Boletines de Vulnerabilidades |
Ataque de hombre en el medio en Apache 2 |
|
Clasificación de la vulnerabilidad |
|
Propiedad | Valor |
Nivel de Confianza | Oficial |
Impacto | Aumento de privilegios |
Dificultad | Experto |
Requerimientos del atacante | Acceso remoto con cuenta |
Información sobre el sistema |
|
Propiedad | Valor |
Fabricante afectado | GNU/Linux |
Software afectado |
Apache 2 Cisco IOS OpenSSL HP System Management Homepage Microsoft Windows XP SP3 Microsoft Windows Server 2003 SP2 Microsoft Windows Vista SP1 y SP2 Microsoft Windows Server 2008 SP2 y R2 Microsoft Windows 7 |
Descripción |
|
CVE-2009-3555: Se ha descubierto una vulnerabilidad en el protocolo SSL y TLS en Apache 2 HTTP. Un atacante remoto podría realizar ataques de hombre en el medio mediante ataques de inyección de texto plano. |
|
Solución |
|
Actualización de software Red Hat (RHSA-2009:1579-1) RHEL Desktop Workstation (v. 5 cliente) Red Hat Desktop (v. 3) Red Hat Enterprise Linux (v. 5 servidor) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux Desktop (v. 5 cliente) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux EUS (v. 5.4.z servidor) Red Hat Enterprise Linux WS (v. 3) https://rhn.redhat.com/ Red Hat (RHSA-2009:1580-1) Red Hat Desktop (v. 4) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux AS (v. 4.8.z) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux ES (v. 4.8.z) Red Hat Enterprise Linux WS (v. 4) https://rhn.redhat.com/ Cisco descargar actualizaciones en http://www.cisco.com/public/sw-center/sw-usingswc.shtml Sun (273029) Solaris 10 SPARC / IDR141981-01 Solaris 10 x86 / IDR141982-01 Debian (DSA-1934-1) Debian Linux 4.0 Source http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.dsc http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3.orig.tar.gz http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.diff.gz Arquitectura independiente: http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.3-4+etch11_all.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.3-4+etch11_all.deb http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11_all.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.2.3-4+etch11_all.deb alpha (DEC Alpha) http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_alpha.deb http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_alpha.deb amd64 (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_amd64.deb http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_amd64.deb arm (ARM) http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_arm.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_arm.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_arm.deb http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_arm.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_arm.deb http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_arm.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_arm.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_arm.deb hppa (HP PA RISC) http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_hppa.deb http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_hppa.deb i386 (Intel ia32) http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_i386.deb http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_i386.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_i386.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_i386.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_i386.deb http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_i386.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_i386.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_i386.deb ia64 (Intel ia64) http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_ia64.deb http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_ia64.deb mips (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mips.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mips.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mips.deb http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mips.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mips.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mips.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mips.deb http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mips.deb mipsel (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mipsel.deb powerpc (PowerPC) http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_powerpc.deb s390 (IBM S/390) http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_s390.deb http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_s390.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_s390.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_s390.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_s390.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_s390.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_s390.deb http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_s390.deb sparc (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_sparc.deb http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_sparc.deb Debian (DSA-1934-1) Debian Linux 5.0 Source http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9.orig.tar.gz http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.dsc http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.diff.gz Arquitectura independiente: http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.9-10+lenny6_all.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.9-10+lenny6_all.deb http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6_all.deb alpha (DEC Alpha) http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_alpha.deb http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_alpha.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_alpha.deb amd64 (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_amd64.deb http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_amd64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_amd64.deb arm (ARM) http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_arm.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_arm.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_arm.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_arm.deb http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_arm.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_arm.deb http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_arm.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_arm.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_arm.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_arm.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_arm.deb armel (ARM EABI) http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_armel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_armel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_armel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_armel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_armel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_armel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_armel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_armel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_armel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_armel.deb hppa (HP PA RISC) http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_hppa.deb http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_hppa.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_hppa.deb i386 (Intel ia32) http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_i386.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_i386.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_i386.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_i386.deb http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_i386.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_i386.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_i386.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_i386.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_i386.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_i386.deb http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_i386.deb ia64 (Intel ia64) http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_ia64.deb http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_ia64.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_ia64.deb mips (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mips.deb http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mips.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mips.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mips.deb http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mips.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mips.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mips.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mips.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mips.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mips.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mips.deb mipsel (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mipsel.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mipsel.deb powerpc (PowerPC) http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_powerpc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_powerpc.deb s390 (IBM S/390) http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_s390.deb http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_s390.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_s390.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_s390.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_s390.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_s390.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_s390.deb http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_s390.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_s390.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_s390.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_s390.deb sparc (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_sparc.deb http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_sparc.deb http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_sparc.deb Suse Linux Las actualizaciones pueden descargarse mediante YAST o del servidor FTP oficial de Suse Linux. Sun (273350) Solaris 8 / SPARC / patch 119209-22 o posterior Solaris 9 / SPARC / patch 119211-22 o posterior Solaris 10 / SPARC / patch 119213-21 o posterior Solaris 9 / x86 / patch 119212-22 o posterior Solaris 10 / x86 / patch 119214-21 o posterior OpenSolaris / upon builds snv_130 o posterior Sun Java Enterprise System 2005Q4 y Sun Java Enterprise System 5 (for RHEL2.1 y RHEL3.0) / patch 142506-03 Sun Java Enterprise System 5 (for RHEL4.0 y RHEL5.0) / patch 121656-21 Sun Java Enterprise System 2005Q4 y Sun Java Enterprise System 5 / patch 124379-12 Sun Java Enterprise System 2005Q4 / patch 124392-11 Sun Java Enterprise System 5 / patch 125923-10 http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage Hewlett-Packard (HPSBUX02482) B.11.11 PA (32 and 64) / OpenSSL Depot A.00.09.08l.001 B.11.23 (PA and IA) / OpenSSL Depot A.00.09.08l.002 B.11.31 (PA and IA) / OpenSSL Depot A.00.09.08l.003 Red Hat (RHSA-2010:0011-1) JBoss Enterprise Web Server EL4 JBoss Enterprise Web Server EL5 https://rhn.redhat.com/ IBM Openssl.0.9.8.1102 https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=aixbp Sun (274990) Sun Java System Web Server 6.1 Sun Java System Web Server 7.0 Sun Java System Web Proxy Server 4.0 Sun Java System Application Server Enterprise Edition 8.2 Sun GlassFish Enterprise Server v2.1 http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage Hewlett-Packard (HPSBMA02534) HP System Management Homepage for Windows v6.1.0.102 (o posterior) http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?swItem=MTX-1b189d95582249b58d9ca94c45 HP System Management Homepage for Linux (x86) v6.1.0-103 (o posterior) http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?swItem=MTX-4311cc1b61fd42a4874b13d714 HP System Management Homepage for Linux (AMD64/EM64T) v6.1.0-103 (o posterior) http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?swItem=MTX-6a3f2fa832db4ddf9b3398f04c Hewlett-Packard (HPSBUX02524) HP-UX B.11.31 / HP-UX B.11.23 / HP-UX B.11.11 JDK and JRE v6.0.07 o posterior JDK and JRE v5.0.20 o posterior SDK and JRE v1.4.2.25 o posterior http://www.hp.com/go/java Suse Linux Las actualizaciones pueden descargarse mediante YAST o del servidor FTP oficial de Suse Linux. Microsoft (MS10-049) Windows XP SP3 / patch WindowsXP-KB980436-x86-ENU Windows XP Professional x64 SP2 / patch WindowsServer2003.WindowsXP-KB980436-x64-ENU Windows Server 2003 SP2 / patch WindowsServer2003-KB980436-x86-ENU Windows Server 2003 x64 SP2 / patch WindowsServer2003.WindowsXP-KB980436-x64-ENU Windows Server 2003 SP2 Itanium-based / patch WindowsServer2003-KB980436-ia64-ENU Windows Vista SP1 y Windows Vista SP2 / patch Windows6.0-KB980436-x86 Windows Vista x64 SP1 y Windows Vista x64 SP2 / patch Windows6.0-KB980436-x64 Windows Server 2008 32-bit y Windows Server 2008 32-bit SP2 / patch Windows6.0-KB980436-x86 Windows Server 2008 x64-based y Windows Server 2008 x64-based SP2 / patch Windows6.0-KB980436-x64 Windows Server 2008 Itanium-based y Windows Server 2008 Itanium-based SP2 / patch Windows6.0-KB980436-ia64 Windows 7 32-bit / patch Windows6.1-KB980436-x86 Windows 7 x64-based / patch Windows6.1-KB980436-x64 Windows Server 2008 R2 x64-based / patch Windows6.1-KB980436-x64 Windows Server 2008 R2 Itanium-based / patch Windows6.1-KB980436-ia64 http://www.microsoft.com/downloads Hewlett-Packard (HPSBGN02562) HP ProCurve Threat Management Services (TMS) ST.1.1.100430 o posterior http://www.procurve.com/customercare/support/software/network-security.htm Red Hat (RHSA-2010:0786-01) RHEL Desktop Supplementary (v. 5 cliente) RHEL Supplementary (v. 5 servidor) Red Hat Desktop v3 Red Hat Desktop v4 Red Hat Enterprise Linux AS v3 Red Hat Enterprise Linux AS v4 Red Hat Enterprise Linux ES v3 Red Hat Enterprise Linux ES v4 Red Hat Enterprise Linux WS v3 Red Hat Enterprise Linux WS v4 https://rhn.redhat.com/ Red Hat (RHSA-2010:0807-01) Red Hat Desktop (v. 4) Red Hat Enterprise Linux AS v4 Red Hat Desktop v4 Red Hat Enterprise Linux ES v4 Red Hat Enterprise Linux WS v4 RHEL Desktop Supplementary v5 cliente RHEL Desktop Supplementary v5 servidor https://rhn.redhat.com/ Red Hat (RHSA-2010:0987-01) RHEL Desktop Supplementary (v. 5 cliente) RHEL Supplementary (v. 5 servidor) Red Hat Desktop version 4 Extras Red Hat Enterprise Linux AS version 4 Extras Red Hat Enterprise Linux Desktop Supplementary (v. 6) Red Hat Enterprise Linux ES version 4 Extras Red Hat Enterprise Linux HPC Node Supplementary (v. 6) Red Hat Enterprise Linux Server Supplementary (v. 6) Red Hat Enterprise Linux WS version 4 Extras Red Hat Enterprise Linux Workstation Supplementary (v. 6) https://rhn.redhat.com/ |
|
Identificadores estándar |
|
Propiedad | Valor |
CVE | CVE-2009-3555 |
BID | 36935 |
Recursos adicionales |
|
Red Hat Security Advisory (RHSA-2009:1579-1) https://rhn.redhat.com/errata/RHSA-2009-1579.html Red Hat Security Advisory (RHSA-2009:1580-1) https://rhn.redhat.com/errata/RHSA-2009-1580.html Cisco Security Advisory (cisco-sa-20091109-tls) http://www.cisco.com/warp/public/707/cisco-sa-20091109-tls.shtml Sun Alert Notification (273029) http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1 Debian Security Advisory (DSA-1934-1) http://lists.debian.org/debian-security-announce/2009/msg00257.html SUSE Security Advisory (SUSE-SA:2009:057) http://www.novell.com/linux/security/advisories/2009_57_openssl.html Sun Alert Notification (273350) http://sunsolve.sun.com/search/document.do?assetkey=1-66-273350-1 HP SECURITY BULLETIN (HPSBUX02482) https://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01945686 Red Hat Security Advisory (RHSA-2010:0011-1) https://rhn.redhat.com/errata/RHSA-2010-0011.html IBM Security Advisory http://aix.software.ibm.com/aix/efixes/security/ssl_advisory.asc Sun Alert Notification (274990) http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1 SUSE Security Advisory (SUSE-SA:2010:020) http://www.novell.com/linux/security/advisories/2010_20_ssl.html HP SECURITY BULLETIN (HPSBMA02534) https://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02171256 HP SECURITY BULLETIN (HPSBMA02524) https://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02122104 SUSE Security Advisory (SUSE-SA:2010:028) http://www.novell.com/linux/security/advisories/2010_28_ibmjava.html Microsoft Security Bulletin (MS10-049) http://www.microsoft.com/technet/security/bulletin/MS10-049.mspx HP SECURITY BULLETIN (HPSBGN02562) https://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02436041 Red Hat Security Advisory (RHSA-2010:0786-01) https://rhn.redhat.com/errata/RHSA-2010-0786.html Red Hat Security Advisory (RHSA-2010:0807-01) https://rhn.redhat.com/errata/RHSA-2010-0807.html Red Hat Security Advisory (RHSA-2010:0987-1) https://rhn.redhat.com/errata/RHSA-2010-0987.html |
Histórico de versiones |
||
Versión | Comentario | Fecha |
1.0 | Aviso emitido | 2009-11-12 |
1.1 | Aviso emitido por Cisco (cisco-sa-20091109-tls) | 2009-11-16 |
1.2 | Aviso emitido por Sun (273029) | 2009-11-23 |
1.3 | Aviso emitido por Debian (DSA-1934-1) | 2009-11-24 |
1.4 | Aviso emitido por Suse (SUSE-SA:2009:057) | 2009-11-26 |
1.5 | Aviso emitido por Sun (273350) | 2009-12-19 |
1.6 | Aviso emitido por HP (HPSBUX02482) | 2010-01-04 |
1.7 | Aviso emitido por Red Hat (RHSA-2010:0011-1) | 2010-01-12 |
1.8 | Aviso emitido por IBM | 2010-01-26 |
1.9 | Aviso emitido por Sun (274990) | 2010-01-28 |
1.10 | Aviso emitido por Suse (SUSE-SA:2010:020) | 2010-02-25 |
1.11 | Aviso emitido por Red Hat (RHSA-2010:0155-1) | 2010-03-23 |
1.12 | Aviso emitido por Red Hat (RHSA-2010:0162-1), aviso emitido por Red Hat (RHSA-2010:0163-1), aviso emitido por Red Hat (RHSA-2010:0164-1), aviso emitido por Red Hat (RHSA-2010:0165-1), aviso emitido por Red Hat (RHSA-2010:0166-1) | 2010-03-31 |
1.13 | Aviso emitido por Mozilla (2010-22) | 2010-04-06 |
1.14 | Aviso emitido por Red Hat (RHSA-2010:0167-1) | 2010-04-08 |
1.15 | Aviso emitido por HP (HPSBMA02534 ) | 2010-05-19 |
1.16 | Aviso emitido por HP HPSBUX02524) | 2010-06-02 |
1.17 | Aviso emitido por Suse (SUSE-SA:2010:028) | 2010-07-26 |
1.18 | Aviso emitido por Microsoft (MS10-049) | 2010-08-12 |
1.19 | Aviso emitido por HP (HPSBGN02562) | 2010-08-24 |
1.20 | Advisory emitido por Red Hat (RHSA-2010:0155-1) | 2010-10-26 |
1.21 | Aviso actualizado por Red Hat (RHSA-2010:0807-01) | 2010-10-29 |
1.22 | Aviso actualizado por Red Hat (RHSA-2010:0987-1) | 2010-12-20 |