|
|
Family: Debian Local Security Checks --> Category: infos
[DSA195] DSA-195-1 apache-perl Vulnerability Scan
Vulnerability Scan Summary
DSA-195-1 apache-perl
Detailed Explanation for this Vulnerability Test
According to David Wagner, iDEFENSE and the Apache HTTP Server
Project, several vulnerabilities have been found in the Apache server
package, a commonly used webserver. Most of the code is shared
between the Apache and Apache-Perl packages, so vulnerabilities are
shared as well.
These vulnerabilities could allow a possible hacker to enact a denial of
service against a server or execute a cross site scripting attack, or
steal cookies from other web site users. The Common Vulnerabilities
and Exposures (CVE) project identified the following vulnerabilities:
These problems have been fixed in version 1.3.26-1-1.26-0woody2 for
the current stable distribution (woody), in
1.3.9-14.1-1.21.20000309-1.1 for the old stable distribution (potato)
and in version 1.3.26-1.1-1.27-3-1 for the unstable distribution
(sid).
We recommend that you upgrade your Apache-Perl package immediately.
Solution : http://www.debian.org/security/2002/dsa-195
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
