ID de Prueba:	1.3.6.1.4.1.25623.1.0.12255
Categoría:	Gain a shell remotely
Título:	mod_ssl SSL_Util_UUEncode_Binary Overflow
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is using a version of mod_ssl which is older than 2.8.18. This version is vulnerable to a flaw which may allow an attacker to disable the remote web site remotely, or to execute arbitrary code on the remote host. *** Note that several Linux distributions patched the old version of *** this module. Therefore, this alert might be a false positive. Please *** check with your vendor to determine if you really are vulnerable to *** this flaw Solution : Upgrade to version 2.8.18 or newer Risk factor : Low
Referencia Cruzada:	BugTraq ID: 10355 Common Vulnerability Exposure (CVE) ID: CVE-2004-0488 http://www.securityfocus.com/bid/10355 Bugtraq: 20040527 [OpenPKG-SA-2004.026] OpenPKG Security Advisory (apache) (Google Search) http://marc.info/?l=bugtraq&m=108567431823750&w=2 Bugtraq: 20040601 TSSA-2004-008 - apache (Google Search) http://marc.info/?l=bugtraq&m=108619129727620&w=2 Debian Security Information: DSA-532 (Google Search) http://www.debian.org/security/2004/dsa-532 https://bugzilla.fedora.us/show_bug.cgi?id=1888 http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021610.html http://security.gentoo.org/glsa/glsa-200406-05.xml HPdes Security Advisory: SSRT4777 http://marc.info/?l=bugtraq&m=109181600614477&w=2 HPdes Security Advisory: SSRT4788 http://marc.info/?l=bugtraq&m=109215056218824&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2004:054 http://www.mandriva.com/security/advisories?name=MDKSA-2004:055 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11458 RedHat Security Advisories: RHSA-2004:245 http://rhn.redhat.com/errata/RHSA-2004-245.html http://www.redhat.com/support/errata/RHSA-2004-342.html http://www.redhat.com/support/errata/RHSA-2004-405.html http://www.redhat.com/support/errata/RHSA-2005-816.html SGI Security Advisory: 20040605-01-U ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc http://www.trustix.net/errata/2004/0031/ XForce ISS Database: apache-modssl-uuencode-bo(16214) https://exchange.xforce.ibmcloud.com/vulnerabilities/16214
Copyright	This script is Copyright (C) 2004 Tenable Network Security

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.