CGI abuses : mod_ssl wildcard DNS cross site scripting vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.11622

Categoría: CGI abuses

Título: mod_ssl wildcard DNS cross site scripting vulnerability

Resumen: NOSUMMARY

Descripción: Description:

The remote host is using a version of mod_ssl which is
older than 2.8.10.

This version is vulnerable to a flaw which may allow an
attacker to successfully perform a cross site scripting attack
under some circumstances.

*** Note that several Linux distributions (such as RedHat)
*** patched the old version of this module. Therefore, this
*** might be a false positive. Please check with your vendor
*** to determine if you really are vulnerable to this flaw

Solution : Upgrade to version 2.8.10 or newer
Risk factor : Low

Referencia Cruzada: BugTraq ID: 6029
Common Vulnerability Exposure (CVE) ID: CVE-2002-1157
http://www.securityfocus.com/bid/6029
Bugtraq: 20021023 [OpenPKG-SA-2002.010] OpenPKG Security Advisory (apache) (Google Search)
http://online.securityfocus.com/archive/1/296753
Bugtraq: 20021026 GLSA: mod_ssl (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2002-10/0374.html
Conectiva Linux advisory: CLA-2002:541
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000541
Debian Security Information: DSA-181 (Google Search)
http://www.debian.org/security/2002/dsa-181
En Garde Linux Advisory: ESA-20021029-027
http://www.linuxsecurity.com/advisories/other_advisory-2512.html
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-072.php
http://www.osvdb.org/2107
http://www.redhat.com/support/errata/RHSA-2002-222.html
http://www.redhat.com/support/errata/RHSA-2002-243.html
http://www.redhat.com/support/errata/RHSA-2002-244.html
http://www.redhat.com/support/errata/RHSA-2002-248.html
http://www.redhat.com/support/errata/RHSA-2002-251.html
http://www.redhat.com/support/errata/RHSA-2003-106.html
http://www.iss.net/security_center/static/10457.php

Copyright This script is Copyright (C) 2003 Tenable Network Security

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.11622
Categoría:	CGI abuses
Título:	mod_ssl wildcard DNS cross site scripting vulnerability
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is using a version of mod_ssl which is older than 2.8.10. This version is vulnerable to a flaw which may allow an attacker to successfully perform a cross site scripting attack under some circumstances. * Note that several Linux distributions (such as RedHat) * patched the old version of this module. Therefore, this * might be a false positive. Please check with your vendor * to determine if you really are vulnerable to this flaw Solution : Upgrade to version 2.8.10 or newer Risk factor : Low
Referencia Cruzada:	BugTraq ID: 6029 Common Vulnerability Exposure (CVE) ID: CVE-2002-1157 http://www.securityfocus.com/bid/6029 Bugtraq: 20021023 [OpenPKG-SA-2002.010] OpenPKG Security Advisory (apache) (Google Search) http://online.securityfocus.com/archive/1/296753 Bugtraq: 20021026 GLSA: mod_ssl (Google Search) http://archives.neohapsis.com/archives/bugtraq/2002-10/0374.html Conectiva Linux advisory: CLA-2002:541 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000541 Debian Security Information: DSA-181 (Google Search) http://www.debian.org/security/2002/dsa-181 En Garde Linux Advisory: ESA-20021029-027 http://www.linuxsecurity.com/advisories/other_advisory-2512.html http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-072.php http://www.osvdb.org/2107 http://www.redhat.com/support/errata/RHSA-2002-222.html http://www.redhat.com/support/errata/RHSA-2002-243.html http://www.redhat.com/support/errata/RHSA-2002-244.html http://www.redhat.com/support/errata/RHSA-2002-248.html http://www.redhat.com/support/errata/RHSA-2002-251.html http://www.redhat.com/support/errata/RHSA-2003-106.html http://www.iss.net/security_center/static/10457.php
Copyright	This script is Copyright (C) 2003 Tenable Network Security