Trustix Local Security Checks : Trustix Security Advisory TSLSA-2004-0056 (apache)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54301

Categoría: Trustix Local Security Checks

Título: Trustix Security Advisory TSLSA-2004-0056 (apache)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory TSLSA-2004-0056.

Potential buffer overflow with escaped characters in SSI tag string.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2004-0940 to this issue.

Reject responses from a remote server if sent an invalid (negative)
Content-Length.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2004-0492 to this issue.

Solution:
Update your system with the packages as indicated in
the referenced security advisory.

https://secure1.securityspace.com/smysecure/catid.html?in=TSLSA-2004-0056

Risk factor : Critical

CVSS Score:
10.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0940
BugTraq ID: 11471
http://www.securityfocus.com/bid/11471
Debian Security Information: DSA-594 (Google Search)
http://www.debian.org/security/2004/dsa-594
http://www.mandriva.com/security/advisories?name=MDKSA-2004:134
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E
http://marc.info/?l=bugtraq&m=109906660225051&w=2
http://www.redhat.com/support/errata/RHSA-2004-600.html
http://www.redhat.com/support/errata/RHSA-2005-816.html
http://securitytracker.com/id?1011783
http://secunia.com/advisories/12898/
http://secunia.com/advisories/19073
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1
http://www.vupen.com/english/advisories/2006/0789
XForce ISS Database: apache-modinclude-bo(17785)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17785
Common Vulnerability Exposure (CVE) ID: CVE-2004-0492
Bugtraq: 20040611 [OpenPKG-SA-2004.029] OpenPKG Security Advisory (apache) (Google Search)
http://marc.info/?l=bugtraq&m=108711172710140&w=2
CERT/CC vulnerability note: VU#541310
http://www.kb.cert.org/vuls/id/541310
Debian Security Information: DSA-525 (Google Search)
http://www.debian.org/security/2004/dsa-525
https://bugzilla.fedora.us/show_bug.cgi?id=1737
http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html
HPdes Security Advisory: HPSBOV02683
http://marc.info/?l=bugtraq&m=130497311408250&w=2
HPdes Security Advisory: SSRT090208
http://www.mandriva.com/security/advisories?name=MDKSA-2004:065
http://www.guninski.com/modproxy1.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863
RedHat Security Advisories: RHSA-2004:245
http://rhn.redhat.com/errata/RHSA-2004-245.html
http://secunia.com/advisories/11841
SGI Security Advisory: 20040605-01-U
ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1
XForce ISS Database: apache-modproxy-contentlength-bo(16387)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16387

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54301
Categoría:	Trustix Local Security Checks
Título:	Trustix Security Advisory TSLSA-2004-0056 (apache)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory TSLSA-2004-0056. Potential buffer overflow with escaped characters in SSI tag string. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0940 to this issue. Reject responses from a remote server if sent an invalid (negative) Content-Length. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0492 to this issue. Solution: Update your system with the packages as indicated in the referenced security advisory. https://secure1.securityspace.com/smysecure/catid.html?in=TSLSA-2004-0056 Risk factor : Critical CVSS Score: 10.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0940 BugTraq ID: 11471 http://www.securityfocus.com/bid/11471 Debian Security Information: DSA-594 (Google Search) http://www.debian.org/security/2004/dsa-594 http://www.mandriva.com/security/advisories?name=MDKSA-2004:134 https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E http://marc.info/?l=bugtraq&m=109906660225051&w=2 http://www.redhat.com/support/errata/RHSA-2004-600.html http://www.redhat.com/support/errata/RHSA-2005-816.html http://securitytracker.com/id?1011783 http://secunia.com/advisories/12898/ http://secunia.com/advisories/19073 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1 http://www.vupen.com/english/advisories/2006/0789 XForce ISS Database: apache-modinclude-bo(17785) https://exchange.xforce.ibmcloud.com/vulnerabilities/17785 Common Vulnerability Exposure (CVE) ID: CVE-2004-0492 Bugtraq: 20040611 [OpenPKG-SA-2004.029] OpenPKG Security Advisory (apache) (Google Search) http://marc.info/?l=bugtraq&m=108711172710140&w=2 CERT/CC vulnerability note: VU#541310 http://www.kb.cert.org/vuls/id/541310 Debian Security Information: DSA-525 (Google Search) http://www.debian.org/security/2004/dsa-525 https://bugzilla.fedora.us/show_bug.cgi?id=1737 http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html HPdes Security Advisory: HPSBOV02683 http://marc.info/?l=bugtraq&m=130497311408250&w=2 HPdes Security Advisory: SSRT090208 http://www.mandriva.com/security/advisories?name=MDKSA-2004:065 http://www.guninski.com/modproxy1.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863 RedHat Security Advisories: RHSA-2004:245 http://rhn.redhat.com/errata/RHSA-2004-245.html http://secunia.com/advisories/11841 SGI Security Advisory: 20040605-01-U ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1 XForce ISS Database: apache-modproxy-contentlength-bo(16387) https://exchange.xforce.ibmcloud.com/vulnerabilities/16387
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com