Vulnerability Bulletins |
Ejecución de código remoto en Apache |
|
Vulnerability classification |
|
| Property | Value |
| Confidence level | Oficial |
| Impact | Obtener acceso |
| Dificulty | Experto |
| Required attacker level | Acceso remoto sin cuenta a un servicio estandar |
System information |
|
| Property | Value |
| Affected manufacturer | GNU/Linux |
| Affected software |
Apache 1.3.x = 1.3.34, 1.3.33, 1.3.32, 1.3.31, 1.3.29, 1.3.28 Apache 2.0.x = 2.0.58, 2.0.55, 2.0.54, 2.0.53, 2.0.52, 2.0.51, 2.0.50, 2.0.49, 2.0.48, 2.0.47, 2.0.46 Apache 2.2.x < 2.2.2, 2.2.0 HP OpenView Network Node Manager 6.41 HP OpenView Network Node Manager 7.01 HP OpenView Network Node Manager 7.51 |
Description |
|
|
Se ha descubierto una vulnerabilidad del tipo "off-by-one" en varias versiones de Apache. La vulnerabilidad reside en un error en el módulo Rewrite (mod_rewrite). Un atacante remoto podría causar una denegación de servicio o ejecutar código arbitrario. En función de que versión de Apache httpd se use y de las reglas Rewrite que existan en los ficheros de configuración la vulnerabilidad podrá ser explotada remotamente. |
|
Solution |
|
|
Si lo desea, aplique los mecanismos de actualización propios de su distribución, o bien baje las fuentes del software y compílelo usted mismo. Apache Apache 1.3.37 Apache 2.0.59 Apache 2.2.3 http://httpd.apache.org/download.cgi OpenBSD OpenBSD 3.8 ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/009_httpd.patch OpenBSD 3.9 ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/004_httpd.patch Suse Linux Las actualizaciones pueden descargarse mediante YAST o del servidor FTP oficial de Suse Linux Mandriva Corporate Server 3.0 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/apache-1.3.29-1.5.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/apache2-2.0.48-6.13.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/apache2-common-2.0.48-6.13.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/apache2-devel-2.0.48-6.13.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/apache2-manual-2.0.48-6.13.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/apache2-mod_cache-2.0.48-6.13.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/apache2-mod_dav-2.0.48-6.13.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/apache2-mod_deflate-2.0.48-6.13.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/apache2-mod_disk_cache-2.0.48-6.13.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/apache2-mod_file_cache-2.0.48-6.13.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/apache2-mod_ldap-2.0.48-6.13.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/apache2-mod_mem_cache-2.0.48-6.13.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/apache2-mod_proxy-2.0.48-6.13.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/apache2-mod_ssl-2.0.48-6.13.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/apache2-modules-2.0.48-6.13.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/apache2-source-2.0.48-6.13.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/apache-devel-1.3.29-1.5.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/apache-modules-1.3.29-1.5.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/apache-source-1.3.29-1.5.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/libapr0-2.0.48-6.13.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/apache-1.3.29-1.5.C30mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/apache2-2.0.48-6.13.C30mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/apache-1.3.29-1.5.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/apache2-2.0.48-6.13.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/apache2-common-2.0.48-6.13.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/apache2-devel-2.0.48-6.13.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/apache2-manual-2.0.48-6.13.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/apache2-mod_cache-2.0.48-6.13.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/apache2-mod_dav-2.0.48-6.13.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/apache2-mod_deflate-2.0.48-6.13.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/apache2-mod_disk_cache-2.0.48-6.13.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/apache2-mod_file_cache-2.0.48-6.13.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/apache2-mod_ldap-2.0.48-6.13.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/apache2-mod_mem_cache-2.0.48-6.13.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/apache2-mod_proxy-2.0.48-6.13.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/apache2-mod_ssl-2.0.48-6.13.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/apache2-modules-2.0.48-6.13.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/apache2-source-2.0.48-6.13.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/apache-devel-1.3.29-1.5.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/apache-modules-1.3.29-1.5.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/apache-source-1.3.29-1.5.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/lib64apr0-2.0.48-6.13.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/SRPMS/apache-1.3.29-1.5.C30mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/SRPMS/apache2-2.0.48-6.13.C30mdk.src.rpm Multi Network Firewall 2.0 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/apache2-2.0.48-6.13.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/apache2-common-2.0.48-6.13.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/apache2-devel-2.0.48-6.13.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/apache2-manual-2.0.48-6.13.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/apache2-mod_cache-2.0.48-6.13.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/apache2-mod_dav-2.0.48-6.13.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/apache2-mod_deflate-2.0.48-6.13.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/apache2-mod_disk_cache-2.0.48-6.13.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/apache2-mod_file_cache-2.0.48-6.13.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/apache2-mod_ldap-2.0.48-6.13.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/apache2-mod_mem_cache-2.0.48-6.13.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/apache2-mod_proxy-2.0.48-6.13.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/apache2-mod_ssl-2.0.48-6.13.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/apache2-modules-2.0.48-6.13.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/apache2-source-2.0.48-6.13.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/libapr0-2.0.48-6.13.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/SRPMS/apache2-2.0.48-6.13.M20mdk.src.rpm Mandrivalinux 2006 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-base-2.0.54-13.3.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-devel-2.0.54-13.3.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mod_cache-2.0.54-13.3.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mod_dav-2.0.54-13.3.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mod_deflate-2.0.54-13.3.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mod_disk_cache-2.0.54-13.3.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mod_file_cache-2.0.54-13.3.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mod_ldap-2.0.54-13.3.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mod_mem_cache-2.0.54-13.3.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mod_proxy-2.0.54-13.3.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-modules-2.0.54-13.3.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mod_userdir-2.0.54-13.3.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mpm-peruser-2.0.54-13.3.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mpm-prefork-2.0.54-13.3.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mpm-worker-2.0.54-13.3.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-source-2.0.54-13.3.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/SRPMS/apache-2.0.54-13.3.20060mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-base-2.0.54-13.3.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-devel-2.0.54-13.3.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mod_cache-2.0.54-13.3.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mod_dav-2.0.54-13.3.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mod_deflate-2.0.54-13.3.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mod_disk_cache-2.0.54-13.3.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mod_file_cache-2.0.54-13.3.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mod_ldap-2.0.54-13.3.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mod_mem_cache-2.0.54-13.3.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mod_proxy-2.0.54-13.3.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-modules-2.0.54-13.3.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mod_userdir-2.0.54-13.3.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mpm-peruser-2.0.54-13.3.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mpm-prefork-2.0.54-13.3.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mpm-worker-2.0.54-13.3.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-source-2.0.54-13.3.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/SRPMS/apache-2.0.54-13.3.20060mdk.src.rpm Debian Debian Linux 3.1 Source http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2.dsc http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2.diff.gz http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33.orig.tar.gz Architecture independent http://security.debian.org/pool/updates/main/a/apache/apache-dev_1.3.33-6sarge2_all.deb http://security.debian.org/pool/updates/main/a/apache/apache-doc_1.3.33-6sarge2_all.deb http://security.debian.org/pool/updates/main/a/apache/apache-utils_1.3.33-6sarge2_all.deb Alpha http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_alpha.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_alpha.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_alpha.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_alpha.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_alpha.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_alpha.deb AMD64 http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_amd64.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_amd64.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_amd64.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_amd64.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_amd64.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_amd64.deb ARM http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_arm.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_arm.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_arm.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_arm.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_arm.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_arm.deb Intel IA-32 http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_i386.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_i386.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_i386.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_i386.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_i386.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_i386.deb Intel IA-64 http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_ia64.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_ia64.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_ia64.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_ia64.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_ia64.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_ia64.deb HP Precision http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_hppa.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_hppa.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_hppa.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_hppa.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_hppa.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_hppa.deb Motorola 680x0 http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_m68k.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_m68k.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_m68k.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_m68k.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_m68k.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_m68k.deb Big endian MIPS http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_mips.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_mips.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_mips.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_mips.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_mips.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_mips.deb Little endian MIPS http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_mipsel.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_mipsel.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_mipsel.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_mipsel.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_mipsel.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_mipsel.deb PowerPC http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_powerpc.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_powerpc.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_powerpc.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_powerpc.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_powerpc.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_powerpc.deb IBM S/390 http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_s390.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_s390.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_s390.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_s390.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_s390.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_s390.deb Sun Sparc http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge2_sparc.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge2_sparc.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge2_sparc.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge2_sparc.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge2_sparc.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge2_sparc.deb Debian Debian Linux 3.1 Source http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1.dsc http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1.diff.gz http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54.orig.tar.gz Architecture independent http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.0.54-5sarge1_all.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-threadpool_2.0.54-5sarge1_all.deb Alpha http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_alpha.deb AMD64 http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_amd64.deb ARM http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_arm.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_arm.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_arm.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_arm.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_arm.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_arm.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_arm.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_arm.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_arm.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_arm.deb Intel IA-32 http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_i386.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_i386.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_i386.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_i386.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_i386.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_i386.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_i386.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_i386.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_i386.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_i386.deb Intel IA-64 http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_ia64.deb HP Precision http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_hppa.deb Motorola 680x0 http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_m68k.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_m68k.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_m68k.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_m68k.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_m68k.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_m68k.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_m68k.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_m68k.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_m68k.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_m68k.deb Big endian MIPS http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_mips.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_mips.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_mips.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_mips.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_mips.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_mips.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_mips.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_mips.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_mips.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_mips.deb Little endian MIPS http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_mipsel.deb PowerPC http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_powerpc.deb IBM S/390 http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_s390.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_s390.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_s390.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_s390.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_s390.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_s390.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_s390.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_s390.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_s390.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_s390.deb Sun Sparc http://security.debian.org/pool/updates/main/a/apache2/apache2_2.0.54-5sarge1_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-common_2.0.54-5sarge1_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.0.54-5sarge1_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.0.54-5sarge1_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.0.54-5sarge1_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.0.54-5sarge1_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.0.54-5sarge1_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.0.54-5sarge1_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0_2.0.54-5sarge1_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/libapr0-dev_2.0.54-5sarge1_sparc.deb SGI SGI / SGI_Apache ftp://patches.sgi.com/support/free/security/patches/6.5.29/sgi_apache.tardist Hewlett-Packard HP-UX B.11.00, B.11.11, HP-UX B.11.23 / Apache-based Web Server v.2.0.58.00 http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Hewlett-Packard (HPSBMA02328) HP OpenView Network Node Manager 7.51 / HP-UX (IA) / PHSS_36386 HP OpenView Network Node Manager 7.51 / HP-UX (PA) / PHSS_36385 HP OpenView Network Node Manager 7.51 / Solaris / PSOV_03479 HP OpenView Network Node Manager 7.51 / Linux RedHatAS2.1 / LXOV_00052 HP OpenView Network Node Manager 7.01 / HP-UX (PA) / PHSS_36773 HP OpenView Network Node Manager 7.01 / Solaris / PSOV_03480 HP OpenView Network Node Manager 6.41 / HP-UX (PA) / PHSS_37141 HP OpenView Network Node Manager 6.41 / Solaris / PSOV_03489 Sun (102662) Solaris 10 / SPARC / patch 120543-06 Solaris 10 / x86 / patch 120544-06 http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage Sun (102663) Solaris 8 / SPARC / patch 116973-05 Solaris 8 / x86 / patch 116974-05 Solaris 9 / SPARC / patch 113146-08 Solaris 9 / x86 / patch 114145-07 Solaris 10 / SPARC / patch 122911-02 Solaris 10 / x86 / patch 122912-02 http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage |
|
Standar resources |
|
| Property | Value |
| CVE | CVE-2006-3747 |
| BID | 19204 |
Other resources |
|
|
Apache httpd 1.3.37 http://httpd.apache.org/security/vulnerabilities_13.html Apache httpd 2.0.59 http://httpd.apache.org/security/vulnerabilities_20.html Apache httpd 2.2.3 http://httpd.apache.org/security/vulnerabilities_22.html SGI Security Advisory (20060702-01-I) ftp://patches.sgi.com/support/free/security/advisories/20060702-01-I.asc SGI Security Advisory (20060702-02-P) ftp://patches.sgi.com/support/free/security/advisories/20060702-02-P.asc OpenBSD Security Advisory July 30, 2006 http://www.openbsd.org/security.html SUSE Security Advisory (SUSE-SA:2006:043) http://www.novell.com/linux/security/advisories/2006_43_apache.html Mandriva Security Advisory (MDKSA-2006:133) http://www.mandriva.com/security/advisories?name=MDKSA-2006:133 Debian Security Advisory (DSA 1131-1) http://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00219.html Debian Security Advisory (DSA 1132-1) http://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00220.html HP SECURITY BULLETIN (HPSBUX02145) http://www5.itrc.hp.com/service/cki/docDisplay.do?docId=c00760969 HP SECURITY BULLETIN (HPSBMA02328) https://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01428449-2 Sun Alert Notification (102662) http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1 Sun Alert Notification (102663) http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1 |
|
Version history |
||
| Version | Comments | Date |
| 1.0 | Aviso emitido | 2006-07-28 |
| 1.1 | Aviso emitido por Mandriva (MDKSA-2006:133). Aviso emitido por Suse (SUSE-SA:2006:043). Aviso emitido por OpenBSD (July 30, 2006). Aviso emitido por SGI (20060702-01-I) | 2006-07-31 |
| 1.2 | Avisos emitidos por Debian (DSA 1131-1, DSA 1132-1) | 2006-08-02 |
| 1.3 | Aviso actualizado por SGI (20060702-02-P) | 2006-08-11 |
| 1.4 | Aviso emitido por HP (HPSBUX02145) | 2006-09-01 |
| 1.5 | Aviso emitido por Sun (102662,102663) | 2006-10-17 |
| 1.6 | Aviso actualizado por Sun (102663) | 2006-12-05 |
| 1.7 | Aviso emitido por HP (HPSBMA02328) | 2008-04-22 |