Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2018-0474)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2018.0474

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2018-0474)

Resumen: The remote host is missing an update for the 'apache-mod_perl' package(s) announced via the MGASA-2018-0474 advisory.

Descripción: Summary:
The remote host is missing an update for the 'apache-mod_perl' package(s) announced via the MGASA-2018-0474 advisory.

Vulnerability Insight:
A flaw was found in mod_perl 2.0 through 2.0.10 which allows attackers
to execute arbitrary Perl code by placing it in a user-owned .htaccess
file, because (contrary to the documentation) there is no configuration
option that permits Perl code for the administrator's control of HTTP
request processing without also permitting unprivileged users to run
Perl code in the context of the user account that runs Apache HTTP
Server processes (CVE-2011-2767).

Affected Software/OS:
'apache-mod_perl' package(s) on Mageia 6.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-2767
BugTraq ID: 105195
http://www.securityfocus.com/bid/105195
https://bugs.debian.org/644169
https://mail-archives.apache.org/mod_mbox/perl-modperl/201110.mbox/raw/%3C20111004084343.GA21290%40ktnx.net%3E
https://lists.debian.org/debian-lts-announce/2018/09/msg00018.html
https://lists.apache.org/thread.html/c8ebe8aad147a3ad2e7b0e8b2da45263171ab5d0fc7f8c100feaa94d@%3Cmodperl-cvs.perl.apache.org%3E
RedHat Security Advisories: RHSA-2018:2737
https://access.redhat.com/errata/RHSA-2018:2737
RedHat Security Advisories: RHSA-2018:2825
https://access.redhat.com/errata/RHSA-2018:2825
RedHat Security Advisories: RHSA-2018:2826
https://access.redhat.com/errata/RHSA-2018:2826
SuSE Security Announcement: openSUSE-SU-2019:2549 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00063.html
SuSE Security Announcement: openSUSE-SU-2019:2558 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00065.html
https://usn.ubuntu.com/3825-1/
https://usn.ubuntu.com/3825-2/

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2018.0474
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2018-0474)
Resumen:	The remote host is missing an update for the 'apache-mod_perl' package(s) announced via the MGASA-2018-0474 advisory.
Descripción:	Summary: The remote host is missing an update for the 'apache-mod_perl' package(s) announced via the MGASA-2018-0474 advisory. Vulnerability Insight: A flaw was found in mod_perl 2.0 through 2.0.10 which allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users to run Perl code in the context of the user account that runs Apache HTTP Server processes (CVE-2011-2767). Affected Software/OS: 'apache-mod_perl' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-2767 BugTraq ID: 105195 http://www.securityfocus.com/bid/105195 https://bugs.debian.org/644169 https://mail-archives.apache.org/mod_mbox/perl-modperl/201110.mbox/raw/%3C20111004084343.GA21290%40ktnx.net%3E https://lists.debian.org/debian-lts-announce/2018/09/msg00018.html https://lists.apache.org/thread.html/c8ebe8aad147a3ad2e7b0e8b2da45263171ab5d0fc7f8c100feaa94d@%3Cmodperl-cvs.perl.apache.org%3E RedHat Security Advisories: RHSA-2018:2737 https://access.redhat.com/errata/RHSA-2018:2737 RedHat Security Advisories: RHSA-2018:2825 https://access.redhat.com/errata/RHSA-2018:2825 RedHat Security Advisories: RHSA-2018:2826 https://access.redhat.com/errata/RHSA-2018:2826 SuSE Security Announcement: openSUSE-SU-2019:2549 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00063.html SuSE Security Announcement: openSUSE-SU-2019:2558 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00065.html https://usn.ubuntu.com/3825-1/ https://usn.ubuntu.com/3825-2/
Copyright	Copyright (C) 2022 Greenbone AG