ID de Prueba:	1.3.6.1.4.1.25623.1.0.50604
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2004:122 (mod_ssl/apache2-mod_ssl)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to mod_ssl/apache2-mod_ssl announced via advisory MDKSA-2004:122. A vulnerability in mod_ssl was discovered by Hartmut Keil. After a renegotiation, mod_ssl would fail to ensure that the requested cipher suite is actually negotiated. The provided packages have been patched to prevent this problem. Affected versions: 10.0, 10.1, 9.2, Corporate Server 2.1, Multi Network Firewall 8.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2004:122 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0885 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	BugTraq ID: 11360 Common Vulnerability Exposure (CVE) ID: CVE-2004-0885 http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://www.securityfocus.com/bid/11360 Bugtraq: 20041015 [OpenPKG-SA-2004.044] OpenPKG Security Advisory (modssl) (Google Search) http://marc.info/?l=bugtraq&m=109786159119069&w=2 HPdes Security Advisory: HPSBUX01123 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01123 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10384 http://www.redhat.com/support/errata/RHSA-2004-562.html http://www.redhat.com/support/errata/RHSA-2004-600.html http://www.redhat.com/support/errata/RHSA-2005-816.html http://www.redhat.com/support/errata/RHSA-2008-0261.html http://secunia.com/advisories/19072 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1 http://www.ubuntu.com/usn/usn-177-1 http://www.vupen.com/english/advisories/2006/0789 XForce ISS Database: apache-sslciphersuite-restriction-bypass(17671) https://exchange.xforce.ibmcloud.com/vulnerabilities/17671
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.