ID de Prueba:	1.3.6.1.4.1.25623.1.0.54260
Categoría:	Trustix Local Security Checks
Título:	Trustix Security Advisory TSLSA-2003-0025 (apache)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory TSLSA-2003-0025. From the announcement: This version of Apache is principally a security and bug fix release. A script_summary( of the bug fixes is given at the end of this document. Of particular note is that 2.0.47 addresses four security vulnerabilities: Certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one could result in the weak ciphersuite being used in place of the strong one. [CVE-2003-0192] Certain errors returned by accept() on rarely accessed ports could cause temporal denial of service, due to a bug in the prefork MPM. [CVE-2003-0253] Denial of service was caused when target host is IPv6 but ftp proxy server can't create IPv6 socket. [CVE-2003-0254] The server would crash when going into an infinite loop due to too many subsequent internal redirects and nested subrequests. [VU#379828] Solution: Update your system with the packages as indicated in the referenced security advisory. https://secure1.securityspace.com/smysecure/catid.html?in=TSLSA-2003-0025 Risk factor : High CVSS Score: 6.4
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0192 Bugtraq: 20030709 [ANNOUNCE][SECURITY] Apache 2.0.47 released (Google Search) http://marc.info/?l=bugtraq&m=105776593602600&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2003:075 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A169 http://www.redhat.com/support/errata/RHSA-2003-240.html http://www.redhat.com/support/errata/RHSA-2003-243.html http://www.redhat.com/support/errata/RHSA-2003-244.html SCO Security Bulletin: CSSA-2003-SCO.28 SCO Security Bulletin: SCOSA-2004.6 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.6/SCOSA-2004.6.txt Common Vulnerability Exposure (CVE) ID: CVE-2003-0253 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A173 Common Vulnerability Exposure (CVE) ID: CVE-2003-0254 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A183
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.