English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.55462
Categoría:Conectiva Local Security Checks
Título:Conectiva Security Advisory CLSA-2005:1013
Resumen:NOSUMMARY
Descripción:Description:

The remote host is missing updates announced in
advisory CLSA-2005:1013.

CVE-2004-0885
When using the 'SSLCipherSuite' directive in directory or
location context, Apache may allow remote clients to bypass
intended restrictions by using any cipher suite that is
allowed by the virtual host configuration.

CVE-2005-2491
Integer overflow in pcre_compile.c in Perl Compatible Regular
Expressions (PCRE) before 6.2, as used in Apache, allows
attackers to execute arbitrary code via quantifier values
in regular expressions, which leads to a heap-based buffer
overflow. This update links Apache with system's libpcre,
which is already fixed.

CVE-2005-2700
When using 'SSLVerifyClient optional' in the global virtual host
configuration, Apache does not properly enforce 'SSLVerifyClient require'
in a per-location context, which allows remote attackers to bypass
intended access restrictions.

CVE-2005-2728
The byte-range filter in Apache allows remote attackers to
cause a denial of service (memory consumption) via an
HTTP header with a large Range field.Solution:

The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=001013
http://apache.httpd.org/

Risk factor : Critical

CVSS Score:
10.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0885
http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
BugTraq ID: 11360
http://www.securityfocus.com/bid/11360
Bugtraq: 20041015 [OpenPKG-SA-2004.044] OpenPKG Security Advisory (modssl) (Google Search)
http://marc.info/?l=bugtraq&m=109786159119069&w=2
HPdes Security Advisory: HPSBUX01123
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01123
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10384
http://www.redhat.com/support/errata/RHSA-2004-562.html
http://www.redhat.com/support/errata/RHSA-2004-600.html
http://www.redhat.com/support/errata/RHSA-2005-816.html
http://www.redhat.com/support/errata/RHSA-2008-0261.html
http://secunia.com/advisories/19072
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1
http://www.ubuntu.com/usn/usn-177-1
http://www.vupen.com/english/advisories/2006/0789
XForce ISS Database: apache-sslciphersuite-restriction-bypass(17671)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17671
Common Vulnerability Exposure (CVE) ID: CVE-2005-2491
1014744
http://securitytracker.com/id?1014744
102198
14620
http://www.securityfocus.com/bid/14620
15647
http://www.securityfocus.com/bid/15647
16502
http://secunia.com/advisories/16502
16679
http://secunia.com/advisories/16679
17252
http://secunia.com/advisories/17252
17813
http://secunia.com/advisories/17813
19072
19193
http://secunia.com/advisories/19193
19532
http://secunia.com/advisories/19532
20060401-01-U
ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U
21522
http://secunia.com/advisories/21522
22691
http://secunia.com/advisories/22691
22875
http://secunia.com/advisories/22875
604
http://securityreason.com/securityalert/604
ADV-2005-1511
http://www.vupen.com/english/advisories/2005/1511
ADV-2005-2659
http://www.vupen.com/english/advisories/2005/2659
ADV-2006-0789
ADV-2006-4320
http://www.vupen.com/english/advisories/2006/4320
ADV-2006-4502
http://www.vupen.com/english/advisories/2006/4502
APPLE-SA-2005-11-29
http://docs.info.apple.com/article.html?artnum=302847
DSA-800
http://www.debian.org/security/2005/dsa-800
DSA-817
http://www.debian.org/security/2005/dsa-817
DSA-819
http://www.debian.org/security/2005/dsa-819
DSA-821
http://www.debian.org/security/2005/dsa-821
FLSA:168516
http://www.securityfocus.com/archive/1/427046/100/0/threaded
GLSA-200508-17
http://www.gentoo.org/security/en/glsa/glsa-200508-17.xml
GLSA-200509-02
http://www.gentoo.org/security/en/glsa/glsa-200509-02.xml
GLSA-200509-08
http://www.gentoo.org/security/en/glsa/glsa-200509-08.xml
GLSA-200509-12
http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml
GLSA-200509-19
http://www.gentoo.org/security/en/glsa/glsa-200509-19.xml
HPSBMA02159
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522
HPSBOV02683
http://marc.info/?l=bugtraq&m=130497311408250&w=2
HPSBUX02074
http://www.securityfocus.com/archive/1/428138/100/0/threaded
OpenPKG-SA-2005.018
http://marc.info/?l=bugtraq&m=112606064317223&w=2
RHSA-2005:358
http://www.redhat.com/support/errata/RHSA-2005-358.html
RHSA-2005:761
http://www.redhat.com/support/errata/RHSA-2005-761.html
RHSA-2006:0197
http://www.redhat.com/support/errata/RHSA-2006-0197.html
SCOSA-2006.10
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.10/SCOSA-2006.10.txt
SSRT051251
SSRT061238
SSRT090208
SUSE-SA:2005:048
http://www.novell.com/linux/security/advisories/2005_48_pcre.html
SUSE-SA:2005:049
http://www.novell.com/linux/security/advisories/2005_49_php.html
SUSE-SA:2005:051
http://marc.info/?l=bugtraq&m=112605112027335&w=2
SUSE-SA:2005:052
http://www.novell.com/linux/security/advisories/2005_52_apache2.html
TSLSA-2005-0059
http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073149 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E
http://support.avaya.com/elmodocs2/security/ASA-2005-216.pdf
http://support.avaya.com/elmodocs2/security/ASA-2005-223.pdf
http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
http://support.avaya.com/elmodocs2/security/ASA-2006-159.htm
http://www.ethereal.com/appnotes/enpa-sa-00021.html
http://www.php.net/release_4_4_1.php
oval:org.mitre.oval:def:11516
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11516
oval:org.mitre.oval:def:1496
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1496
oval:org.mitre.oval:def:1659
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1659
oval:org.mitre.oval:def:735
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A735
Common Vulnerability Exposure (CVE) ID: CVE-2005-2700
102197
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1
14721
http://www.securityfocus.com/bid/14721
16700
http://secunia.com/advisories/16700
16705
http://secunia.com/advisories/16705
16714
http://secunia.com/advisories/16714
16743
http://secunia.com/advisories/16743
16746
http://secunia.com/advisories/16746
16748
http://secunia.com/advisories/16748
16753
http://secunia.com/advisories/16753
16754
http://secunia.com/advisories/16754
16769
http://secunia.com/advisories/16769
16771
http://secunia.com/advisories/16771
16789
http://secunia.com/advisories/16789
16864
http://secunia.com/advisories/16864
16956
http://secunia.com/advisories/16956
17088
http://secunia.com/advisories/17088
17288
http://secunia.com/advisories/17288
17311
http://secunia.com/advisories/17311
19073
http://secunia.com/advisories/19073
19188
http://www.osvdb.org/19188
21848
http://secunia.com/advisories/21848
22523
http://secunia.com/advisories/22523
ADV-2005-1625
http://www.vupen.com/english/advisories/2005/1625
ADV-2006-4207
http://www.vupen.com/english/advisories/2006/4207
DSA-805
http://www.debian.org/security/2005/dsa-805
DSA-807
http://www.debian.org/security/2005/dsa-807
HPSBUX01232
http://marc.info/?l=bugtraq&m=112870296926652&w=2
MDKSA-2005:161
http://www.mandriva.com/security/advisories?name=MDKSA-2005:161
OpenPKG-SA-2005.017
http://marc.info/?l=bugtraq&m=112604765028607&w=2
RHSA-2005:608
http://www.redhat.com/support/errata/RHSA-2005-608.html
RHSA-2005:773
http://www.redhat.com/support/errata/RHSA-2005-773.html
RHSA-2005:816
SSRT051043
http://www.novell.com/linux/security/advisories/2005_51_apache2.html
SuSE-SA:2006:051
https://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html
USN-177-1
VU#744929
http://www.kb.cert.org/vuls/id/744929
[apache-modssl] 20050902 [ANNOUNCE] mod_ssl 2.8.24-1.3.33
http://marc.info/?l=apache-modssl&m=112569517603897&w=2
[httpd-cvs] 20210330 svn commit: r1073139 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1888194 [4/13] - /httpd/site/trunk/content/security/json/
https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
[httpd-dev] 20190804 Re: svn commit: r1856807 - /httpd/test/framework/trunk/t/security/CVE-2019-0215.t
https://lists.apache.org/thread.html/117bc3f09847ebf020b1bb70301ebcc105ddc446856150b63f37f8eb%40%3Cdev.httpd.apache.org%3E
[httpd-dev] 20190806 Re: svn commit: r1856807 - /httpd/test/framework/trunk/t/security/CVE-2019-0215.t
https://lists.apache.org/thread.html/5b1e7d66c5adf286f14f6cc0f857b6fca107444f68aed9e70eedab47%40%3Cdev.httpd.apache.org%3E
http://people.apache.org/~jorton/CAN-2005-2700.diff
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167195
oval:org.mitre.oval:def:10416
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10416
Common Vulnerability Exposure (CVE) ID: CVE-2005-2728
BugTraq ID: 14660
http://www.securityfocus.com/bid/14660
Debian Security Information: DSA-805 (Google Search)
http://www.gentoo.org/security/en/glsa/glsa-200508-15.xml
HPdes Security Advisory: HPSBUX02074
HPdes Security Advisory: SSRT051251
https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10017
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1246
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1727
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A760
http://secunia.com/advisories/16559/
http://secunia.com/advisories/17036
http://secunia.com/advisories/17600
http://secunia.com/advisories/17831
http://secunia.com/advisories/17923
http://secunia.com/advisories/18161
http://secunia.com/advisories/18333
http://secunia.com/advisories/18517
SGI Security Advisory: 20060101-01-U
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
SuSE Security Announcement: SUSE-SA:2005:051 (Google Search)
SuSE Security Announcement: SUSE-SA:2005:052 (Google Search)
XForce ISS Database: apache-byterange-dos(22006)
https://exchange.xforce.ibmcloud.com/vulnerabilities/22006
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.