|
|
Family: Ubuntu Local Security Checks --> Category: infos
USN133-1 : apache vulnerability Vulnerability Scan
Vulnerability Scan Summary
apache vulnerability
Detailed Explanation for this Vulnerability Test
Synopsis :
These remote packages are missing security patches :
- apache
- apache-common
- apache-dbg
- apache-dev
- apache-doc
- apache-perl
- apache-ssl
- apache-utils
- libapache-mod-perl
Description :
A buffer overflow was discovered in the "htpasswd" utility. This could
be exploited to execute arbitrary code with the rights of the user
invoking htpasswd. This is only a security vulnerability if you have a
website that offers a public interface to htpasswd without checking
the input beforehand
however, this is very unusual.
Solution :
Upgrade to :
- apache-1.3.31-6ubuntu0.7 (Ubuntu 4.10)
- apache-common-1.3.31-6ubuntu0.7 (Ubuntu 4.10)
- apache-dbg-1.3.31-6ubuntu0.7 (Ubuntu 4.10)
- apache-dev-1.3.31-6ubuntu0.7 (Ubuntu 4.10)
- apache-doc-1.3.31-6ubuntu0.7 (Ubuntu 4.10)
- apache-perl-1.3.31-6ubuntu0.7 (Ubuntu 4.10)
- apache-ssl-1.3.31-6ubuntu0.7 (Ubuntu 4.10)
- apache-utils-1.3.31-6ubuntu0.7 (Ubuntu 4.10)
- libapache-mod-perl-1.29.0.2.0-6ubuntu0.7 (Ubuntu 4.10)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
