Chip 2007 January, February, March & April

home *** CD-ROM | disk | FTP | other *** search

/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / mandrake_MDKSA-2004-096.nasl < prev next >

Wrap

Text File | 2005-01-14 | 6KB | 194 lines

# # (C) Tenable Network Security # # This plugin text was extracted from Mandrake Linux Security Advisory MDKSA-2004:096 # if ( ! defined_func("bn_random") ) exit(0); if(description) { script_id(14752); script_version ("$Revision: 1.2 $"); script_cve_id("CAN-2004-0747", "CAN-2004-0748", "CAN-2004-0751", "CAN-2004-0786"); name["english"] = "MDKSA-2004:096: apache2"; script_name(english:name["english"]); desc["english"] = " The remote host is missing the patch for the advisory MDKSA-2004:096 (apache2). Two Denial of Service conditions were discovered in the input filter of mod_ssl, the module that enables apache to handle HTTPS requests. Another vulnerability was discovered by the ASF security team using the Codenomicon HTTP Test Tool. This vulnerability, in the apr-util library, can possibly lead to arbitray code execution if certain non-default conditions are met (enabling the AP_ENABLE_EXCEPTION_HOOK define). As well, the SITIC have discovered a buffer overflow when Apache expands environment variables in configuration files such as .htaccess and httpd.conf, which can lead to possible privilege escalation. This can only be done, however, if an attacker is able to place malicious configuration files on the server. Finally, a crash condition was discovered in the mod_dav module by Julian Reschke, where sending a LOCK refresh request to an indirectly locked resource could crash the server. The updated packages have been patched to protect against these vulnerabilities. Solution : http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:096 Risk factor : High"; script_description(english:desc["english"]); summary["english"] = "Check for the version of the apache2 package"; script_summary(english:summary["english"]); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004 Tenable Network Security"); family["english"] = "Mandrake Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/Mandrake/rpm-list"); exit(0); } include("rpm.inc"); if ( rpm_check( reference:"apache2-2.0.48-6.6.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"apache2-common-2.0.48-6.6.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"apache2-devel-2.0.48-6.6.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"apache2-manual-2.0.48-6.6.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"apache2-mod_cache-2.0.48-6.6.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"apache2-mod_dav-2.0.48-6.6.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"apache2-mod_ldap-2.0.48-6.6.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"apache2-mod_proxy-2.0.48-6.6.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"apache2-mod_ssl-2.0.48-6.6.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"apache2-modules-2.0.48-6.6.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"apache2-source-2.0.48-6.6.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"libapr0-2.0.48-6.6.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"apache2-2.0.47-6.9.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"apache2-common-2.0.47-6.9.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"apache2-devel-2.0.47-6.9.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"apache2-manual-2.0.47-6.9.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"apache2-mod_cache-2.0.47-6.9.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"apache2-mod_dav-2.0.47-6.9.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"apache2-mod_deflate-2.0.47-6.9.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"apache2-mod_ldap-2.0.47-6.9.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"apache2-mod_proxy-2.0.47-6.9.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"apache2-mod_ssl-2.0.47-6.9.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"apache2-modules-2.0.47-6.9.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"apache2-source-2.0.47-6.9.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"libapr0-2.0.47-6.9.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if (rpm_exists(rpm:"apache2-", release:"MDK10.0") || rpm_exists(rpm:"apache2-", release:"MDK9.2") ) { set_kb_item(name:"CAN-2004-0747", value:TRUE); set_kb_item(name:"CAN-2004-0748", value:TRUE); set_kb_item(name:"CAN-2004-0751", value:TRUE); set_kb_item(name:"CAN-2004-0786", value:TRUE); }