Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200407-18 (mod

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54625

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200407-18 (mod_ssl)

Resumen: The remote host is missing updates announced in; advisory GLSA 200407-18.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200407-18.

Vulnerability Insight:
A bug in mod_ssl may allow a remote attacker to execute arbitrary code when
Apache is configured to use mod_ssl and mod_proxy.

Solution:
All mod_ssl users should upgrade to the latest version:

# emerge sync

# emerge -pv '>=net-www/mod_ssl-2.8.19'

# emerge '>=net-www/mod_ssl-2.8.19'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0700
BugTraq ID: 10736
http://www.securityfocus.com/bid/10736
Bugtraq: 20040716 [OpenPKG-SA-2004.032] OpenPKG Security Advisory (apache) (Google Search)
http://marc.info/?l=bugtraq&m=109005001205991&w=2
CERT/CC vulnerability note: VU#303448
http://www.kb.cert.org/vuls/id/303448
Conectiva Linux advisory: CLA-2004:857
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000857
Debian Security Information: DSA-532 (Google Search)
http://www.debian.org/security/2004/dsa-532
https://bugzilla.fedora.us/show_bug.cgi?id=1888
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:075
http://packetstormsecurity.org/0407-advisories/modsslFormat.txt
http://virulent.siyahsapka.org/
http://marc.info/?l=apache-modssl&m=109001100906749&w=2
http://www.osvdb.org/7929
http://www.redhat.com/support/errata/RHSA-2004-405.html
http://www.redhat.com/support/errata/RHSA-2004-408.html
http://www.ubuntu.com/usn/usn-177-1
XForce ISS Database: apache-modssl-format-string(16705)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16705

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54625
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200407-18 (mod_ssl)
Resumen:	The remote host is missing updates announced in; advisory GLSA 200407-18.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200407-18. Vulnerability Insight: A bug in mod_ssl may allow a remote attacker to execute arbitrary code when Apache is configured to use mod_ssl and mod_proxy. Solution: All mod_ssl users should upgrade to the latest version: # emerge sync # emerge -pv '>=net-www/mod_ssl-2.8.19' # emerge '>=net-www/mod_ssl-2.8.19' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0700 BugTraq ID: 10736 http://www.securityfocus.com/bid/10736 Bugtraq: 20040716 [OpenPKG-SA-2004.032] OpenPKG Security Advisory (apache) (Google Search) http://marc.info/?l=bugtraq&m=109005001205991&w=2 CERT/CC vulnerability note: VU#303448 http://www.kb.cert.org/vuls/id/303448 Conectiva Linux advisory: CLA-2004:857 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000857 Debian Security Information: DSA-532 (Google Search) http://www.debian.org/security/2004/dsa-532 https://bugzilla.fedora.us/show_bug.cgi?id=1888 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:075 http://packetstormsecurity.org/0407-advisories/modsslFormat.txt http://virulent.siyahsapka.org/ http://marc.info/?l=apache-modssl&m=109001100906749&w=2 http://www.osvdb.org/7929 http://www.redhat.com/support/errata/RHSA-2004-405.html http://www.redhat.com/support/errata/RHSA-2004-408.html http://www.ubuntu.com/usn/usn-177-1 XForce ISS Database: apache-modssl-format-string(16705) https://exchange.xforce.ibmcloud.com/vulnerabilities/16705
Copyright	Copyright (C) 2008 E-Soft Inc.