://secunia.com/advisories/28046 http://secunia.com/advisories/28073 http://secunia.com/advisories/28081 http://secunia.com/advisories/28196 http://secunia.com/advisories/28375 http://secunia.com/advisories/28467 http://secunia.com/advisories/28471 http://secunia.com/advisories/28525 http://secunia.com/advisories/28526 http://secunia.com/advisories/28607 http://secunia.com/advisories/28749 http://secunia.com/advisories/28750 http://secunia.com/advisories/28922 http://secunia.com/advisories/28977 http://secunia.com/advisories/29420 http://secunia.com/advisories/29640 http://secunia.com/advisories/29806 http://secunia.com/advisories/29988 http://secunia.com/advisories/30356 http://secunia.com/advisories/30430 http://secunia.com/advisories/30732 http://secunia.com/advisories/31142 http://secunia.com/advisories/32800 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.595748 http://sunsolve.sun.com/search/document.do?assetkey=1-26-233623-1 SuSE Security Announcement: SUSE-SA:2008:021 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html http://www.ubuntu.com/usn/usn-575-1 http://www.vupen.com/english/advisories/2007/4201 http://www.vupen.com/english/advisories/2007/4202 http://www.vupen.com/english/advisories/2007/4301 http://www.vupen.com/english/advisories/2008/0084 http://www.vupen.com/english/advisories/2008/0178 http://www.vupen.com/english/advisories/2008/0398 http://www.vupen.com/english/advisories/2008/0809/references http://www.vupen.com/english/advisories/2008/0924/references http://www.vupen.com/english/advisories/2008/1224/references http://www.vupen.com/english/advisories/2008/1623/references http://www.vupen.com/english/advisories/2008/1697 http://www.vupen.com/english/advisories/2008/1875/references XForce ISS Database: apache-modimagemap-xss(39002) https://exchange.xforce.ibmcloud.com/vulnerabilities/39002 XForce ISS Database: apache-modimap-xss(39001) https://exchange.xforce.ibmcloud.com/vulnerabilities/39001 Common Vulnerability Exposure (CVE) ID: CVE-2007-6388 AIX APAR: PK59667 http://www-1.ibm.com/support/search.wss?rs=0&q=PK59667&apar=only AIX APAR: PK62966 http://www-1.ibm.com/support/docview.wss?uid=swg1PK62966 BugTraq ID: 27237 http://www.securityfocus.com/bid/27237 HPdes Security Advisory: HPSBUX02313 http://www.securityfocus.com/archive/1/488082/100/0/threaded HPdes Security Advisory: SSRT080015 https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3Ccvs.httpd.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10272 http://securitytracker.com/id?1019154 http://secunia.com/advisories/28965 http://secunia.com/advisories/29504 http://secunia.com/advisories/33200 http://securityreason.com/securityalert/3541 http://www.vupen.com/english/advisories/2008/0047 http://www.vupen.com/english/advisories/2008/0447/references http://www.vupen.com/english/advisories/2008/0554 http://www.vupen.com/english/advisories/2008/0986/references XForce ISS Database: apache-status-page-xss(39472) https://exchange.xforce.ibmcloud.com/vulnerabilities/39472
Copyright	Copyright (C) 2012 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.