Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.53903
Kategorie:Slackware Local Security Checks
Titel:Slackware Advisory SSA:2004-299-01 apache, mod_ssl, php
Zusammenfassung:The remote host is missing an update as announced;via advisory SSA:2004-299-01.
Beschreibung:Summary:
The remote host is missing an update as announced
via advisory SSA:2004-299-01.

Vulnerability Insight:
New apache and mod_ssl packages are available for Slackware 8.1, 9.0, 9.1,
10.0, and -current to fix security issues. Apache has been upgraded to
version 1.3.32 which fixes a heap-based buffer overflow in mod_proxy.
mod_ssl was upgraded from version mod_ssl-2.8.19-1.3.31 to version
2.8.21-1.3.32 which corrects a flaw allowing a client to use a cipher
which the server does not consider secure enough.

A new PHP package (php-4.3.9) is also available for all of these platforms.

Solution:
Upgrade to the new package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2004-0492
Bugtraq: 20040611 [OpenPKG-SA-2004.029] OpenPKG Security Advisory (apache) (Google Search)
http://marc.info/?l=bugtraq&m=108711172710140&w=2
CERT/CC vulnerability note: VU#541310
http://www.kb.cert.org/vuls/id/541310
Debian Security Information: DSA-525 (Google Search)
http://www.debian.org/security/2004/dsa-525
https://bugzilla.fedora.us/show_bug.cgi?id=1737
http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html
HPdes Security Advisory: HPSBOV02683
http://marc.info/?l=bugtraq&m=130497311408250&w=2
HPdes Security Advisory: SSRT090208
http://www.mandriva.com/security/advisories?name=MDKSA-2004:065
http://www.guninski.com/modproxy1.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863
RedHat Security Advisories: RHSA-2004:245
http://rhn.redhat.com/errata/RHSA-2004-245.html
http://secunia.com/advisories/11841
SGI Security Advisory: 20040605-01-U
ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1
XForce ISS Database: apache-modproxy-contentlength-bo(16387)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16387
Common Vulnerability Exposure (CVE) ID: CVE-2004-0885
http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
BugTraq ID: 11360
http://www.securityfocus.com/bid/11360
Bugtraq: 20041015 [OpenPKG-SA-2004.044] OpenPKG Security Advisory (modssl) (Google Search)
http://marc.info/?l=bugtraq&m=109786159119069&w=2
HPdes Security Advisory: HPSBUX01123
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01123
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10384
http://www.redhat.com/support/errata/RHSA-2004-562.html
http://www.redhat.com/support/errata/RHSA-2004-600.html
http://www.redhat.com/support/errata/RHSA-2005-816.html
http://www.redhat.com/support/errata/RHSA-2008-0261.html
http://secunia.com/advisories/19072
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1
http://www.ubuntu.com/usn/usn-177-1
http://www.vupen.com/english/advisories/2006/0789
XForce ISS Database: apache-sslciphersuite-restriction-bypass(17671)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17671
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.