ID de Prueba:	1.3.6.1.4.1.25623.1.0.122325
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2010-0659)
Resumen:	The remote host is missing an update for the 'httpd' package(s) announced via the ELSA-2010-0659 advisory.
Descripción:	Summary: The remote host is missing an update for the 'httpd' package(s) announced via the ELSA-2010-0659 advisory. Vulnerability Insight: [2.2.3-43.0.1.el5_5.3 ] - replace index.html with Oracle's index page oracle_index.html - update vstring and distro in specfile [2.2.3-43.3] - mod_ssl: improved fix for SSLRequire's OID() function (#625452) [2.2.3-43.2] - add security fixes for CVE-2010-1452, CVE-2010-2791 (#623210) - mod_deflate: rebase to 2.2.15 (#625435) - stop multiple invocations of filter init functions (#625451) Affected Software/OS: 'httpd' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-1452 42367 http://secunia.com/advisories/42367 ADV-2010-2218 http://www.vupen.com/english/advisories/2010/2218 ADV-2010-3064 http://www.vupen.com/english/advisories/2010/3064 ADV-2011-0291 http://www.vupen.com/english/advisories/2011/0291 APPLE-SA-2011-03-21-1 http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html HPSBMU02753 http://marc.info/?l=bugtraq&m=133355494609819&w=2 HPSBUX02612 http://marc.info/?l=bugtraq&m=129190899612998&w=2 RHSA-2010:0659 http://www.redhat.com/support/errata/RHSA-2010-0659.html RHSA-2011:0896 http://www.redhat.com/support/errata/RHSA-2011-0896.html RHSA-2011:0897 http://www.redhat.com/support/errata/RHSA-2011-0897.html SSA:2010-240-02 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.467395 SSRT100345 SSRT100782 SUSE-SU-2011:1000 http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html SUSE-SU-2011:1216 http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html USN-1021-1 http://ubuntu.com/usn/usn-1021-1 [apache-announce] 20100725 [ANNOUNCEMENT] Apache HTTP Server 2.2.16 Released http://marc.info/?l=apache-announce&m=128009718610929&w=2 [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073139 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/ https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073149 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1888194 [7/13] - /httpd/site/trunk/content/security/json/ https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210422 svn commit: r1074079 [2/3] - in /websites/staging/httpd/trunk/content: ./ apreq/ contribute/ contributors/ dev/ docs-project/ docs/ info/ mod_fcgid/ mod_ftp/ mod_mbox/ mod_smtpd/ modules/ security/ test/ test/flood/ https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E http://blogs.sun.com/security/entry/cve_2010_1452_mod_dav http://httpd.apache.org/security/vulnerabilities_22.html http://support.apple.com/kb/HT4581 https://issues.apache.org/bugzilla/show_bug.cgi?id=49246 oval:org.mitre.oval:def:11683 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11683 oval:org.mitre.oval:def:12341 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12341 Common Vulnerability Exposure (CVE) ID: CVE-2010-2791 42102 http://www.securityfocus.com/bid/42102 MDVSA-2013:150 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 [httpd-cvs] 20210330 svn commit: r1073149 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1888222 - in /httpd/site/trunk/content/security/json: CVE-2010-2068.json CVE-2010-2791.json CVE-2011-0419.json CVE-2011-3368.json https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210603 svn commit: r1075360 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210606 svn commit: r1075467 [2/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E [oss-security] 20100730 CVE-2010-2791: mod_proxy information leak affecting 2.2.9 only http://www.openwall.com/lists/oss-security/2010/07/30/1 apache-modproxy-info-disclsoure(60883) https://exchange.xforce.ibmcloud.com/vulnerabilities/60883 http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.