ID de Prueba:	1.3.6.1.4.1.25623.1.0.123992
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2012-0128)
Resumen:	The remote host is missing an update for the 'httpd' package(s) announced via the ELSA-2012-0128 advisory.
Descripción:	Summary: The remote host is missing an update for the 'httpd' package(s) announced via the ELSA-2012-0128 advisory. Vulnerability Insight: [2.2.15-15.0.1.el6_2.1] - replace index.html with Oracle's index page oracle_index.html update vstring in specfile [2.2.15-15.1] - add security fixes for CVE-2011-4317, CVE-2012-0053, CVE-2012-0031, CVE-2011-3607 (#787598) - obviates fix for CVE-2011-3638, patch removed Affected Software/OS: 'httpd' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-3607 http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html BugTraq ID: 50494 http://www.securityfocus.com/bid/50494 Debian Security Information: DSA-2405 (Google Search) http://www.debian.org/security/2012/dsa-2405 http://archives.neohapsis.com/archives/fulldisclosure/2011-11/0023.html HPdes Security Advisory: HPSBMU02748 http://marc.info/?l=bugtraq&m=133294460209056&w=2 HPdes Security Advisory: HPSBMU02786 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 HPdes Security Advisory: HPSBOV02822 http://marc.info/?l=bugtraq&m=134987041210674&w=2 HPdes Security Advisory: HPSBUX02761 http://marc.info/?l=bugtraq&m=133494237717847&w=2 HPdes Security Advisory: SSRT100772 HPdes Security Advisory: SSRT100823 HPdes Security Advisory: SSRT100877 HPdes Security Advisory: SSRT100966 http://www.mandriva.com/security/advisories?name=MDVSA-2012:003 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/ http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/DemoExploit.html https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E http://www.osvdb.org/76744 RedHat Security Advisories: RHSA-2012:0128 http://rhn.redhat.com/errata/RHSA-2012-0128.html RedHat Security Advisories: RHSA-2012:0542 http://rhn.redhat.com/errata/RHSA-2012-0542.html RedHat Security Advisories: RHSA-2012:0543 http://rhn.redhat.com/errata/RHSA-2012-0543.html http://securitytracker.com/id?1026267 http://secunia.com/advisories/45793 http://secunia.com/advisories/48551 XForce ISS Database: apache-http-appregsub-bo(71093) https://exchange.xforce.ibmcloud.com/vulnerabilities/71093 Common Vulnerability Exposure (CVE) ID: CVE-2011-3639 DSA-2405 RHSA-2012:0128 http://svn.apache.org/viewvc?view=revision&revision=1188745 https://bugzilla.redhat.com/show_bug.cgi?id=752080 Common Vulnerability Exposure (CVE) ID: CVE-2011-4317 https://community.qualys.com/blogs/securitylabs/2011/11/23/apache-reverse-proxy-bypass-issue https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8@%3Ccvs.httpd.apache.org%3E http://www.securitytracker.com/id?1026353 SuSE Security Announcement: openSUSE-SU-2013:0243 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html SuSE Security Announcement: openSUSE-SU-2013:0248 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html Common Vulnerability Exposure (CVE) ID: CVE-2012-0031 BugTraq ID: 51407 http://www.securityfocus.com/bid/51407 http://www.mandriva.com/security/advisories?name=MDVSA-2012:012 http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/ http://secunia.com/advisories/47410 SuSE Security Announcement: SUSE-SU-2012:0323 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00002.html SuSE Security Announcement: openSUSE-SU-2012:0314 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00026.html Common Vulnerability Exposure (CVE) ID: CVE-2012-0053 BugTraq ID: 51706 http://www.securityfocus.com/bid/51706 HPdes Security Advisory: HPSBMU02776 http://marc.info/?l=bugtraq&m=133951357207000&w=2 HPdes Security Advisory: HPSBST02848 http://marc.info/?l=bugtraq&m=136441204617335&w=2 HPdes Security Advisory: SSRT100852 HPdes Security Advisory: SSRT101112
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.