Boletines de Vulnerabilidades

int(1085)

Boletines de Vulnerabilidades

Vulnerabilidad en el módulo mod_ssl en Apache 2.0.x
Clasificación de la vulnerabilidad
Propiedad	Valor
Nivel de Confianza	Oficial
Impacto	Aumento de la visibilidad
Dificultad	Principiante
Requerimientos del atacante	Acceso remoto sin cuenta a un servicio estandar
Información sobre el sistema
Propiedad	Valor
Fabricante afectado	GNU/Linux
Software afectado	Apache httpd <=2.0.52
Descripción
Se ha descubierto una vulnerabilidad en la versión 2.0.52 y anteriores de la rama 2.0.x de Apache. La vulnerabilidad reside en el módulo mod_ssl cuando está configurado para usar la directiva "SSLCipherSuite" en el contexto de un directorio o localización. Si una localización particular ha sido configurada para requerir un tipo de cifrado un atacante será capaz de acceder a esa localización utilizando cualquier tipo de cifrado permitido por la configuración del host virtual.
Solución
Si lo desea, aplique los mecanismos de actualización propios de su distribución, o bien baje las fuentes del software y compílelo usted mismo Actualización de software Apache httpd 2.0.53 http://httpd.apache.org/download.cgi Mandrake Linux Mandrakelinux 9.2 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/apache2-2.0.47-6.10.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/apache2-common-2.0.47-6.10.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/apache2-devel-2.0.47-6.10.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/apache2-manual-2.0.47-6.10.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/apache2-mod_cache-2.0.47-6.10.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/apache2-mod_dav-2.0.47-6.10.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/apache2-mod_deflate-2.0.47-6.10.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/apache2-mod_disk_cache-2.0.47-6.10.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/apache2-mod_file_cache-2.0.47-6.10.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/apache2-mod_ldap-2.0.47-6.10.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/apache2-mod_mem_cache-2.0.47-6.10.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/apache2-mod_proxy-2.0.47-6.10.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/apache2-mod_ssl-2.0.47-6.10.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/apache2-modules-2.0.47-6.10.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/apache2-source-2.0.47-6.10.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libapr0-2.0.47-6.10.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/mod_ssl-2.8.15-1.3.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/SRPMS/apache2-2.0.47-6.10.92mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/SRPMS/mod_ssl-2.8.15-1.3.92mdk.src.rpm AMD64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/apache2-2.0.47-6.10.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/apache2-common-2.0.47-6.10.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/apache2-devel-2.0.47-6.10.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/apache2-manual-2.0.47-6.10.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/apache2-mod_cache-2.0.47-6.10.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/apache2-mod_dav-2.0.47-6.10.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/apache2-mod_deflate-2.0.47-6.10.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/apache2-mod_disk_cache-2.0.47-6.10.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/apache2-mod_file_cache-2.0.47-6.10.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/apache2-mod_ldap-2.0.47-6.10.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/apache2-mod_mem_cache-2.0.47-6.10.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/apache2-mod_proxy-2.0.47-6.10.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/apache2-mod_ssl-2.0.47-6.10.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/apache2-modules-2.0.47-6.10.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/apache2-source-2.0.47-6.10.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64apr0-2.0.47-6.10.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/mod_ssl-2.8.15-1.3.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/SRPMS/apache2-2.0.47-6.10.92mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/SRPMS/mod_ssl-2.8.15-1.3.92mdk.src.rpm Mandrakelinux 10.0 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/apache2-2.0.48-6.7.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/apache2-common-2.0.48-6.7.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/apache2-devel-2.0.48-6.7.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/apache2-manual-2.0.48-6.7.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/apache2-mod_cache-2.0.48-6.7.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/apache2-mod_dav-2.0.48-6.7.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/apache2-mod_deflate-2.0.48-6.7.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/apache2-mod_disk_cache-2.0.48-6.7.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/apache2-mod_file_cache-2.0.48-6.7.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/apache2-mod_ldap-2.0.48-6.7.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/apache2-mod_mem_cache-2.0.48-6.7.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/apache2-mod_proxy-2.0.48-6.7.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/apache2-mod_ssl-2.0.48-6.7.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/apache2-modules-2.0.48-6.7.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/apache2-source-2.0.48-6.7.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libapr0-2.0.48-6.7.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/mod_ssl-2.8.16-1.3.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/SRPMS/apache2-2.0.48-6.7.100mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/SRPMS/mod_ssl-2.8.16-1.3.100mdk.src.rpm AMD64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/apache2-2.0.48-6.7.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/apache2-common-2.0.48-6.7.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/apache2-devel-2.0.48-6.7.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/apache2-manual-2.0.48-6.7.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/apache2-mod_cache-2.0.48-6.7.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/apache2-mod_dav-2.0.48-6.7.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/apache2-mod_deflate-2.0.48-6.7.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/apache2-mod_disk_cache-2.0.48-6.7.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/apache2-mod_file_cache-2.0.48-6.7.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/apache2-mod_ldap-2.0.48-6.7.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/apache2-mod_mem_cache-2.0.48-6.7.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/apache2-mod_proxy-2.0.48-6.7.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/apache2-mod_ssl-2.0.48-6.7.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/apache2-modules-2.0.48-6.7.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/apache2-source-2.0.48-6.7.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64apr0-2.0.48-6.7.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/mod_ssl-2.8.16-1.3.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/SRPMS/apache2-2.0.48-6.7.100mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/SRPMS/mod_ssl-2.8.16-1.3.100mdk.src.rpm Mandrakelinux 10.1 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-2.0.50-7.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-common-2.0.50-7.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-devel-2.0.50-7.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-manual-2.0.50-7.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-mod_cache-2.0.50-7.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-mod_dav-2.0.50-7.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-mod_deflate-2.0.50-7.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-mod_disk_cache-2.0.50-7.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-mod_file_cache-2.0.50-7.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-mod_ldap-2.0.50-7.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-mod_mem_cache-2.0.50-7.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-mod_proxy-2.0.50-7.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-mod_ssl-2.0.50-4.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-modules-2.0.50-7.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-source-2.0.50-7.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-worker-2.0.50-7.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/mod_ssl-2.8.19-1.1.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/SRPMS/apache2-2.0.50-7.1.101mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/SRPMS/apache2-mod_ssl-2.0.50-4.1.101mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/SRPMS/mod_ssl-2.8.19-1.1.101mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-2.0.50-7.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-common-2.0.50-7.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-devel-2.0.50-7.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-manual-2.0.50-7.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-mod_cache-2.0.50-7.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-mod_dav-2.0.50-7.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-mod_deflate-2.0.50-7.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-mod_disk_cache-2.0.50-7.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-mod_file_cache-2.0.50-7.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-mod_ldap-2.0.50-7.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-mod_mem_cache-2.0.50-7.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-mod_proxy-2.0.50-7.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-mod_ssl-2.0.50-4.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-modules-2.0.50-7.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-source-2.0.50-7.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-worker-2.0.50-7.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/mod_ssl-2.8.19-1.1.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/SRPMS/apache2-2.0.50-7.1.101mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/SRPMS/apache2-mod_ssl-2.0.50-4.1.101mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/SRPMS/mod_ssl-2.8.19-1.1.101mdk.src.rpm Mandrake Multi Network Firewall 8.2 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf8.2/RPMS/mod_ssl-2.8.7-3.5.M82mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf8.2/SRPMS/mod_ssl-2.8.7-3.5.M82mdk.src.rpm Mandrake Corporate Server 2.1 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/mod_ssl-2.8.10-5.5.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/SRPMS/mod_ssl-2.8.10-5.5.C21mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/mod_ssl-2.8.10-5.5.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/SRPMS/mod_ssl-2.8.10-5.5.C21mdk.src.rpm Red Hat Linux Red Hat Desktop (v. 3) - AMD64: httpd-2.0.46-44.ent.x86_64.rpm httpd-devel-2.0.46-44.ent.x86_64.rpm mod_ssl-2.0.46-44.ent.x86_64.rpm Red Hat Desktop (v. 3) - SRPMS: httpd-2.0.46-44.ent.src.rpm Red Hat Desktop (v. 3) - i386: httpd-2.0.46-44.ent.i386.rpm httpd-devel-2.0.46-44.ent.i386.rpm mod_ssl-2.0.46-44.ent.i386.rpm Red Hat Enterprise Linux AS (v. 3) - AMD64: httpd-2.0.46-44.ent.x86_64.rpm httpd-devel-2.0.46-44.ent.x86_64.rpm mod_ssl-2.0.46-44.ent.x86_64.rpm Red Hat Enterprise Linux AS (v. 3) - SRPMS: httpd-2.0.46-44.ent.src.rpm Red Hat Enterprise Linux AS (v. 3) - i386: httpd-2.0.46-44.ent.i386.rpm httpd-devel-2.0.46-44.ent.i386.rpm mod_ssl-2.0.46-44.ent.i386.rpm Red Hat Enterprise Linux AS (v. 3) - ia64: httpd-2.0.46-44.ent.ia64.rpm httpd-devel-2.0.46-44.ent.ia64.rpm mod_ssl-2.0.46-44.ent.ia64.rpm Red Hat Enterprise Linux AS (v. 3) - ppc: httpd-2.0.46-44.ent.ppc.rpm httpd-devel-2.0.46-44.ent.ppc.rpm mod_ssl-2.0.46-44.ent.ppc.rpm Red Hat Enterprise Linux AS (v. 3) - s390: httpd-2.0.46-44.ent.s390.rpm httpd-devel-2.0.46-44.ent.s390.rpm mod_ssl-2.0.46-44.ent.s390.rpm Red Hat Enterprise Linux AS (v. 3) - s390x: httpd-2.0.46-44.ent.s390x.rpm httpd-devel-2.0.46-44.ent.s390x.rpm mod_ssl-2.0.46-44.ent.s390x.rpm Red Hat Enterprise Linux ES (v. 3) - AMD64: httpd-2.0.46-44.ent.x86_64.rpm httpd-devel-2.0.46-44.ent.x86_64.rpm mod_ssl-2.0.46-44.ent.x86_64.rpm Red Hat Enterprise Linux ES (v. 3) - SRPMS: httpd-2.0.46-44.ent.src.rpm Red Hat Enterprise Linux ES (v. 3) - i386: httpd-2.0.46-44.ent.i386.rpm httpd-devel-2.0.46-44.ent.i386.rpm mod_ssl-2.0.46-44.ent.i386.rpm Red Hat Enterprise Linux ES (v. 3) - ia64: httpd-2.0.46-44.ent.ia64.rpm httpd-devel-2.0.46-44.ent.ia64.rpm mod_ssl-2.0.46-44.ent.ia64.rpm Red Hat Enterprise Linux WS (v. 3) - AMD64: httpd-2.0.46-44.ent.x86_64.rpm httpd-devel-2.0.46-44.ent.x86_64.rpm mod_ssl-2.0.46-44.ent.x86_64.rpm Red Hat Enterprise Linux WS (v. 3) - SRPMS: httpd-2.0.46-44.ent.src.rpm Red Hat Enterprise Linux WS (v. 3) - i386: httpd-2.0.46-44.ent.i386.rpm httpd-devel-2.0.46-44.ent.i386.rpm mod_ssl-2.0.46-44.ent.i386.rpm Red Hat Enterprise Linux WS (v. 3) - ia64: httpd-2.0.46-44.ent.ia64.rpm httpd-devel-2.0.46-44.ent.ia64.rpm mod_ssl-2.0.46-44.ent.ia64.rpm Nuevos parches de Red Hat Linux (RHSA-2004:600-12) Red Hat Enterprise Linux AS (v. 2.1) & SRPMS: apache-1.3.27-9.ent.src.rpm mod_ssl-2.8.12-7.src.rpm Red Hat Enterprise Linux AS (v. 2.1) & IA-32: apache-1.3.27-9.ent.i386.rpm apache-devel-1.3.27-9.ent.i386.rpm apache-manual-1.3.27-9.ent.i386.rpm mod_ssl-2.8.12-7.i386.rpm Red Hat Enterprise Linux AS (v. 2.1) & IA-64: apache-1.3.27-9.ent.ia64.rpm apache-devel-1.3.27-9.ent.ia64.rpm apache-manual-1.3.27-9.ent.ia64.rpm mod_ssl-2.8.12-7.ia64.rpm Red Hat Enterprise Linux ES (v. 2.1) & SRPMS: apache-1.3.27-9.ent.src.rpm mod_ssl-2.8.12-7.src.rpm Red Hat Enterprise Linux ES (v. 2.1) & IA-32: apache-1.3.27-9.ent.i386.rpm apache-devel-1.3.27-9.ent.i386.rpm apache-manual-1.3.27-9.ent.i386.rpm mod_ssl-2.8.12-7.i386.rpm Red Hat Enterprise Linux WS (v. 2.1) & SRPMS: apache-1.3.27-9.ent.src.rpm mod_ssl-2.8.12-7.src.rpm Red Hat Enterprise Linux WS (v. 2.1) & IA-32: apache-1.3.27-9.ent.i386.rpm apache-devel-1.3.27-9.ent.i386.rpm apache-manual-1.3.27-9.ent.i386.rpm mod_ssl-2.8.12-7.i386.rpm Red Hat Linux Advanced Workstation 2.1 & Itanium Processor & SRPMS: apache-1.3.27-9.ent.src.rpm mod_ssl-2.8.12-7.src.rpm Red Hat Linux Advanced Workstation 2.1 & Itanium Processor & IA-64: apache-1.3.27-9.ent.ia64.rpm apache-devel-1.3.27-9.ent.ia64.rpm apache-manual-1.3.27-9.ent.ia64.rpm mod_ssl-2.8.12-7.ia64.rpm https://rhn.redhat.com/ Suse Linux Actualice los paquetes mediante YaST Online Update o descargándolos desde un sitio FTP de Suse. HP-UX HP-UX B.11.00 Instalar hpuxwsAPACHE A.2.0.53.00 HP-UX B.11.11 Instalar hpuxwsAPACHE A.2.0.53.00 HP-UX B.11.22 Migrar a HP-UX B.11.23 HP-UX B.11.23 Instalar hpuxwsAPACHE B.2.0.53.00 HP-UX B.11.04 / Virtualvault A.04.70 (Apache 2.x) Instalar PHSS_33075 Sun (102198) Solaris 10 / SPARC / patch 120543-02 Solaris 10 / x86 / patch 120544-02 http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage
Identificadores estándar
Propiedad	Valor
CVE	CAN-2004-0885
BID
Recursos adicionales
Overview of security vulnerabilities in Apache httpd 2.0 http://www.apacheweek.com/features/security-20 Mandrakesoft Security Advisories MDKSA-2004:122 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:122 Red Hat Security Advisory RHSA-2004:562-11 https://rhn.redhat.com/errata/RHSA-2004-562.html SUSE Security Summary Report (SUSE-SR:2004:001) http://www.suse.de/de/security/2004_01_sr.html Red Hat Linux Security Advisory RHSA-2004:600-12 https://rhn.redhat.com/errata/RHSA-2004-600.html HP SECURITY BULLETIN HPSBUX01123 http://www8.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01123 Sun Alert Notification (102198) http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1

Histórico de versiones
Versión	Comentario	Fecha
1.0	Aviso emitido	2004-10-13
1.1	Aviso emitido por Mandrake (MDKSA-2004:122)	2004-11-02
1.2	Aviso emitido por Red Hat RHSA-2004:562-11	2004-11-15
1.3	Aviso emitido por Suse Linux (SUSE-SR:2004:001)	2004-11-24
1.4	Nuevos parches emitidos por Red Hat Linux (RHSA-2004:600-12)	2004-12-14
1.5	Publicado Apache httpd 2.0.53	2005-02-28
1.6	Aviso emitido por HP (HPSBUX01123)	2005-03-23
1.7	Aviso actualizado por HP (HPSBUX01123)	2005-08-01
1.8	Aviso emitido por Sun (102198)	2006-03-03
1.9	Aviso actualizado por Sun (102198)	2006-04-13
1.10	Aviso actualizado por Sun (102198)	2006-09-12

Boletines de Vulnerabilidades

Vulnerabilidad en el módulo mod_ssl en Apache 2.0.x

Clasificación de la vulnerabilidad

Información sobre el sistema

Descripción

Solución

Identificadores estándar

Recursos adicionales

Histórico de versiones