Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.12255
Kategorie:Gain a shell remotely
Titel:mod_ssl SSL_Util_UUEncode_Binary Overflow
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is using a version of mod_ssl which is
older than 2.8.18.

This version is vulnerable to a flaw which may allow an attacker to disable
the remote web site remotely, or to execute arbitrary code on the remote
host.

*** Note that several Linux distributions patched the old version of
*** this module. Therefore, this alert might be a false positive. Please
*** check with your vendor to determine if you really are vulnerable to
*** this flaw

Solution : Upgrade to version 2.8.18 or newer
Risk factor : Low

Querverweis: BugTraq ID: 10355
Common Vulnerability Exposure (CVE) ID: CVE-2004-0488
http://www.securityfocus.com/bid/10355
Bugtraq: 20040527 [OpenPKG-SA-2004.026] OpenPKG Security Advisory (apache) (Google Search)
http://marc.info/?l=bugtraq&m=108567431823750&w=2
Bugtraq: 20040601 TSSA-2004-008 - apache (Google Search)
http://marc.info/?l=bugtraq&m=108619129727620&w=2
Debian Security Information: DSA-532 (Google Search)
http://www.debian.org/security/2004/dsa-532
https://bugzilla.fedora.us/show_bug.cgi?id=1888
http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021610.html
http://security.gentoo.org/glsa/glsa-200406-05.xml
HPdes Security Advisory: SSRT4777
http://marc.info/?l=bugtraq&m=109181600614477&w=2
HPdes Security Advisory: SSRT4788
http://marc.info/?l=bugtraq&m=109215056218824&w=2
http://www.mandriva.com/security/advisories?name=MDKSA-2004:054
http://www.mandriva.com/security/advisories?name=MDKSA-2004:055
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11458
RedHat Security Advisories: RHSA-2004:245
http://rhn.redhat.com/errata/RHSA-2004-245.html
http://www.redhat.com/support/errata/RHSA-2004-342.html
http://www.redhat.com/support/errata/RHSA-2004-405.html
http://www.redhat.com/support/errata/RHSA-2005-816.html
SGI Security Advisory: 20040605-01-U
ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc
http://www.trustix.net/errata/2004/0031/
XForce ISS Database: apache-modssl-uuencode-bo(16214)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16214
CopyrightThis script is Copyright (C) 2004 Tenable Network Security

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.