English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.57189
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-328-1 (apache2)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to apache2
announced via advisory USN-328-1.

A security issue affects the following Ubuntu releases:

Ubuntu 5.04
Ubuntu 5.10
Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

Mark Dowd discovered an off-by-one buffer overflow in the mod_rewrite
module's ldap scheme handling. On systems which activate
RewriteEngine on, a remote attacker could exploit certain rewrite
rules to crash Apache, or potentially even execute arbitrary code
(this has not been verified).

RewriteEngine on is disabled by default. Systems which have this
directive disabled are not affected at all.

Solution:
The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.04:
apache2-mpm-perchild 2.0.53-5ubuntu5.6
apache2-mpm-prefork 2.0.53-5ubuntu5.6
apache2-mpm-threadpool 2.0.53-5ubuntu5.6
apache2-mpm-worker 2.0.53-5ubuntu5.6

Ubuntu 5.10:
apache2-mpm-perchild 2.0.54-5ubuntu4.1
apache2-mpm-prefork 2.0.54-5ubuntu4.1
apache2-mpm-threadpool 2.0.54-5ubuntu4.1
apache2-mpm-worker 2.0.54-5ubuntu4.1

Ubuntu 6.06 LTS:
apache2-mpm-perchild 2.0.55-4ubuntu2.1
apache2-mpm-prefork 2.0.55-4ubuntu2.1
apache2-mpm-worker 2.0.55-4ubuntu2.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-328-1

Risk factor : High

CVSS Score:
7.6

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-3747
1016601
http://securitytracker.com/id?1016601
102662
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1
102663
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1
1312
http://securityreason.com/securityalert/1312
19204
http://www.securityfocus.com/bid/19204
2006-0044
http://lwn.net/Alerts/194228/
20060728 Apache 1.3.29/2.X mod_rewrite Buffer Overflow Vulnerability CVE-2006-3747
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.html
20060728 Apache mod_rewrite Buffer Overflow Vulnerability
http://www.securityfocus.com/archive/1/441487/100/0/threaded
20060728 [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.html
http://www.securityfocus.com/archive/1/441485/100/0/threaded
20060728 rPSA-2006-0139-1 httpd mod_ssl
http://www.securityfocus.com/archive/1/441526/100/200/threaded
20060820 POC & exploit for Apache mod_rewrite off-by-one
http://www.securityfocus.com/archive/1/443870/100/0/threaded
21197
http://secunia.com/advisories/21197
21241
http://secunia.com/advisories/21241
21245
http://secunia.com/advisories/21245
21247
http://secunia.com/advisories/21247
21266
http://secunia.com/advisories/21266
21273
http://secunia.com/advisories/21273
21284
http://secunia.com/advisories/21284
21307
http://secunia.com/advisories/21307
21313
http://secunia.com/advisories/21313
21315
http://secunia.com/advisories/21315
21346
http://secunia.com/advisories/21346
21478
http://secunia.com/advisories/21478
21509
http://secunia.com/advisories/21509
22262
http://secunia.com/advisories/22262
22368
http://secunia.com/advisories/22368
22388
http://secunia.com/advisories/22388
22523
http://secunia.com/advisories/22523
23028
http://secunia.com/advisories/23028
23260
http://secunia.com/advisories/23260
26329
http://secunia.com/advisories/26329
27588
http://www.osvdb.org/27588
29420
http://secunia.com/advisories/29420
29849
http://secunia.com/advisories/29849
30430
http://secunia.com/advisories/30430
ADV-2006-3017
http://www.vupen.com/english/advisories/2006/3017
ADV-2006-3264
http://www.vupen.com/english/advisories/2006/3264
ADV-2006-3282
http://www.vupen.com/english/advisories/2006/3282
ADV-2006-3884
http://www.vupen.com/english/advisories/2006/3884
ADV-2006-3995
http://www.vupen.com/english/advisories/2006/3995
ADV-2006-4015
http://www.vupen.com/english/advisories/2006/4015
ADV-2006-4207
http://www.vupen.com/english/advisories/2006/4207
ADV-2006-4300
http://www.vupen.com/english/advisories/2006/4300
ADV-2006-4868
http://www.vupen.com/english/advisories/2006/4868
ADV-2007-2783
http://www.vupen.com/english/advisories/2007/2783
ADV-2008-0924
http://www.vupen.com/english/advisories/2008/0924/references
ADV-2008-1246
http://www.vupen.com/english/advisories/2008/1246/references
ADV-2008-1697
http://www.vupen.com/english/advisories/2008/1697
APPLE-SA-2008-03-18
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
APPLE-SA-2008-05-28
http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
DSA-1131
http://www.debian.org/security/2006/dsa-1131
DSA-1132
http://www.debian.org/security/2006/dsa-1132
GLSA-200608-01
http://security.gentoo.org/glsa/glsa-200608-01.xml
HPSBMA02250
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771
HPSBMA02328
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449
HPSBOV02683
http://marc.info/?l=bugtraq&m=130497311408250&w=2
HPSBUX02145
http://www.securityfocus.com/archive/1/445206/100/0/threaded
HPSBUX02164
http://www.securityfocus.com/archive/1/450321/100/0/threaded
MDKSA-2006:133
http://www.mandriva.com/security/advisories?name=MDKSA-2006:133
OpenPKG-SA-2006.015
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html
PK27875
http://www-1.ibm.com/support/docview.wss?uid=swg24013080
PK29154
http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154
PK29156
http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156
SSRT061202
SSRT061265
SSRT061275
SSRT071293
SSRT090208
SUSE-SA:2006:043
http://www.novell.com/linux/security/advisories/2006_43_apache.html
TA08-150A
http://www.us-cert.gov/cas/techalerts/TA08-150A.html
USN-328-1
http://www.ubuntu.com/usn/usn-328-1
VU#395412
http://www.kb.cert.org/vuls/id/395412
[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073139 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1073149 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210330 svn commit: r1888194 [4/13] - /httpd/site/trunk/content/security/json/
https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
apache-modrewrite-offbyone-bo(28063)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28063
http://docs.info.apple.com/article.html?artnum=307562
http://kbase.redhat.com/faq/FAQ_68_8653.shtm
http://svn.apache.org/viewvc?view=rev&revision=426144
http://www-1.ibm.com/support/docview.wss?uid=swg27007951
http://www.apache.org/dist/httpd/Announcement2.0.html
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117
https://issues.rpath.com/browse/RPL-538
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.