Conectiva Local Security Checks : Conectiva Security Advisory CLA-2003:777

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.51479

Categoría: Conectiva Local Security Checks

Título: Conectiva Security Advisory CLA-2003:777

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory CLA-2003:777.

thttpd is a very simple and compact HTTP server.

The thttpd package distributed with Conectiva Linux 9
(thttpd-2.20c-22870cl) contains several bugs[1] that prevent it from
being useful. This update fixes these bugs and the following security
vulnerabilities that affect thttpd 2.20c (descriptions borrowed from
the respectives CVE pages):

- Sensitive files disclosure vulnerability[2] (CVE-2001-0892)
With the chroot option enabled, thttpd allows remote attackers to
view sensitive files under the document root (such as .htpasswd) via
a GET request with a trailing '/.'.

- Cross-site scripting vulnerability[3] (CVE-2002-0733)
thttpd allows remote attackers to execute arbitrary scripts via a URL
to a nonexistent page, which causes thttpd to insert the script into
a 404 error message.

- Directory traversal vulnerability[4] (CVE-2002-1562)
When using virtual hosting, thttpd allows remote attackers to read
arbitrary files via '..' (dot dot) sequences in the 'Host:' header.

The thttpd package has been updated to the 2.24 version, the latest
stable one available at this time.

Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://bugzilla.conectiva.com.br/show_bug.cgi?id=9653
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0892
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0733
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1562
http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:777
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2001-0892
Bugtraq: 20011113 Cgisecurity.com Advisory #6: thttpd and mini_http Permission bypass vuln (Google Search)
http://marc.info/?l=bugtraq&m=100568999726036&w=2
Common Vulnerability Exposure (CVE) ID: CVE-2002-0733
BugTraq ID: 4601
http://www.securityfocus.com/bid/4601
http://www.ifrance.com/kitetoua/tuto/5holes1.txt
http://www.osvdb.org/5125
http://archives.neohapsis.com/archives/vuln-dev/2002-q2/0155.html
http://www.iss.net/security_center/static/9029.php
Common Vulnerability Exposure (CVE) ID: CVE-2002-1562
Conectiva Linux advisory: CLA-2003:777
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000777
Debian Security Information: DSA-396 (Google Search)
https://www.debian.org/security/2003/dsa-396
SuSE Security Announcement: SuSE-SA:2003:044 (Google Search)

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.51479
Categoría:	Conectiva Local Security Checks
Título:	Conectiva Security Advisory CLA-2003:777
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory CLA-2003:777. thttpd is a very simple and compact HTTP server. The thttpd package distributed with Conectiva Linux 9 (thttpd-2.20c-22870cl) contains several bugs[1] that prevent it from being useful. This update fixes these bugs and the following security vulnerabilities that affect thttpd 2.20c (descriptions borrowed from the respectives CVE pages): - Sensitive files disclosure vulnerability[2] (CVE-2001-0892) With the chroot option enabled, thttpd allows remote attackers to view sensitive files under the document root (such as .htpasswd) via a GET request with a trailing '/.'. - Cross-site scripting vulnerability[3] (CVE-2002-0733) thttpd allows remote attackers to execute arbitrary scripts via a URL to a nonexistent page, which causes thttpd to insert the script into a 404 error message. - Directory traversal vulnerability[4] (CVE-2002-1562) When using virtual hosting, thttpd allows remote attackers to read arbitrary files via '..' (dot dot) sequences in the 'Host:' header. The thttpd package has been updated to the 2.24 version, the latest stable one available at this time. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://bugzilla.conectiva.com.br/show_bug.cgi?id=9653 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0892 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0733 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1562 http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:777 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2001-0892 Bugtraq: 20011113 Cgisecurity.com Advisory #6: thttpd and mini_http Permission bypass vuln (Google Search) http://marc.info/?l=bugtraq&m=100568999726036&w=2 Common Vulnerability Exposure (CVE) ID: CVE-2002-0733 BugTraq ID: 4601 http://www.securityfocus.com/bid/4601 http://www.ifrance.com/kitetoua/tuto/5holes1.txt http://www.osvdb.org/5125 http://archives.neohapsis.com/archives/vuln-dev/2002-q2/0155.html http://www.iss.net/security_center/static/9029.php Common Vulnerability Exposure (CVE) ID: CVE-2002-1562 Conectiva Linux advisory: CLA-2003:777 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000777 Debian Security Information: DSA-396 (Google Search) https://www.debian.org/security/2003/dsa-396 SuSE Security Announcement: SuSE-SA:2003:044 (Google Search)
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com