Test ID:	1.3.6.1.4.1.25623.1.0.50814
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDKSA-2002:039-2 (apache)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to apache announced via advisory MDKSA-2002:039-2. [ Please note that this advisory supersedes the previous MDKSA-2002:039 and MDKSA-2002:039-1 advisories. ] MandrakeSoft is urging all users of Mandrake Linux to update their Apache installations immediately. What was previously thought to have been a DoS-only condition has now been proven to be more than that exploitable conditions have been discovered on both 32bit and 64bit platforms. Successful exploitation of this vulnerability may lead to the execution of arbitary code on the server running a vulnerable Apache with the permissions of the web server child process (on Mandrake Linux this is the user apache). This can be used to exploit other vulnerabilities that are unrelated to Apache on the local system, and potentially allow the intruder root access. Thanks to Gobbles for proving that this exploitable condition exists. Because there are known exploits in the wild for some platforms, this update should be considered essential and should be performed immediately. All versions of Apache prior to 1.3.26 and 2.0.37 are vulnerable to this problem. MandrakeSoft has provided patched versions of Apache to correct this vulnerability. Also please note that these packages are no different than those provided in MDKSA-2002:039-1 so if you have already updated, there are no new packages to upgrade. Affected versions: 7.1, 7.2, 8.0, 8.1, 8.2, Corporate Server 1.0.1, Single Network Firewall 7.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2002:039-2 http://httpd.apache.org/info/security_bulletin_20020620.txt http://online.securityfocus.com/news/493 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0392 Risk factor : High CVSS Score: 7.5
Cross-Ref:	BugTraq ID: 5033 Common Vulnerability Exposure (CVE) ID: CVE-2002-0392 BugTraq ID: 20005 http://www.securityfocus.com/bid/20005 http://www.securityfocus.com/bid/5033 Bugtraq: 20020617 Re: ISS Advisory: Remote Compromise Vulnerability in Apache HTTP Server (Google Search) Bugtraq: 20020617 Re: Remote Compromise Vulnerability in Apache HTTP Server (Google Search) Bugtraq: 20020618 Fixed version of Apache 1.3 available (Google Search) Bugtraq: 20020619 Implications of Apache vuln for Oracle (Google Search) Bugtraq: 20020619 Remote Apache 1.3.x Exploit (Google Search) Bugtraq: 20020619 [OpenPKG-SA-2002.004] OpenPKG Security Advisory (apache) (Google Search) http://archives.neohapsis.com/archives/bugtraq/2002-06/0235.html Bugtraq: 20020620 Apache Exploit (Google Search) Bugtraq: 20020620 TSLSA-2002-0056 - apache (Google Search) Bugtraq: 20020621 [SECURITY] Remote exploit for 32-bit Apache HTTP Server known (Google Search) http://online.securityfocus.com/archive/1/278149 Bugtraq: 20020621 [slackware-security] new apache/mod_ssl packages available (Google Search) http://archives.neohapsis.com/archives/bugtraq/2002-06/0266.html Bugtraq: 20020622 Ending a few arguments with one simple attachment. (Google Search) Bugtraq: 20020622 blowchunks - protecting existing apache servers until upgrades arrive (Google Search) Caldera Security Advisory: CSSA-2002-029.0 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-029.0.txt Caldera Security Advisory: CSSA-2002-SCO.31 ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.31 Caldera Security Advisory: CSSA-2002-SCO.32 ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.32 http://www.cert.org/advisories/CA-2002-17.html CERT/CC vulnerability note: VU#944335 http://www.kb.cert.org/vuls/id/944335 COMPAQ Service Security Patch: SSRT2253 Conectiva Linux advisory: CLSA-2002:498 http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000498 Debian Security Information: DSA-131 (Google Search) http://www.debian.org/security/2002/dsa-131 Debian Security Information: DSA-132 (Google Search) http://www.debian.org/security/2002/dsa-132 Debian Security Information: DSA-133 (Google Search) http://www.debian.org/security/2002/dsa-133 En Garde Linux Advisory: ESA-20020619-014 http://www.linuxsecurity.com/advisories/other_advisory-2137.html http://www.frsirt.com/english/advisories/2006/3598 HPdes Security Advisory: HPSBMA02149 http://www2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000083816475 HPdes Security Advisory: HPSBTL0206-049 http://online.securityfocus.com/advisories/4240 HPdes Security Advisory: HPSBUX0207-197 http://online.securityfocus.com/advisories/4257 HPdes Security Advisory: SSRT050968 ISS Security Advisory: 20020617 Remote Compromise Vulnerability in Apache HTTP Server http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:039 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E http://www.osvdb.org/838 RedHat Security Advisories: RHSA-2002:103 http://rhn.redhat.com/errata/RHSA-2002-103.html RedHat Security Advisories: RHSA-2002:117 http://rhn.redhat.com/errata/RHSA-2002-117.html RedHat Security Advisories: RHSA-2002:118 http://rhn.redhat.com/errata/RHSA-2002-118.html http://www.redhat.com/support/errata/RHSA-2002-126.html http://www.redhat.com/support/errata/RHSA-2002-150.html http://www.redhat.com/support/errata/RHSA-2003-106.html http://secunia.com/advisories/21917 SGI Security Advisory: 20020605-01-A ftp://patches.sgi.com/support/free/security/advisories/20020605-01-A SGI Security Advisory: 20020605-01-I ftp://patches.sgi.com/support/free/security/advisories/20020605-01-I SuSE Security Announcement: SuSE-SA:2002:022 (Google Search) http://www.novell.com/linux/security/advisories/2002_22_apache.html http://www.iss.net/security_center/static/9249.php
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.