ID de Prueba:	1.3.6.1.4.1.25623.1.0.51376
Categoría:	Conectiva Local Security Checks
Título:	Conectiva Security Advisory CLA-2004:885
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory CLA-2004:885. Apache[1] is the most popular webserver in use today. An issue[2] in the mod_ssl module was reported[3] by Hartmut Keil. When a particular location is configured to require a specific set of cipher suites through the SSLCipherSuite directive in its directory or location context, a client could be able to access that location using any cipher suite allowed by the virtual host configuration. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://apache.httpd.org/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0885 http://issues.apache.org/bugzilla/show_bug.cgi?id=31505 http://www.securityspace.com/smysecure/catid.html?in=CLA-2004:885 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002004 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	BugTraq ID: 11360 Common Vulnerability Exposure (CVE) ID: CVE-2004-0885 http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://www.securityfocus.com/bid/11360 Bugtraq: 20041015 [OpenPKG-SA-2004.044] OpenPKG Security Advisory (modssl) (Google Search) http://marc.info/?l=bugtraq&m=109786159119069&w=2 HPdes Security Advisory: HPSBUX01123 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01123 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10384 http://www.redhat.com/support/errata/RHSA-2004-562.html http://www.redhat.com/support/errata/RHSA-2004-600.html http://www.redhat.com/support/errata/RHSA-2005-816.html http://www.redhat.com/support/errata/RHSA-2008-0261.html http://secunia.com/advisories/19072 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1 http://www.ubuntu.com/usn/usn-177-1 http://www.vupen.com/english/advisories/2006/0789 XForce ISS Database: apache-sslciphersuite-restriction-bypass(17671) https://exchange.xforce.ibmcloud.com/vulnerabilities/17671
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.