English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.55022
Category:Turbolinux Local Security Tests
Title:Turbolinux TLSA-2005-81 (apache, httpd)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to apache, httpd
announced via advisory TLSA-2005-81.

Apache is a powerful, full-featured, efficient, and freely-available
Web server. Apache is also the most popular Web server on the Internet.

- A vulnerability in the manner in which mod_ssl handles CRL
could allow remote attackers to cause a denial of service.
- The apache, when acting as an HTTP proxy, allows remote attackers to poison the web cache,
bypass web application firewall protection, and conduct XSS attacks via an HTTP request.

These vulerabilities allow remote attackers to cause a denial of service.

Solution: Please use the turbopkg (zabom) tool to apply the update.
http://www.securityspace.com/smysecure/catid.html?in=TLSA-2005-81

Risk factor : Medium

CVSS Score:
5.0

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2005-1268
102198
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1
14366
http://www.securityfocus.com/bid/14366
19072
http://secunia.com/advisories/19072
19185
http://secunia.com/advisories/19185
604
http://securityreason.com/securityalert/604
ADV-2006-0789
http://www.vupen.com/english/advisories/2006/0789
DSA-805
http://www.debian.org/security/2005/dsa-805
HPSBUX02074
http://www.securityfocus.com/archive/1/428138/100/0/threaded
MDKSA-2005:129
http://www.mandriva.com/security/advisories?name=MDKSA-2005:129
RHSA-2005:582
http://rhn.redhat.com/errata/RHSA-2005-582.html
SSRT051251
SUSE-SA:2005:046
http://www.novell.com/linux/security/advisories/2005_46_apache.html
SUSE-SR:2005:018
http://www.novell.com/linux/security/advisories/2005_18_sr.html
TSLSA-2005-0059
http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073149 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/
https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E
http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=163013
oval:org.mitre.oval:def:1346
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1346
oval:org.mitre.oval:def:1714
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1714
oval:org.mitre.oval:def:1747
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1747
oval:org.mitre.oval:def:9589
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9589
Common Vulnerability Exposure (CVE) ID: CVE-2005-2088
1014323
http://securitytracker.com/id?1014323
102197
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1
14106
http://www.securityfocus.com/bid/14106
14530
http://secunia.com/advisories/14530
15647
http://www.securityfocus.com/bid/15647
17319
http://secunia.com/advisories/17319
17487
http://secunia.com/advisories/17487
17813
http://secunia.com/advisories/17813
19073
http://secunia.com/advisories/19073
19317
http://secunia.com/advisories/19317
20050606 A new whitepaper by Watchfire - HTTP Request Smuggling
http://seclists.org/lists/bugtraq/2005/Jun/0025.html
23074
http://secunia.com/advisories/23074
ADV-2005-2140
http://www.vupen.com/english/advisories/2005/2140
ADV-2005-2659
http://www.vupen.com/english/advisories/2005/2659
ADV-2006-1018
http://www.vupen.com/english/advisories/2006/1018
ADV-2006-4680
http://www.vupen.com/english/advisories/2006/4680
APPLE-SA-2005-11-29
http://docs.info.apple.com/article.html?artnum=302847
DSA-803
http://www.debian.org/security/2005/dsa-803
HPSBUX02101
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00612828
MDKSA-2005:130
http://www.mandriva.com/security/advisories?name=MDKSA-2005:130
PK13959
http://www-1.ibm.com/support/search.wss?rs=0&q=PK13959&apar=only
PK16139
http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only
http://www.redhat.com/support/errata/RHSA-2005-582.html
SSA:2005-310-04
http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.600000
SSRT051128
USN-160-2
http://www.ubuntu.com/usn/usn-160-2
[apache-httpd-announce] 20051014 Apache HTTP Server 2.0.55 Released
http://marc.info/?l=apache-httpd-announce&m=112931556417329&w=3
http://www.apache.org/dist/httpd/CHANGES_1.3
http://www.apache.org/dist/httpd/CHANGES_2.0
http://www.securiteam.com/securityreviews/5GP0220G0U.html
http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf
https://secure-support.novell.com/KanisaPlatform/Publishing/741/3222109_f.SAL_Public.html
oval:org.mitre.oval:def:11452
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11452
oval:org.mitre.oval:def:1237
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1237
oval:org.mitre.oval:def:1526
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1526
oval:org.mitre.oval:def:1629
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1629
oval:org.mitre.oval:def:840
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A840
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.