home *** CD-ROM | disk | FTP | other *** search
/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / mandrake_MDKSA-2003-103.nasl < prev    next >
Text File  |  2005-01-14  |  7KB  |  250 lines
  1. #
  2. # (C) Tenable Network Security
  3. #
  4. # This plugin text was extracted from Mandrake Linux Security Advisory MDKSA-2003:103
  5. #
  6.  
  7.  
  8. if ( ! defined_func("bn_random") ) exit(0);
  9. if(description)
  10. {
  11.  script_id(14085);
  12.  script_bugtraq_id(8911, 8926);
  13.  script_version ("$Revision: 1.3 $");
  14.  script_cve_id("CAN-2003-0542", "CAN-2003-0789");
  15.  
  16.  name["english"] = "MDKSA-2003:103: apache";
  17.  
  18.  script_name(english:name["english"]);
  19.  
  20.  desc["english"] = "
  21. The remote host is missing the patch for the advisory MDKSA-2003:103 (apache).
  22.  
  23.  
  24. A buffer overflow in mod_alias and mod_rewrite was discovered in Apache versions
  25. 1.3.19 and earlier as well as Apache 2.0.47 and earlier. This happens when a
  26. regular expression with more than 9 captures is confined. An attacker would have
  27. to create a carefully crafted configuration file (.htaccess or httpd.conf) in
  28. order to exploit these problems.
  29. As well, another buffer overflow in Apache 2.0.47 and earlier in mod_cgid's
  30. mishandling of CGI redirect paths could result in CGI output going to the wrong
  31. client when a threaded MPM is used.
  32. Apache version 2.0.48 and 1.3.29 were released upstream to correct these bugs;
  33. backported patches have been applied to the provided packages.
  34.  
  35.  
  36. Solution : http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:103
  37. Risk factor : High";
  38.  
  39.  
  40.  
  41.  script_description(english:desc["english"]);
  42.  
  43.  summary["english"] = "Check for the version of the apache package";
  44.  script_summary(english:summary["english"]);
  45.  
  46.  script_category(ACT_GATHER_INFO);
  47.  
  48.  script_copyright(english:"This script is Copyright (C) 2004 Tenable Network Security");
  49.  family["english"] = "Mandrake Local Security Checks";
  50.  script_family(english:family["english"]);
  51.  
  52.  script_dependencies("ssh_get_info.nasl");
  53.  script_require_keys("Host/Mandrake/rpm-list");
  54.  exit(0);
  55. }
  56.  
  57. include("rpm.inc");
  58. if ( rpm_check( reference:"apache-1.3.26-6.3.90mdk", release:"MDK9.0", yank:"mdk") )
  59. {
  60.  security_hole(0);
  61.  exit(0);
  62. }
  63. if ( rpm_check( reference:"apache-common-1.3.26-6.3.90mdk", release:"MDK9.0", yank:"mdk") )
  64. {
  65.  security_hole(0);
  66.  exit(0);
  67. }
  68. if ( rpm_check( reference:"apache-devel-1.3.26-6.3.90mdk", release:"MDK9.0", yank:"mdk") )
  69. {
  70.  security_hole(0);
  71.  exit(0);
  72. }
  73. if ( rpm_check( reference:"apache-manual-1.3.26-6.3.90mdk", release:"MDK9.0", yank:"mdk") )
  74. {
  75.  security_hole(0);
  76.  exit(0);
  77. }
  78. if ( rpm_check( reference:"apache-modules-1.3.26-6.3.90mdk", release:"MDK9.0", yank:"mdk") )
  79. {
  80.  security_hole(0);
  81.  exit(0);
  82. }
  83. if ( rpm_check( reference:"apache-source-1.3.26-6.3.90mdk", release:"MDK9.0", yank:"mdk") )
  84. {
  85.  security_hole(0);
  86.  exit(0);
  87. }
  88. if ( rpm_check( reference:"apache-1.3.27-8.1.91mdk", release:"MDK9.1", yank:"mdk") )
  89. {
  90.  security_hole(0);
  91.  exit(0);
  92. }
  93. if ( rpm_check( reference:"apache-devel-1.3.27-8.1.91mdk", release:"MDK9.1", yank:"mdk") )
  94. {
  95.  security_hole(0);
  96.  exit(0);
  97. }
  98. if ( rpm_check( reference:"apache-modules-1.3.27-8.1.91mdk", release:"MDK9.1", yank:"mdk") )
  99. {
  100.  security_hole(0);
  101.  exit(0);
  102. }
  103. if ( rpm_check( reference:"apache-source-1.3.27-8.1.91mdk", release:"MDK9.1", yank:"mdk") )
  104. {
  105.  security_hole(0);
  106.  exit(0);
  107. }
  108. if ( rpm_check( reference:"apache2-2.0.47-1.6.91mdk", release:"MDK9.1", yank:"mdk") )
  109. {
  110.  security_hole(0);
  111.  exit(0);
  112. }
  113. if ( rpm_check( reference:"apache2-common-2.0.47-1.6.91mdk", release:"MDK9.1", yank:"mdk") )
  114. {
  115.  security_hole(0);
  116.  exit(0);
  117. }
  118. if ( rpm_check( reference:"apache2-devel-2.0.47-1.6.91mdk", release:"MDK9.1", yank:"mdk") )
  119. {
  120.  security_hole(0);
  121.  exit(0);
  122. }
  123. if ( rpm_check( reference:"apache2-manual-2.0.47-1.6.91mdk", release:"MDK9.1", yank:"mdk") )
  124. {
  125.  security_hole(0);
  126.  exit(0);
  127. }
  128. if ( rpm_check( reference:"apache2-mod_dav-2.0.47-1.6.91mdk", release:"MDK9.1", yank:"mdk") )
  129. {
  130.  security_hole(0);
  131.  exit(0);
  132. }
  133. if ( rpm_check( reference:"apache2-mod_ldap-2.0.47-1.6.91mdk", release:"MDK9.1", yank:"mdk") )
  134. {
  135.  security_hole(0);
  136.  exit(0);
  137. }
  138. if ( rpm_check( reference:"apache2-mod_ssl-2.0.47-1.6.91mdk", release:"MDK9.1", yank:"mdk") )
  139. {
  140.  security_hole(0);
  141.  exit(0);
  142. }
  143. if ( rpm_check( reference:"apache2-modules-2.0.47-1.6.91mdk", release:"MDK9.1", yank:"mdk") )
  144. {
  145.  security_hole(0);
  146.  exit(0);
  147. }
  148. if ( rpm_check( reference:"apache2-source-2.0.47-1.6.91mdk", release:"MDK9.1", yank:"mdk") )
  149. {
  150.  security_hole(0);
  151.  exit(0);
  152. }
  153. if ( rpm_check( reference:"libapr0-2.0.47-1.6.91mdk", release:"MDK9.1", yank:"mdk") )
  154. {
  155.  security_hole(0);
  156.  exit(0);
  157. }
  158. if ( rpm_check( reference:"apache-1.3.28-3.1.92mdk", release:"MDK9.2", yank:"mdk") )
  159. {
  160.  security_hole(0);
  161.  exit(0);
  162. }
  163. if ( rpm_check( reference:"apache-devel-1.3.28-3.1.92mdk", release:"MDK9.2", yank:"mdk") )
  164. {
  165.  security_hole(0);
  166.  exit(0);
  167. }
  168. if ( rpm_check( reference:"apache-modules-1.3.28-3.1.92mdk", release:"MDK9.2", yank:"mdk") )
  169. {
  170.  security_hole(0);
  171.  exit(0);
  172. }
  173. if ( rpm_check( reference:"apache-source-1.3.28-3.1.92mdk", release:"MDK9.2", yank:"mdk") )
  174. {
  175.  security_hole(0);
  176.  exit(0);
  177. }
  178. if ( rpm_check( reference:"apache2-2.0.47-6.3.92mdk", release:"MDK9.2", yank:"mdk") )
  179. {
  180.  security_hole(0);
  181.  exit(0);
  182. }
  183. if ( rpm_check( reference:"apache2-common-2.0.47-6.3.92mdk", release:"MDK9.2", yank:"mdk") )
  184. {
  185.  security_hole(0);
  186.  exit(0);
  187. }
  188. if ( rpm_check( reference:"apache2-devel-2.0.47-6.3.92mdk", release:"MDK9.2", yank:"mdk") )
  189. {
  190.  security_hole(0);
  191.  exit(0);
  192. }
  193. if ( rpm_check( reference:"apache2-manual-2.0.47-6.3.92mdk", release:"MDK9.2", yank:"mdk") )
  194. {
  195.  security_hole(0);
  196.  exit(0);
  197. }
  198. if ( rpm_check( reference:"apache2-mod_cache-2.0.47-6.3.92mdk", release:"MDK9.2", yank:"mdk") )
  199. {
  200.  security_hole(0);
  201.  exit(0);
  202. }
  203. if ( rpm_check( reference:"apache2-mod_dav-2.0.47-6.3.92mdk", release:"MDK9.2", yank:"mdk") )
  204. {
  205.  security_hole(0);
  206.  exit(0);
  207. }
  208. if ( rpm_check( reference:"apache2-mod_deflate-2.0.47-6.3.92mdk", release:"MDK9.2", yank:"mdk") )
  209. {
  210.  security_hole(0);
  211.  exit(0);
  212. }
  213. if ( rpm_check( reference:"apache2-mod_ldap-2.0.47-6.3.92mdk", release:"MDK9.2", yank:"mdk") )
  214. {
  215.  security_hole(0);
  216.  exit(0);
  217. }
  218. if ( rpm_check( reference:"apache2-mod_proxy-2.0.47-6.3.92mdk", release:"MDK9.2", yank:"mdk") )
  219. {
  220.  security_hole(0);
  221.  exit(0);
  222. }
  223. if ( rpm_check( reference:"apache2-mod_ssl-2.0.47-6.3.92mdk", release:"MDK9.2", yank:"mdk") )
  224. {
  225.  security_hole(0);
  226.  exit(0);
  227. }
  228. if ( rpm_check( reference:"apache2-modules-2.0.47-6.3.92mdk", release:"MDK9.2", yank:"mdk") )
  229. {
  230.  security_hole(0);
  231.  exit(0);
  232. }
  233. if ( rpm_check( reference:"apache2-source-2.0.47-6.3.92mdk", release:"MDK9.2", yank:"mdk") )
  234. {
  235.  security_hole(0);
  236.  exit(0);
  237. }
  238. if ( rpm_check( reference:"libapr0-2.0.47-6.3.92mdk", release:"MDK9.2", yank:"mdk") )
  239. {
  240.  security_hole(0);
  241.  exit(0);
  242. }
  243. if (rpm_exists(rpm:"apache-", release:"MDK9.0")
  244.  || rpm_exists(rpm:"apache-", release:"MDK9.1")
  245.  || rpm_exists(rpm:"apache-", release:"MDK9.2") )
  246. {
  247.  set_kb_item(name:"CAN-2003-0542", value:TRUE);
  248.  set_kb_item(name:"CAN-2003-0789", value:TRUE);
  249. }
  250.