ID de Prueba:	1.3.6.1.4.1.25623.1.0.50546
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2004:065 (apache)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to apache announced via advisory MDKSA-2004:065. A buffer overflow vulnerability was found by George Guninski in Apache's mod_proxy module, which can be exploited by a remote user to potentially execute arbitrary code with the privileges of an httpd child process (user apache). This can only be exploited, however, if mod_proxy is actually in use. It is recommended that you stop Apache prior to updating and then restart it again once the update is complete (service httpd stop and service httpd start respectively). Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2004:065 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0492 http://www.guninski.com/modproxy1.html Risk factor : Critical CVSS Score: 10.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0492 Bugtraq: 20040611 [OpenPKG-SA-2004.029] OpenPKG Security Advisory (apache) (Google Search) http://marc.info/?l=bugtraq&m=108711172710140&w=2 CERT/CC vulnerability note: VU#541310 http://www.kb.cert.org/vuls/id/541310 Debian Security Information: DSA-525 (Google Search) http://www.debian.org/security/2004/dsa-525 https://bugzilla.fedora.us/show_bug.cgi?id=1737 http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html HPdes Security Advisory: HPSBOV02683 http://marc.info/?l=bugtraq&m=130497311408250&w=2 HPdes Security Advisory: SSRT090208 http://www.mandriva.com/security/advisories?name=MDKSA-2004:065 http://www.guninski.com/modproxy1.html https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863 RedHat Security Advisories: RHSA-2004:245 http://rhn.redhat.com/errata/RHSA-2004-245.html http://secunia.com/advisories/11841 SGI Security Advisory: 20040605-01-U ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1 XForce ISS Database: apache-modproxy-contentlength-bo(16387) https://exchange.xforce.ibmcloud.com/vulnerabilities/16387
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.