Family: Debian Local Security Checks --> Category: infos
[DSA195] DSA-195-1 apache-perl Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
According to David Wagner, iDEFENSE and the Apache HTTP Server
Project, several vulnerabilities have been found in the Apache server
package, a commonly used webserver. Most of the code is shared
between the Apache and Apache-Perl packages, so vulnerabilities are
shared as well.
These vulnerabilities could allow a possible hacker to enact a denial of
service against a server or execute a cross site scripting attack, or
steal cookies from other web site users. The Common Vulnerabilities
and Exposures (CVE) project identified the following vulnerabilities:
These problems have been fixed in version 1.3.26-1-1.26-0woody2 for
the current stable distribution (woody), in
1.3.9-14.1-1.21.20000309-1.1 for the old stable distribution (potato)
and in version 1.3.26-1.1-1.27-3-1 for the unstable distribution
We recommend that you upgrade your Apache-Perl package immediately.
Solution : http://www.debian.org/security/2002/dsa-195
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.