Web Servers : Apache Multiple Security Vulnerabilities

Price/Feature Summary | Order | New Vulnerabilities | Confidentiality | Vulnerability Search

Vulnerability Search		Search 61204 CVE descriptions and 32582 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.100514

Category: Web Servers

Title: Apache Multiple Security Vulnerabilities

Summary: Determine if installed Apache version is <= 2.2.14

Description: Overview:
Apache is prone to multiple vulnerabilities.

These issues may lead to information disclosure or other attacks.

Apache versions prior to 2.2.15-dev are affected.

Solution:
These issues have been addressed in Apache 2.2.15-dev. Apache 2.2.15
including fixes will become available in the future as well. Please
see the references for more information.

References:
http://www.securityfocus.com/bid/38494
http://httpd.apache.org/security/vulnerabilities_22.html
http://httpd.apache.org/
https://issues.apache.org/bugzilla/show_bug.cgi?id=48359
http://svn.apache.org/viewvc?view=revision&revision=917870

Cross-Ref: BugTraq ID: 38494
BugTraq ID: 38491
Common Vulnerability Exposure (CVE) ID: CVE-2010-0425
http://lists.vmware.com/pipermail/security-announce/2010/000105.html
http://www.senseofsecurity.com.au/advisories/SOS-10-002
AIX APAR: PM09447
http://www-01.ibm.com/support/docview.wss?uid=swg1PM09447
AIX APAR: PM12247
http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247
CERT/CC vulnerability note: VU#280613
http://www.kb.cert.org/vuls/id/280613
http://www.securityfocus.com/bid/38494
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8439
http://www.securitytracker.com/id?1023701
http://secunia.com/advisories/38978
http://secunia.com/advisories/39628
http://www.vupen.com/english/advisories/2010/0634
http://www.vupen.com/english/advisories/2010/0994
XForce ISS Database: apache-http-modisapi-ocp-unspecified(56624)
http://xforce.iss.net/xforce/xfdb/56624
Common Vulnerability Exposure (CVE) ID: CVE-2010-0434
AIX APAR: PM08939
http://www-01.ibm.com/support/docview.wss?uid=swg1PM08939
AIX APAR: PM15829
http://www-01.ibm.com/support/docview.wss?uid=swg1PM15829
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
Debian Security Information: DSA-2035 (Google Search)
http://www.debian.org/security/2010/dsa-2035
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html
http://www.redhat.com/support/errata/RHSA-2010-0168.html
http://www.redhat.com/support/errata/RHSA-2010-0175.html
SuSE Security Announcement: SUSE-SR:2010:010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10358
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8695
http://secunia.com/advisories/39632
http://secunia.com/advisories/39656
http://secunia.com/advisories/39501
http://secunia.com/advisories/40096
http://secunia.com/advisories/39100
http://secunia.com/advisories/39115
http://www.vupen.com/english/advisories/2010/1001
http://www.vupen.com/english/advisories/2010/1057
http://www.vupen.com/english/advisories/2010/0911
http://www.vupen.com/english/advisories/2010/1411
XForce ISS Database: apache-http-rh-info-disclosure(56625)
http://xforce.iss.net/xforce/xfdb/56625
Common Vulnerability Exposure (CVE) ID: CVE-2010-0408
http://www.mandriva.com/security/advisories?name=MDVSA-2010:053
http://www.securityfocus.com/bid/38491
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8619
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9935

Copyright This script is Copyright (C) 2010 Greenbone Networks GmbH

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

New User Registration
Email:

UserID:

Passwd:

Please email me your monthly newsletters, informing the latest services, improvements & surveys.

Please email me a vulnerability test announcement whenever a new test is added.

Privacy

Registered User Login

UserID:

Passwd:

Forgot userid or passwd?

Email/Userid:

Test ID:	1.3.6.1.4.1.25623.1.0.100514
Category:	Web Servers
Title:	Apache Multiple Security Vulnerabilities
Summary:	Determine if installed Apache version is <= 2.2.14
Description:	Overview: Apache is prone to multiple vulnerabilities. These issues may lead to information disclosure or other attacks. Apache versions prior to 2.2.15-dev are affected. Solution: These issues have been addressed in Apache 2.2.15-dev. Apache 2.2.15 including fixes will become available in the future as well. Please see the references for more information. References: http://www.securityfocus.com/bid/38494 http://httpd.apache.org/security/vulnerabilities_22.html http://httpd.apache.org/ https://issues.apache.org/bugzilla/show_bug.cgi?id=48359 http://svn.apache.org/viewvc?view=revision&revision=917870
Cross-Ref:	BugTraq ID: 38494 BugTraq ID: 38491 Common Vulnerability Exposure (CVE) ID: CVE-2010-0425 http://lists.vmware.com/pipermail/security-announce/2010/000105.html http://www.senseofsecurity.com.au/advisories/SOS-10-002 AIX APAR: PM09447 http://www-01.ibm.com/support/docview.wss?uid=swg1PM09447 AIX APAR: PM12247 http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247 CERT/CC vulnerability note: VU#280613 http://www.kb.cert.org/vuls/id/280613 http://www.securityfocus.com/bid/38494 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8439 http://www.securitytracker.com/id?1023701 http://secunia.com/advisories/38978 http://secunia.com/advisories/39628 http://www.vupen.com/english/advisories/2010/0634 http://www.vupen.com/english/advisories/2010/0994 XForce ISS Database: apache-http-modisapi-ocp-unspecified(56624) http://xforce.iss.net/xforce/xfdb/56624 Common Vulnerability Exposure (CVE) ID: CVE-2010-0434 AIX APAR: PM08939 http://www-01.ibm.com/support/docview.wss?uid=swg1PM08939 AIX APAR: PM15829 http://www-01.ibm.com/support/docview.wss?uid=swg1PM15829 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html Debian Security Information: DSA-2035 (Google Search) http://www.debian.org/security/2010/dsa-2035 http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html http://www.redhat.com/support/errata/RHSA-2010-0168.html http://www.redhat.com/support/errata/RHSA-2010-0175.html SuSE Security Announcement: SUSE-SR:2010:010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10358 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8695 http://secunia.com/advisories/39632 http://secunia.com/advisories/39656 http://secunia.com/advisories/39501 http://secunia.com/advisories/40096 http://secunia.com/advisories/39100 http://secunia.com/advisories/39115 http://www.vupen.com/english/advisories/2010/1001 http://www.vupen.com/english/advisories/2010/1057 http://www.vupen.com/english/advisories/2010/0911 http://www.vupen.com/english/advisories/2010/1411 XForce ISS Database: apache-http-rh-info-disclosure(56625) http://xforce.iss.net/xforce/xfdb/56625 Common Vulnerability Exposure (CVE) ID: CVE-2010-0408 http://www.mandriva.com/security/advisories?name=MDVSA-2010:053 http://www.securityfocus.com/bid/38491 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8619 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9935
Copyright	This script is Copyright (C) 2010 Greenbone Networks GmbH