ID de Prueba:	1.3.6.1.4.1.25623.1.0.54677
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200409-21 (apache)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200409-21.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200409-21. Vulnerability Insight: Several vulnerabilities have been found in Apache 2 and mod_dav for Apache 1.3 which could allow a remote attacker to cause a Denial of Service or a local user to get escalated privileges. Solution: All Apache 2 users should upgrade to the latest version: # emerge sync # emerge -pv '>=net-www/apache-2.0.51' # emerge '>=net-www/apache-2.0.51' All mod_dav users should upgrade to the latest version: # emerge sync # emerge -pv '>=net-www/mod_dav-1.0.3-r2' # emerge '>=net-www/mod_dav-1.0.3-r2' CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0747 CERT/CC vulnerability note: VU#481998 http://www.kb.cert.org/vuls/id/481998 http://www.gentoo.org/security/en/glsa/glsa-200409-21.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096 http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=205147 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11561 http://www.redhat.com/support/errata/RHSA-2004-463.html http://securitytracker.com/id?1011303 http://secunia.com/advisories/12540 http://secunia.com/advisories/34920 SuSE Security Announcement: SUSE-SA:2004:032 (Google Search) http://www.novell.com/linux/security/advisories/2004_32_apache2.html http://www.trustix.org/errata/2004/0047/ http://www.vupen.com/english/advisories/2009/1233 XForce ISS Database: apache-env-configuration-bo(17384) https://exchange.xforce.ibmcloud.com/vulnerabilities/17384 Common Vulnerability Exposure (CVE) ID: CVE-2004-0748 AUSCERT Advisory: ESB-2004.0553 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11126 http://www.redhat.com/support/errata/RHSA-2004-349.html SuSE Security Announcement: SUSE-SA:2004:030 (Google Search) http://www.novell.com/linux/security/advisories/2004_30_apache2.html XForce ISS Database: apache-modssl-dos(17200) https://exchange.xforce.ibmcloud.com/vulnerabilities/17200 Common Vulnerability Exposure (CVE) ID: CVE-2004-0751 Bugtraq: 20040911 Remote buffer overflow in Apache mod_ssl when reverse proxying SSL (Google Search) http://archives.neohapsis.com/archives/bugtraq/2004-09/0096.html https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11864 XForce ISS Database: apache-modssl-speculative-dos(17273) https://exchange.xforce.ibmcloud.com/vulnerabilities/17273 Common Vulnerability Exposure (CVE) ID: CVE-2004-0786 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11380 XForce ISS Database: apache-ipv6-aprutil-dos(17382) https://exchange.xforce.ibmcloud.com/vulnerabilities/17382 Common Vulnerability Exposure (CVE) ID: CVE-2004-0809 Debian Security Information: DSA-558 (Google Search) http://www.debian.org/security/2004/dsa-558 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9588 XForce ISS Database: apache-moddav-lock-dos(17366) https://exchange.xforce.ibmcloud.com/vulnerabilities/17366
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.