ID de Prueba:	1.3.6.1.4.1.25623.1.0.122544
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2008-0967)
Resumen:	The remote host is missing an update for the 'httpd' package(s) announced via the ELSA-2008-0967 advisory.
Descripción:	Summary: The remote host is missing an update for the 'httpd' package(s) announced via the ELSA-2008-0967 advisory. Vulnerability Insight: [2.2.3-11.0.1.el5_2.4] - use oracle index page oracle_index.html - update vstring and distro in specfile [2.2.3-11.el5_2.4] - add security fixes for CVE-2008-2364, CVE-2008-2939 (#468840) Affected Software/OS: 'httpd' package(s) on Oracle Linux 3, Oracle Linux 4, Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-2364 1020267 http://www.securitytracker.com/id?1020267 20080729 rPSA-2008-0236-1 httpd mod_ssl http://www.securityfocus.com/archive/1/494858/100/0/threaded 20081122 rPSA-2008-0328-1 httpd mod_ssl http://www.securityfocus.com/archive/1/498567/100/0/threaded 247666 http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1 29653 http://www.securityfocus.com/bid/29653 30621 http://secunia.com/advisories/30621 31026 http://secunia.com/advisories/31026 31404 http://secunia.com/advisories/31404 31416 http://secunia.com/advisories/31416 31651 http://secunia.com/advisories/31651 31681 http://www.securityfocus.com/bid/31681 31904 http://secunia.com/advisories/31904 32222 http://secunia.com/advisories/32222 32685 http://secunia.com/advisories/32685 32838 http://secunia.com/advisories/32838 33156 http://secunia.com/advisories/33156 33797 http://secunia.com/advisories/33797 34219 http://secunia.com/advisories/34219 34259 http://secunia.com/advisories/34259 34418 http://secunia.com/advisories/34418 ADV-2008-1798 http://www.vupen.com/english/advisories/2008/1798 ADV-2008-2780 http://www.vupen.com/english/advisories/2008/2780 ADV-2009-0320 http://www.vupen.com/english/advisories/2009/0320 APPLE-SA-2008-10-09 http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html FEDORA-2008-6314 https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00153.html FEDORA-2008-6393 https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00055.html GLSA-200807-06 http://security.gentoo.org/glsa/glsa-200807-06.xml HPSBUX02365 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432 HPSBUX02401 http://marc.info/?l=bugtraq&m=123376588623823&w=2 HPSBUX02465 http://marc.info/?l=bugtraq&m=125631037611762&w=2 MDVSA-2008:195 http://www.mandriva.com/security/advisories?name=MDVSA-2008:195 MDVSA-2008:237 http://www.mandriva.com/security/advisories?name=MDVSA-2008:237 PK67579 http://www-1.ibm.com/support/docview.wss?uid=swg1PK67579 RHSA-2008:0966 http://www.redhat.com/support/errata/RHSA-2008-0966.html RHSA-2008:0967 http://rhn.redhat.com/errata/RHSA-2008-0967.html SSRT080118 SSRT090005 SSRT090192 SUSE-SR:2009:006 http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html SUSE-SR:2009:007 http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html USN-731-1 http://www.ubuntu.com/usn/USN-731-1 [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073139 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/ https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073149 [6/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1888194 [5/13] - /httpd/site/trunk/content/security/json/ https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210422 svn commit: r1074079 [2/3] - in /websites/staging/httpd/trunk/content: ./ apreq/ contribute/ contributors/ dev/ docs-project/ docs/ info/ mod_fcgid/ mod_ftp/ mod_mbox/ mod_smtpd/ modules/ security/ test/ test/flood/ https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E apache-modproxy-module-dos(42987) https://exchange.xforce.ibmcloud.com/vulnerabilities/42987 http://support.apple.com/kb/HT3216 http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=666154&r2=666153&pathrev=666154 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328 http://www-01.ibm.com/support/docview.wss?uid=swg27008517 http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html oval:org.mitre.oval:def:11713 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11713 oval:org.mitre.oval:def:6084 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6084 oval:org.mitre.oval:def:9577 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9577 Common Vulnerability Exposure (CVE) ID: CVE-2008-2939 1020635 http://www.securitytracker.com/id?1020635 20080806 Apache HTTP Server mod_proxy_ftp Wildcard Characters Cross-Site Scripting http://www.securityfocus.com/archive/1/495180/100/0/threaded 20081122 rPSA-2008-0327-1 httpd mod_ssl http://www.securityfocus.com/archive/1/498566/100/0/threaded 30560 http://www.securityfocus.com/bid/30560 31384 http://secunia.com/advisories/31384 31673 http://secunia.com/advisories/31673 35074 http://secunia.com/advisories/35074 ADV-2008-2315 http://www.vupen.com/english/advisories/2008/2315 ADV-2008-2461 http://www.vupen.com/english/advisories/2008/2461 ADV-2009-1297 http://www.vupen.com/english/advisories/2009/1297 APPLE-SA-2009-05-12 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html MDVSA-2008:194 http://www.mandriva.com/security/advisories?name=MDVSA-2008:194 MDVSA-2009:124 http://www.mandriva.com/security/advisories?name=MDVSA-2009:124 PK70197 http://www-1.ibm.com/support/docview.wss?uid=swg1PK70197 PK70937 http://www-1.ibm.com/support/docview.wss?uid=swg1PK70937 SUSE-SR:2008:024 http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html TA09-133A http://www.us-cert.gov/cas/techalerts/TA09-133A.html VU#663763 http://www.kb.cert.org/vuls/id/663763 [httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E apache-modproxyftp-xss(44223) https://exchange.xforce.ibmcloud.com/vulnerabilities/44223 http://support.apple.com/kb/HT3549 http://svn.apache.org/viewvc?view=rev&revision=682868 http://svn.apache.org/viewvc?view=rev&revision=682870 http://svn.apache.org/viewvc?view=rev&revision=682871 http://wiki.rpath.com/Advisories:rPSA-2008-0327 http://www.rapid7.com/advisories/R7-0033 oval:org.mitre.oval:def:11316 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11316 oval:org.mitre.oval:def:7716 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7716
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.