Test Kennung:	1.3.6.1.4.1.25623.1.0.883102
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for httpd CESA-2019:2343 centos7
Zusammenfassung:	The remote host is missing an update for the 'httpd'; package(s) announced via the CESA-2019:2343 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'httpd' package(s) announced via the CESA-2019:2343 advisory. Vulnerability Insight: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * httpd: mod_auth_digest: access control bypass due to race condition (CVE-2019-0217) * httpd: URL normalization inconsistency (CVE-2019-0220) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. Affected Software/OS: 'httpd' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 6.0 CVSS Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-0217 BugTraq ID: 107668 http://www.securityfocus.com/bid/107668 Bugtraq: 20190403 [SECURITY] [DSA 4422-1] apache2 security update (Google Search) https://seclists.org/bugtraq/2019/Apr/5 Debian Security Information: DSA-4422 (Google Search) https://www.debian.org/security/2019/dsa-4422 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/ https://bugzilla.redhat.com/show_bug.cgi?id=1695020 https://httpd.apache.org/security/vulnerabilities_24.html https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html https://lists.debian.org/debian-lts-announce/2019/04/msg00008.html https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/e0b8f6e858b1c8ec2ce8e291a2c543d438915037c7af661ab6d33808@%3Cdev.httpd.apache.org%3E http://www.openwall.com/lists/oss-security/2019/04/02/5 RedHat Security Advisories: RHSA-2019:2343 https://access.redhat.com/errata/RHSA-2019:2343 RedHat Security Advisories: RHSA-2019:3436 https://access.redhat.com/errata/RHSA-2019:3436 RedHat Security Advisories: RHSA-2019:3932 https://access.redhat.com/errata/RHSA-2019:3932 RedHat Security Advisories: RHSA-2019:3933 https://access.redhat.com/errata/RHSA-2019:3933 RedHat Security Advisories: RHSA-2019:3935 https://access.redhat.com/errata/RHSA-2019:3935 RedHat Security Advisories: RHSA-2019:4126 https://access.redhat.com/errata/RHSA-2019:4126 SuSE Security Announcement: openSUSE-SU-2019:1190 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html SuSE Security Announcement: openSUSE-SU-2019:1209 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html SuSE Security Announcement: openSUSE-SU-2019:1258 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html https://usn.ubuntu.com/3937-1/ https://usn.ubuntu.com/3937-2/ Common Vulnerability Exposure (CVE) ID: CVE-2019-0220 BugTraq ID: 107670 http://www.securityfocus.com/bid/107670 https://security.netapp.com/advisory/ntap-20190625-0007/ https://support.f5.com/csp/article/K44591505 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/security-alerts/cpujul2022.html https://lists.apache.org/thread.html/r31f46d1f16ffcafa68058596b21f6eaf6d352290e522690a1cdccdd7@%3Cbugs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9@%3Ccvs.httpd.apache.org%3E http://www.openwall.com/lists/oss-security/2019/04/02/6 RedHat Security Advisories: RHSA-2020:0250 https://access.redhat.com/errata/RHSA-2020:0250 RedHat Security Advisories: RHSA-2020:0251 https://access.redhat.com/errata/RHSA-2020:0251
Copyright	Copyright (C) 2019 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.