|
|
Family: Ubuntu Local Security Checks --> Category: infos
USN65-1 : apache vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
apache vulnerabilities
Detailed Explanation for this Vulnerability Test
Synopsis :
These remote packages are missing security patches :
- apache
- apache-common
- apache-dbg
- apache-dev
- apache-doc
- apache-perl
- apache-ssl
- apache-utils
- libapache-mod-perl
Description :
Javier Fernández-Sanguino Peña noticed that the "check_forensic"
script created temporary files in an insecure manner. This could
allow a symbolic link attack to create or overwrite arbitrary files
with the rights of the user invoking the program.
Solution :
Upgrade to :
- apache-1.3.31-6ubuntu0.4 (Ubuntu 4.10)
- apache-common-1.3.31-6ubuntu0.4 (Ubuntu 4.10)
- apache-dbg-1.3.31-6ubuntu0.4 (Ubuntu 4.10)
- apache-dev-1.3.31-6ubuntu0.4 (Ubuntu 4.10)
- apache-doc-1.3.31-6ubuntu0.4 (Ubuntu 4.10)
- apache-perl-1.3.31-6ubuntu0.4 (Ubuntu 4.10)
- apache-ssl-1.3.31-6ubuntu0.4 (Ubuntu 4.10)
- apache-utils-1.3.31-6ubuntu0.4 (Ubuntu 4.10)
- libapache-mod-perl-1.29.0.2-14ubuntu0.1 (Ubuntu 4.10)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
