Test ID:	1.3.6.1.4.1.25623.1.0.57249
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2006:0619
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2006:0619. The Apache HTTP Server is a popular Web server available for free. A bug was found in Apache where an invalid Expect header sent to the server was returned to the user in an unescaped error message. This could allow an attacker to perform a cross-site scripting attack if a victim was tricked into connecting to a site and sending a carefully crafted Expect header. (CVE-2006-3918) While a web browser cannot be forced to send an arbitrary Expect header by a third-party attacker, it was recently discovered that certain versions of the Flash plugin can manipulate request headers. If users running such versions can be persuaded to load a web page with a malicious Flash applet, a cross-site scripting attack against the server may be possible. On Red Hat Enterprise Linux 3 and 4 systems, due to an unrelated issue in the handling of malformed Expect headers, the page produced by the cross-site scripting attack will only be returned after a timeout expires (2-5 minutes by default) if not first canceled by the user. Users of httpd should update to these erratum packages, which contain a backported patch to correct these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2006-0619.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : Medium CVSS Score: 4.3
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-3918 AIX APAR: PK24631 http://www-1.ibm.com/support/docview.wss?uid=swg1PK24631 AIX APAR: PK27875 http://www-1.ibm.com/support/docview.wss?uid=swg24013080 BugTraq ID: 19661 http://www.securityfocus.com/bid/19661 Bugtraq: 20060508 Unfiltered Header Injection in Apache 1.3.34/2.0.57/2.2.1 (Google Search) http://archives.neohapsis.com/archives/bugtraq/2006-05/0151.html Bugtraq: 20060724 Write-up by Amit Klein: "Forging HTTP request headers with Flash" (Google Search) http://archives.neohapsis.com/archives/bugtraq/2006-07/0425.html Debian Security Information: DSA-1167 (Google Search) http://www.debian.org/security/2006/dsa-1167 HPdes Security Advisory: HPSBOV02683 http://marc.info/?l=bugtraq&m=130497311408250&w=2 HPdes Security Advisory: HPSBUX02465 http://marc.info/?l=bugtraq&m=125631037611762&w=2 HPdes Security Advisory: HPSBUX02612 http://marc.info/?l=bugtraq&m=129190899612998&w=2 HPdes Security Advisory: SSRT090192 HPdes Security Advisory: SSRT090208 HPdes Security Advisory: SSRT100345 https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E OpenBSD Security Advisory: [3.9] 012: SECURITY FIX: October 7, 2006 http://openbsd.org/errata.html#httpd2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10352 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12238 RedHat Security Advisories: RHSA-2006:0618 http://rhn.redhat.com/errata/RHSA-2006-0618.html http://www.redhat.com/support/errata/RHSA-2006-0619.html RedHat Security Advisories: RHSA-2006:0692 http://rhn.redhat.com/errata/RHSA-2006-0692.html http://securitytracker.com/id?1016569 http://www.securitytracker.com/id?1024144 http://secunia.com/advisories/21172 http://secunia.com/advisories/21174 http://secunia.com/advisories/21399 http://secunia.com/advisories/21478 http://secunia.com/advisories/21598 http://secunia.com/advisories/21744 http://secunia.com/advisories/21848 http://secunia.com/advisories/21986 http://secunia.com/advisories/22140 http://secunia.com/advisories/22317 http://secunia.com/advisories/22523 http://secunia.com/advisories/28749 http://secunia.com/advisories/29640 http://secunia.com/advisories/40256 SGI Security Advisory: 20060801-01-P ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P http://securityreason.com/securityalert/1294 SuSE Security Announcement: SUSE-SA:2006:051 (Google Search) http://www.novell.com/linux/security/advisories/2006_51_apache.html SuSE Security Announcement: SUSE-SA:2008:021 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html http://www.ubuntu.com/usn/usn-575-1 http://www.vupen.com/english/advisories/2006/2963 http://www.vupen.com/english/advisories/2006/2964 http://www.vupen.com/english/advisories/2006/3264 http://www.vupen.com/english/advisories/2006/4207 http://www.vupen.com/english/advisories/2006/5089 http://www.vupen.com/english/advisories/2010/1572
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.