English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 148472 CVE descriptions
and 72306 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2007-41
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 07 Aug 2007
 Last revised: 07 Aug 2007

 Package: httpd

 Summary: Two vulnerabilities discovered in httpd

 More information:
    Apache is a powerful, full-featured, efficient, and freely-available
    Web server. Apache is also the most popular Web server on the Internet.

    Remote attackers to cause a denial of service
    Cross-site scripting (XSS) vulnerability.

 Impact:
    This vulnerability allows allows remote attackers to inject arbitrary 
    web script or HTML and child processing handler crash.


 Affected Products:
    - Turbolinux Appliance Server 2.0
    - Turbolinux FUJI
    - Turbolinux 10 Server x64 Edition
    - Turbolinux 10 Server


 <Turbolinux Appliance Server 2.0>

   Source Packages
   Size: MD5

   httpd-2.0.51-30.src.rpm
      6854014 4b4cb201e4d71b84b9f1f0f82518e5f9

   Binary Packages
   Size: MD5

   httpd-2.0.51-30.i586.rpm
      1032164 110764687502bb75c2e95e0df186ba6e
   httpd-devel-2.0.51-30.i586.rpm
       224972 2b90b44857ebe37b16d6197ffb529d63
   httpd-manual-2.0.51-30.i586.rpm
      1132620 a304f692b4143b5440fd3acccdd45bc4
   mod_ssl-2.0.51-30.i586.rpm
        89176 8b0c7a75a1b0b5e0e7d36de70496f17d
   mod_bwshare-2.0.51-30.i586.rpm
        41207 a8da235064c933641e85338c6667a1ff

 <Turbolinux FUJI>

   Source Packages
   Size: MD5

   httpd-2.0.54-17.src.rpm
      7620033 1374e44156ce4b0b5064689ba1bda9ae

   Binary Packages
   Size: MD5

   httpd-2.0.54-17.i686.rpm
      1265575 eb061c31484d53f2803eacedbd4d7767
   httpd-devel-2.0.54-17.i686.rpm
       277077 d17f066857cf0ead09502197a26ddc8c

 <Turbolinux 10 Server x64 Edition>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/httpd-2.0.51-30.src.rpm
      6854014 68ac7689a65fb2f6e4a96ec52dff2b8f

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/httpd-2.0.51-30.x86_64.rpm
      1143226 7e7b4f13c90ef56a8bd72bd02bb445aa
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/httpd-debug-2.0.51-30.x86_64.rpm
      3533816 595a4398fff37ea2c405f712374efafb
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/httpd-devel-2.0.51-30.x86_64.rpm
       225087 637868220f5d8063856d007d6f26c5ec
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/httpd-manual-2.0.51-30.x86_64.rpm
      1132302 960e4b49f20aa8ed360eef7211116e1c
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/mod_ssl-2.0.51-30.x86_64.rpm
        96783 ad928a276238e665b8830c9d30c3443c
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/mod_bwshare-2.0.51-30.x86_64.rpm
        41966 6c23f3e10e7ef0994a9cde7403b9dfdc

 <Turbolinux 10 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/httpd-2.0.51-30.src.rpm
      6854014 4b4cb201e4d71b84b9f1f0f82518e5f9

   Binary Packages
   Size: MD5

   httpd-2.0.51-30.i586.rpm
      1032164 110764687502bb75c2e95e0df186ba6e
   httpd-debug-2.0.51-30.i586.rpm
      3541681 ccc1de6b41e8a74716f98544c630020b
   httpd-devel-2.0.51-30.i586.rpm
       224972 2b90b44857ebe37b16d6197ffb529d63
   httpd-manual-2.0.51-30.i586.rpm
      1132620 a304f692b4143b5440fd3acccdd45bc4
   mod_ssl-2.0.51-30.i586.rpm
        89176 8b0c7a75a1b0b5e0e7d36de70496f17d
   mod_bwshare-2.0.51-30.i586.rpm
        41207 a8da235064c933641e85338c6667a1ff


 References:

 CVE
   [CVE-2007-1863]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863
   [CVE-2006-5752]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752

 --------------------------------------------------------------------------
 Revision History
    07 Aug 2007 Initial release
 --------------------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGuBOsK0LzjOqIJMwRAnujAKCCO7GfVvWCYHc59uQQUVP+4mssZACgoRIa
tPGLVm0egU2+x5t1oA2dZxA=
=tQFy
-----END PGP SIGNATURE-----

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.