Vulnerability Bulletins |
Múltiples vulnerabilidades en Apache |
|
Vulnerability classification |
|
Property | Value |
Confidence level | Oficial |
Impact | Integridad |
Dificulty | Experto |
Required attacker level | Acceso remoto sin cuenta a un servicio estandar |
System information |
|
Property | Value |
Affected manufacturer | GNU/Linux |
Affected software |
Apache 1.3.x = 1.3.2-1.3.4, 1.3.6, 1.3.9, 1.3.11, 1.3.12, 1.3.14, 1.3.17, 1.3.19, 1.3.20, 1.3.22, 1.3.24, 1.3.26-1.3.29, 1.3.31-1.3.37, 1.3.39 Apache 2.0.x = 2.0.35-2.0.37, 2.0.39, 2.0.40, 2.0.42-2.0.55, 2.0.58, 2.0.59, 2.0.61 Apache 2.2.x = 2.2.0, 2.2.2-2.2.6 Sun Solaris 8 Sun Solaris 9 Sun Solaris 10 |
Description |
|
Se han encontrado múltiples vulnerabilidades en Apache. Las vulnerabilidades son descritas a continuación: - CVE-2007-6388: Se ha encontrado una vulnerabilidad de tipo cross-site scripting en Apache en las versiones 1.3.x, 2.0.x y 2.2.x. La vulnerabilidad reside en un error cuando el módulo mod_status está activado y las páginas "status" son públicamente accesibles. Un atacante remoto podría inyectar código script de forma arbitraria. - CVE-2007-6421: Se ha encontrado una vulnerabilidad de tipo cross-site scripting en Apache en las versiones 2.2.x. La vulnerabilidad reside en un error en el módulo mod_proxy_balancer. Un atacante remoto podría inyectar código script de forma arbitraria. - CVE-2007-6422: Se ha encontrado una vulnerabilidad en Apache en las versiones 2.2.x. La vulnerabilidad reside en un error en el módulo mod_proxy_balancer cuando se utiliza un Módulo de MultiProcesamiento (MPM) en hilos. Un atacante remoto podría causar una denegación de servicio mediante una petición especialmente diseñada que provoca la terminación inesperada del proceso hijo de Apache que controla dicha petición. |
|
Solution |
|
Actualización de software Apache Apache 1.3.40-dev Apache 2.0.62-dev Apache 2.2.7-dev http://httpd.apache.org/download.cgi Red Hat (RHSA-2008:0008-6) RHEL Desktop Workstation (v. 5 cliente) Red Hat Enterprise Linux (v. 5 servidor) Red Hat Enterprise Linux Desktop (v. 5 cliente) https://rhn.redhat.com/ Mandriva (MDVSA-2008:014) Corporate Server 3.0 corporate/3.0/i586/apache-1.3.29-1.7.C30mdk.i586.rpm corporate/3.0/i586/apache-devel-1.3.29-1.7.C30mdk.i586.rpm corporate/3.0/i586/apache-modules-1.3.29-1.7.C30mdk.i586.rpm corporate/3.0/i586/apache-source-1.3.29-1.7.C30mdk.i586.rpm corporate/3.0/SRPMS/apache-1.3.29-1.7.C30mdk.src.rpm X86_64 corporate/3.0/x86_64/apache-1.3.29-1.7.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache-devel-1.3.29-1.7.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache-modules-1.3.29-1.7.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache-source-1.3.29-1.7.C30mdk.x86_64.rpm corporate/3.0/SRPMS/apache-1.3.29-1.7.C30mdk.src.rpm Mandriva (MDVSA-2008:015) Corporate Server 3.0 corporate/3.0/i586/apache2-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-common-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-devel-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-manual-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-mod_cache-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-mod_dav-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-mod_deflate-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-mod_disk_cache-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-mod_file_cache-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-mod_ldap-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-mod_mem_cache-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-mod_proxy-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-mod_ssl-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-modules-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-source-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/libapr0-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/SRPMS/apache2-2.0.48-6.17.C30mdk.src.rpm X86_64 corporate/3.0/x86_64/apache2-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-common-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-devel-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-manual-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-mod_cache-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-mod_dav-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-mod_deflate-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-mod_disk_cache-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-mod_file_cache-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-mod_ldap-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-mod_mem_cache-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-mod_proxy-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-mod_ssl-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-modules-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-source-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/lib64apr0-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/SRPMS/apache2-2.0.48-6.17.C30mdk.src.rpm Multi Network Firewall 2.0 mnf/2.0/i586/apache2-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-common-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-devel-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-manual-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-mod_cache-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-mod_dav-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-mod_deflate-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-mod_disk_cache-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-mod_file_cache-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-mod_ldap-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-mod_mem_cache-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-mod_proxy-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-mod_ssl-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-modules-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-source-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/libapr0-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/SRPMS/apache2-2.0.48-6.17.M20mdk.src.rpm Mandriva (MDVSA-2008:016) Mandriva Linux 2007 ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-base-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-devel-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-htcacheclean-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_cache-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_dav-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_dbd-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_deflate-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_file_cache-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_ldap-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_proxy-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_ssl-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_userdir-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-modules-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mpm-prefork-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mpm-worker-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-source-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/SRPMS/main/updates/apache-2.2.3-1.3mdv2007.0.src.rpm X86_64 ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-base-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-devel-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-htcacheclean-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_cache-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_dav-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_deflate-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_file_cache-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_ldap-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_proxy-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_ssl-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_userdir-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-modules-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mpm-prefork-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mpm-worker-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-source-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/SRPMS/main/updates/apache-2.2.3-1.3mdv2007.0.src.rpm Mandriva Linux 2007.1 ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-base-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-devel-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-htcacheclean-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_cache-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_dav-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_dbd-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_deflate-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_file_cache-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_ldap-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_proxy-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_ssl-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_userdir-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-modules-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mpm-event-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mpm-itk-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mpm-prefork-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mpm-worker-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-source-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/SRPMS/main/updates/apache-2.2.4-6.4mdv2007.1.src.rpm X86_64 ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-base-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-devel-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-htcacheclean-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_cache-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_dav-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/media/main/updates/apache-mod_deflate-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_file_cache-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_ldap-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_proxy-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_ssl-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_userdir-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-modules-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mpm-event-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mpm-itk-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mpm-prefork-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mpm-worker-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-source-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/SRPMS/main/updates/apache-2.2.4-6.4mdv2007.1.src.rpm Mandriva Linux 2008.0 ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-base-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-devel-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-htcacheclean-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_cache-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_dav-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_dbd-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_deflate-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_file_cache-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_ldap-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_proxy-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_ssl-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_userdir-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-modules-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mpm-event-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mpm-itk-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mpm-prefork-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mpm-worker-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-source-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/SRPMS/main/updates/apache-2.2.6-8.1mdv2008.0.src.rpm X86_64 ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-base-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-devel-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-htcacheclean-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_cache-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_dav-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_deflate-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_file_cache-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_ldap-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_proxy-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_ssl-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_userdir-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-modules-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mpm-event-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mpm-itk-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mpm-prefork-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mpm-worker-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-source-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/SRPMS/main/updates/apache-2.2.6-8.1mdv2008.0.src.rpm Corporate Server 4.0 corporate/4.0/i586/apache-base-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-devel-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-htcacheclean-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_cache-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_dav-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_dbd-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_deflate-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_ldap-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_proxy-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_ssl-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_userdir-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-modules-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mpm-worker-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-source-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm X86_64 corporate/4.0/x86_64/apache-base-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-devel-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-modules-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-source-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm Red Hat (RHSA-2008:0006-6) Red Hat Desktop (v. 4) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 4) https://rhn.redhat.com/ Red Hat (RHSA-2008:0005-4) Red Hat Desktop (v. 3) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux WS (v. 3) https://rhn.redhat.com/ Red Hat (RHSA-2008:0263-2) Red Hat Network Proxy (v. 5.0 para RHEL 4) https://rhn.redhat.com/ Red Hat (RHSA-2008:0261-4) Red Hat Network Satellite (v. 5.0 para RHEL 4) https://rhn.redhat.com/ Apache Apache 2.2.8 Apache 2.0.63 Apache 1.3.41 http://httpd.apache.org/download.cgi Hewlett-Packard B.11.11 (IPv4) / patch HPUXWSA-B218-04-1111ipv4.depot B.11.11 (IPv6) / patch HPUXWSA-B218-04-1111ipv6.depot B.11.23 (PA-32) / patch HPUXWSA-B218-04-1123-32.depot B.11.23 (IA-64) / patch HPUXWSA-B218-04-1123-64.depot B.11.31 (PA-32) / patch HPUXWSA-B218-04-1131-32.depot B.11.31 (IA-64) / patch HPUXWSA-B218-04-1131-64.depot ftp://srt80015:srt80015@hprc.external.hp.com/ Sun (233623) Solaris 8 / SPARC / patch 116973-07 Solaris 9 / SPARC / patch 113146-10 Solaris 10 / SPARC / patch 120543-11 y 122911-11 Solaris 8 / x86 / patch 116974-07 Solaris 9 / x86 / patch 114145-09 Solaris 10 / x86 / patch 120544-11 y 122912-11 Suse Linux Las actualizaciones pueden descargarse mediante YAST o del servidor FTP oficial de Suse Linux. Hewlett-Packard (HPSBMA02388) OV NNM v7.53 HP-UX (IA) / patch PHSS_38148 o posterior HP-UX (PA) / patch PHSS_38147 o posterior Linux RedHatAS2.1 / patch LXOV_00085 o posterior Linux RedHat4AS-x86_64 / patch LXOV_00086 o posterior Solaris / patch PSOV_03514 o posterior OV NNM v7.51 Actualice a la versión OV NNM v7.53 OV NNM v7.01 HP-UX (PA) / patch PHSS_38761 o posterior Solaris / patch PSOV_03516 o posterior Hewlett-Packard (HPSBMA02400) Solaris / patch BAC_00641 o posterior Windows / patch BAC_00640 o posterior http://support.openview.hp.com/support.jsp |
|
Standar resources |
|
Property | Value |
CVE |
CVE-2007-6388 CVE-2007-6421 CVE-2007-6422 |
BID | 27237 |
Other resources |
|
Apache httpd 1.3.40-dev http://httpd.apache.org/security/vulnerabilities_13.html Apache httpd 2.0.62-dev http://httpd.apache.org/security/vulnerabilities_20.html Apache httpd 2.2.7-dev http://httpd.apache.org/security/vulnerabilities_22.html Red Hat Security Advisory (RHSA-2008:0008-6) https://rhn.redhat.com/errata/RHSA-2008-0008.html Mandriva Security Advisory (MDVSA-2008:014) http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:014 Mandriva Security Advisory (MDVSA-2008:015) http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:015 Mandriva Security Advisory (MDVSA-2008:016) http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:016 Red Hat Security Advisory (RHSA-2008:0006-6) https://rhn.redhat.com/errata/RHSA-2008-0006.html Red Hat Security Advisory (RHSA-2008:0005-4) https://rhn.redhat.com/errata/RHSA-2008-0005.html Red Hat Security Advisory (RHSA-2008:0263-2) http://rhn.redhat.com/errata/RHSA-2008-0263.html Red Hat Security Advisory (RHSA-2008:0261-4) http://rhn.redhat.com/errata/RHSA-2008-0261.html Apache httpd 2.2.8 http://httpd.apache.org/security/vulnerabilities_22.html Apache httpd 2.0.63 http://httpd.apache.org/security/vulnerabilities_20.html Apache httpd 1.3.41 http://httpd.apache.org/security/vulnerabilities_13.html HP SECURITY BULLETIN (HPSBUX02313) https://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01364714-1 Sun Alert Notification (233623) http://sunsolve.sun.com/search/document.do?assetkey=1-66-233623-1 SUSE Security Advisory (SUSE-SA:2008:021) http://www.novell.com/linux/security/advisories/2008_21_apache.html HP SECURITY BULLETIN (HPSBMA02388) http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01607570-1 HP SECURITY BULLETIN (HPSBMA02442) https://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01800059 |
Version history |
||
Version | Comments | Date |
1.0 | Aviso emitido | 2008-01-08 |
1.1 | Aviso emitido por Red Hat (RHSA-2008:0008-6) | 2008-01-16 |
1.2 | Aviso emitido por Mandriva (MDVSA-2008:014), Aviso emitido por Mandriva (MDVSA-2008:015), Aviso emitido por Mandriva (MDVSA-2008:016) | 2008-01-22 |
1.3 | Aviso emitido por Red Hat (RHSA-2008:0006-6), Aviso emitido por Red Hat (RHSA-2008:0005-4) | 2008-01-23 |
1.4 | Aviso emitido por Apache | 2008-01-24 |
1.5 | Aviso emitido por HP (HPSBUX02313) | 2008-02-18 |
1.6 | Aviso emitido por Sun (233623) | 2008-03-10 |
1.7 | Aviso emitido por Suse (SUSE-SA:2008:021) | 2008-04-15 |
1.8 | Aviso actualizado por Sun (233623) | 2008-05-14 |
1.9 | Aviso emitido por Red Hat (RHSA-2008:0263-2), aviso emitido por Red Hat (RHSA-2008:0261-4) | 2008-05-21 |
1.10 | Aviso emitido por HP (HPSBMA02388) | 2008-11-21 |
1.11 | Aviso emitido por HP (HPSBMA02442) | 2010-05-26 |