English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.55258
Categoría:Slackware Local Security Checks
Título:Slackware: Security Advisory (SSA:2005-251-02)
Resumen:The remote host is missing an update for the 'mod_ssl' package(s) announced via the SSA:2005-251-02 advisory.
Descripción:Summary:
The remote host is missing an update for the 'mod_ssl' package(s) announced via the SSA:2005-251-02 advisory.

Vulnerability Insight:
New mod_ssl packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1,
and -current to fix a security issue. If 'SSLVerifyClient optional' was
configured in the global section of the config file, it could improperly
override 'SSLVerifyClient require' in a per-location section.

More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:

[link moved to references]

Here are the details from the Slackware 10.1 ChangeLog:
+--------------------------+
patches/packages/mod_ssl-2.8.24_1.3.33-i486-1.tgz: Upgraded to
mod_ssl-2.8.24-1.3.33. From the CHANGES file:
Fix a security issue (CAN-2005-2700) where 'SSLVerifyClient require' was
not enforced in per-location context if 'SSLVerifyClient optional' was
configured in the global virtual host configuration.
For more information, see:
[link moved to references]
(* Security fix *)
+--------------------------+

Affected Software/OS:
'mod_ssl' package(s) on Slackware 8.1, Slackware 9.0, Slackware 9.1, Slackware 10.0, Slackware 10.1, Slackware current.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-2700
102197
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1
102198
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1
14721
http://www.securityfocus.com/bid/14721
16700
http://secunia.com/advisories/16700
16705
http://secunia.com/advisories/16705
16714
http://secunia.com/advisories/16714
16743
http://secunia.com/advisories/16743
16746
http://secunia.com/advisories/16746
16748
http://secunia.com/advisories/16748
16753
http://secunia.com/advisories/16753
16754
http://secunia.com/advisories/16754
16769
http://secunia.com/advisories/16769
16771
http://secunia.com/advisories/16771
16789
http://secunia.com/advisories/16789
16864
http://secunia.com/advisories/16864
16956
http://secunia.com/advisories/16956
17088
http://secunia.com/advisories/17088
17288
http://secunia.com/advisories/17288
17311
http://secunia.com/advisories/17311
17813
http://secunia.com/advisories/17813
19072
http://secunia.com/advisories/19072
19073
http://secunia.com/advisories/19073
19188
http://www.osvdb.org/19188
21848
http://secunia.com/advisories/21848
22523
http://secunia.com/advisories/22523
ADV-2005-1625
http://www.vupen.com/english/advisories/2005/1625
ADV-2005-2659
http://www.vupen.com/english/advisories/2005/2659
ADV-2006-0789
http://www.vupen.com/english/advisories/2006/0789
ADV-2006-4207
http://www.vupen.com/english/advisories/2006/4207
DSA-805
http://www.debian.org/security/2005/dsa-805
DSA-807
http://www.debian.org/security/2005/dsa-807
GLSA-200509-12
http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml
HPSBUX01232
http://marc.info/?l=bugtraq&m=112870296926652&w=2
MDKSA-2005:161
http://www.mandriva.com/security/advisories?name=MDKSA-2005:161
OpenPKG-SA-2005.017
http://marc.info/?l=bugtraq&m=112604765028607&w=2
RHSA-2005:608
http://www.redhat.com/support/errata/RHSA-2005-608.html
RHSA-2005:773
http://www.redhat.com/support/errata/RHSA-2005-773.html
RHSA-2005:816
http://www.redhat.com/support/errata/RHSA-2005-816.html
SSRT051043
SUSE-SA:2005:051
http://www.novell.com/linux/security/advisories/2005_51_apache2.html
SUSE-SA:2005:052
http://www.novell.com/linux/security/advisories/2005_52_apache2.html
SuSE-SA:2006:051
https://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html
TSLSA-2005-0059
http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
USN-177-1
http://www.ubuntu.com/usn/usn-177-1
VU#744929
http://www.kb.cert.org/vuls/id/744929
[apache-modssl] 20050902 [ANNOUNCE] mod_ssl 2.8.24-1.3.33
http://marc.info/?l=apache-modssl&m=112569517603897&w=2
[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073139 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073149 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1888194 [4/13] - /httpd/site/trunk/content/security/json/
https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E
[httpd-dev] 20190804 Re: svn commit: r1856807 - /httpd/test/framework/trunk/t/security/CVE-2019-0215.t
https://lists.apache.org/thread.html/117bc3f09847ebf020b1bb70301ebcc105ddc446856150b63f37f8eb%40%3Cdev.httpd.apache.org%3E
[httpd-dev] 20190806 Re: svn commit: r1856807 - /httpd/test/framework/trunk/t/security/CVE-2019-0215.t
https://lists.apache.org/thread.html/5b1e7d66c5adf286f14f6cc0f857b6fca107444f68aed9e70eedab47%40%3Cdev.httpd.apache.org%3E
http://people.apache.org/~jorton/CAN-2005-2700.diff
http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167195
oval:org.mitre.oval:def:10416
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10416
CopyrightCopyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.