ID de Prueba:	1.3.6.1.4.1.25623.1.0.52884
Categoría:	Turbolinux Local Security Tests
Título:	Turbolinux TLSA-2004-11 (httpd)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to httpd announced via advisory TLSA-2004-11. Apache is a powerful, full-featured, efficient, and freely-available Web server. - Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences. - Memory leak in ssl_engine_io.c for mod_ssl in Apache 2. The vulnerabilities may allow an attacker to cause a denial of service of httpd. Solution: Please use the turbopkg (zabom) tool to apply the update. http://www.securityspace.com/smysecure/catid.html?in=TLSA-2004-11 Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0020 http://marc.info/?l=bugtraq&m=108369640424244&w=2 BugTraq ID: 9930 http://www.securityfocus.com/bid/9930 Bugtraq: 20030224 Terminal Emulator Security Issues (Google Search) http://marc.info/?l=bugtraq&m=104612710031920&w=2 Bugtraq: 20040512 [OpenPKG-SA-2004.021] OpenPKG Security Advisory (apache) (Google Search) http://marc.info/?l=bugtraq&m=108437852004207&w=2 http://security.gentoo.org/glsa/glsa-200405-22.xml HPdes Security Advisory: SSRT4717 http://marc.info/?l=bugtraq&m=108731648532365&w=2 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:050 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:046 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100109 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A150 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4114 http://www.redhat.com/support/errata/RHSA-2003-082.html http://www.redhat.com/support/errata/RHSA-2003-083.html http://www.redhat.com/support/errata/RHSA-2003-104.html http://www.redhat.com/support/errata/RHSA-2003-139.html http://www.redhat.com/support/errata/RHSA-2003-243.html http://www.redhat.com/support/errata/RHSA-2003-244.html http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.529643 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1 http://www.trustix.org/errata/2004/0017 http://www.trustix.org/errata/2004/0027 http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html http://www.iss.net/security_center/static/11412.php Common Vulnerability Exposure (CVE) ID: CVE-2004-0113 BugTraq ID: 9826 http://www.securityfocus.com/bid/9826 Bugtraq: 20040325 LNSA-#2004-0006: bug workaround for Apache 2.0.48 (Google Search) http://marc.info/?l=bugtraq&m=108034113406858&w=2 Conectiva Linux advisory: CLSA-2004:839 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000839 http://security.gentoo.org/glsa/glsa-200403-04.xml http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:043 http://issues.apache.org/bugzilla/show_bug.cgi?id=27106 http://marc.info/?l=apache-cvs&m=107869699329638 https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E http://www.osvdb.org/4182 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A876 http://www.redhat.com/support/errata/RHSA-2004-084.html http://www.redhat.com/support/errata/RHSA-2004-182.html XForce ISS Database: apache-modssl-plain-dos(15419) https://exchange.xforce.ibmcloud.com/vulnerabilities/15419
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.