ID de Prueba:	1.3.6.1.4.1.25623.1.0.56129
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2006:0158
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2006:0158. The Apache HTTP Server is a popular and freely-available Web server. A flaw in mod_imap when using the Referer directive with image maps was discovered. With certain site configurations, a remote attacker could perform a cross-site scripting attack if a victim can be forced to visit a malicious URL using certain web browsers. The Common Vulnerabilities and Exposures project assigned the name CVE-2005-3352 to this issue. Users of apache should upgrade to these updated packages, which contain a backported patch to correct this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2006-0158.html Risk factor : Medium CVSS Score: 4.3
Referencia Cruzada:	BugTraq ID: 15834 Common Vulnerability Exposure (CVE) ID: CVE-2005-3352 AIX APAR: PK16139 http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only AIX APAR: PK25355 http://www-1.ibm.com/support/search.wss?rs=0&q=PK25355&apar=only http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://www.securityfocus.com/bid/15834 Cert/CC Advisory: TA08-150A http://www.us-cert.gov/cas/techalerts/TA08-150A.html Debian Security Information: DSA-1167 (Google Search) http://www.debian.org/security/2006/dsa-1167 http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html http://www.securityfocus.com/archive/1/425399/100/0/threaded http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml HPdes Security Advisory: HPSBMA02328 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449 HPdes Security Advisory: HPSBOV02683 http://marc.info/?l=bugtraq&m=130497311408250&w=2 HPdes Security Advisory: HPSBUX02145 http://www.securityfocus.com/archive/1/445206/100/0/threaded HPdes Security Advisory: HPSBUX02164 http://www.securityfocus.com/archive/1/450321/100/0/threaded HPdes Security Advisory: HPSBUX02172 http://www.securityfocus.com/archive/1/450315/100/0/threaded HPdes Security Advisory: SSRT061202 HPdes Security Advisory: SSRT061265 HPdes Security Advisory: SSRT061269 HPdes Security Advisory: SSRT071293 HPdes Security Advisory: SSRT090208 http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:007 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E http://www.openpkg.org/security/OpenPKG-SA-2005.029-apache.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10480 http://www.redhat.com/support/errata/RHSA-2006-0158.html RedHat Security Advisories: RHSA-2006:0159 http://rhn.redhat.com/errata/RHSA-2006-0159.html RedHat Security Advisories: RHSA-2006:0692 http://rhn.redhat.com/errata/RHSA-2006-0692.html http://securitytracker.com/id?1015344 http://secunia.com/advisories/17319 http://secunia.com/advisories/18008 http://secunia.com/advisories/18333 http://secunia.com/advisories/18339 http://secunia.com/advisories/18340 http://secunia.com/advisories/18429 http://secunia.com/advisories/18517 http://secunia.com/advisories/18526 http://secunia.com/advisories/18585 http://secunia.com/advisories/18743 http://secunia.com/advisories/19012 http://secunia.com/advisories/20046 http://secunia.com/advisories/20670 http://secunia.com/advisories/21744 http://secunia.com/advisories/22140 http://secunia.com/advisories/22368 http://secunia.com/advisories/22388 http://secunia.com/advisories/22669 http://secunia.com/advisories/23260 http://secunia.com/advisories/25239 http://secunia.com/advisories/29420 http://secunia.com/advisories/29849 http://secunia.com/advisories/30430 SGI Security Advisory: 20060101-01-U ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.685483 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.470158 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1 SuSE Security Announcement: SUSE-SA:2006:043 (Google Search) http://www.novell.com/linux/security/advisories/2006_43_apache.html SuSE Security Announcement: SUSE-SR:2006:004 (Google Search) http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html SuSE Security Announcement: SUSE-SR:2007:011 (Google Search) http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html http://www.trustix.org/errata/2005/0074/ http://www.ubuntulinux.org/usn/usn-241-1 http://www.vupen.com/english/advisories/2005/2870 http://www.vupen.com/english/advisories/2006/2423 http://www.vupen.com/english/advisories/2006/3995 http://www.vupen.com/english/advisories/2006/4015 http://www.vupen.com/english/advisories/2006/4300 http://www.vupen.com/english/advisories/2006/4868 http://www.vupen.com/english/advisories/2008/0924/references http://www.vupen.com/english/advisories/2008/1246/references http://www.vupen.com/english/advisories/2008/1697
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.