ID de Prueba:	1.3.6.1.4.1.25623.1.0.54590
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200406-05 (Apache)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200406-05.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200406-05. Vulnerability Insight: A bug in mod_ssl may allow a remote attacker to execute remote code when Apache is configured a certain way. Solution: Apache 1.x users should upgrade to the latest version of mod_ssl: # emerge sync # emerge -pv '>=net-www/mod_ssl-2.8.18' # emerge '>=net-www/mod_ssl-2.8.18' Apache 2.x users should upgrade to the latest version of Apache: # emerge sync # emerge -pv '>=net-www/apache-2.0.49-r3' # emerge '>=net-www/apache-2.0.49-r3' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0488 BugTraq ID: 10355 http://www.securityfocus.com/bid/10355 Bugtraq: 20040527 [OpenPKG-SA-2004.026] OpenPKG Security Advisory (apache) (Google Search) http://marc.info/?l=bugtraq&m=108567431823750&w=2 Bugtraq: 20040601 TSSA-2004-008 - apache (Google Search) http://marc.info/?l=bugtraq&m=108619129727620&w=2 Debian Security Information: DSA-532 (Google Search) http://www.debian.org/security/2004/dsa-532 https://bugzilla.fedora.us/show_bug.cgi?id=1888 http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021610.html http://security.gentoo.org/glsa/glsa-200406-05.xml HPdes Security Advisory: SSRT4777 http://marc.info/?l=bugtraq&m=109181600614477&w=2 HPdes Security Advisory: SSRT4788 http://marc.info/?l=bugtraq&m=109215056218824&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2004:054 http://www.mandriva.com/security/advisories?name=MDKSA-2004:055 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11458 RedHat Security Advisories: RHSA-2004:245 http://rhn.redhat.com/errata/RHSA-2004-245.html http://www.redhat.com/support/errata/RHSA-2004-342.html http://www.redhat.com/support/errata/RHSA-2004-405.html http://www.redhat.com/support/errata/RHSA-2005-816.html SGI Security Advisory: 20040605-01-U ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc http://www.trustix.net/errata/2004/0031/ XForce ISS Database: apache-modssl-uuencode-bo(16214) https://exchange.xforce.ibmcloud.com/vulnerabilities/16214
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.