Test Kennung:	1.3.6.1.4.1.25623.1.0.122866
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2015-1666)
Zusammenfassung:	The remote host is missing an update for the 'httpd24-httpd' package(s) announced via the ELSA-2015-1666 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'httpd24-httpd' package(s) announced via the ELSA-2015-1666 advisory. Vulnerability Insight: [2.4.12-6.0.1.el7.1] - replace index.html with Oracles index page oracle_index.html - update vstring in specfile [2.4.12-6.1] - core: fix chunk header parsing defect (CVE-2015-3183) - core: replace of ap_some_auth_required with ap_some_authn_required and ap_force_authn hook (CVE-2015-3185) - core: fix pointer dereference crash with ErrorDocument 400 pointing to a local URL-path (CVE-2015-0253) - mod_lua: fix possible mod_lua crash due to websocket bug (CVE-2015-0228) [2.4.12-6] - remove old sslsninotreq patch (#1199040) [2.4.12-5] - fix wrong path to document root in httpd.conf (#1196559) [2.4.12-4] - fix SELinux context of httpd-scl-wrapper (#1193456) [2.4.12-3] - include apr_skiplist and build against system APR/APR-util (#1187646) [2.4.12-2] - rebuild against new APR/APR-util (#1187646) [2.4.12-1] - update to version 2.4.12 - fix possible crash in SIGINT handling (#1184034) [2.4.10-2] - allow enabling additional SCLs using service-environment file - enable mod_request by default for mod_auth_form - move disabled-by-default modules from 00-base.conf to 00-optional.conf [2.4.10-1] - update to 2.4.10 - remove mod_proxy_html obsolete (#1174790) - remove dbmmanage from httpd-tools (#1151375) - add slash before root_libexecdir macro (#1149076) - ab: fix integer overflow when printing stats with lot of requests (#1091650) - mod_ssl: use 2048-bit RSA key with SHA-256 signature in dummy certificate (#1079925) Affected Software/OS: 'httpd24-httpd' package(s) on Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-0228 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html BugTraq ID: 73041 http://www.securityfocus.com/bid/73041 BugTraq ID: 91787 http://www.securityfocus.com/bid/91787 https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E RedHat Security Advisories: RHSA-2015:1666 http://rhn.redhat.com/errata/RHSA-2015-1666.html http://www.securitytracker.com/id/1032967 SuSE Security Announcement: openSUSE-SU-2015:0418 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-03/msg00006.html http://www.ubuntu.com/usn/USN-2523-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-0253 BugTraq ID: 75964 http://www.securityfocus.com/bid/75964 https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9@%3Ccvs.httpd.apache.org%3E Common Vulnerability Exposure (CVE) ID: CVE-2015-3183 BugTraq ID: 75963 http://www.securityfocus.com/bid/75963 Debian Security Information: DSA-3325 (Google Search) http://www.debian.org/security/2015/dsa-3325 https://security.gentoo.org/glsa/201610-02 HPdes Security Advisory: HPSBUX03512 http://marc.info/?l=bugtraq&m=144493176821532&w=2 HPdes Security Advisory: SSRT102254 https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E RedHat Security Advisories: RHSA-2015:1667 http://rhn.redhat.com/errata/RHSA-2015-1667.html RedHat Security Advisories: RHSA-2015:1668 http://rhn.redhat.com/errata/RHSA-2015-1668.html RedHat Security Advisories: RHSA-2015:2659 https://access.redhat.com/errata/RHSA-2015:2659 RedHat Security Advisories: RHSA-2015:2660 https://access.redhat.com/errata/RHSA-2015:2660 RedHat Security Advisories: RHSA-2015:2661 http://rhn.redhat.com/errata/RHSA-2015-2661.html RedHat Security Advisories: RHSA-2016:0061 http://rhn.redhat.com/errata/RHSA-2016-0061.html RedHat Security Advisories: RHSA-2016:0062 http://rhn.redhat.com/errata/RHSA-2016-0062.html RedHat Security Advisories: RHSA-2016:2054 http://rhn.redhat.com/errata/RHSA-2016-2054.html RedHat Security Advisories: RHSA-2016:2055 http://rhn.redhat.com/errata/RHSA-2016-2055.html RedHat Security Advisories: RHSA-2016:2056 http://rhn.redhat.com/errata/RHSA-2016-2056.html SuSE Security Announcement: openSUSE-SU-2015:1684 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html http://www.ubuntu.com/usn/USN-2686-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-3185 http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html BugTraq ID: 75965 http://www.securityfocus.com/bid/75965 https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3Ccvs.httpd.apache.org%3E RedHat Security Advisories: RHSA-2016:2957 http://rhn.redhat.com/errata/RHSA-2016-2957.html RedHat Security Advisories: RHSA-2017:2708 https://access.redhat.com/errata/RHSA-2017:2708 RedHat Security Advisories: RHSA-2017:2709 https://access.redhat.com/errata/RHSA-2017:2709 RedHat Security Advisories: RHSA-2017:2710 https://access.redhat.com/errata/RHSA-2017:2710
Copyright	Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.