Miembros de
Boletines de Vulnerabilidades |
Cross site scripting en el modulo mod_imap sobre Apache 1.3 |
|
Clasificación de la vulnerabilidad |
|
| Propiedad | Valor |
| Nivel de Confianza | Oficial |
| Impacto | Aumento de la visibilidad |
| Dificultad | Avanzado |
| Requerimientos del atacante | Acceso remoto sin cuenta a un servicio estandar |
Información sobre el sistema |
|
| Propiedad | Valor |
| Fabricante afectado | GNU/Linux |
| Software afectado |
Apache 1.3 <1.3.35 Apache 2.0 <2.0.56 Apache 2.2 <2.2.1 HP OpenView Network Node Manager 6.41 HP OpenView Network Node Manager 7.01 HP OpenView Network Node Manager 7.51 |
Descripción |
|
|
Se ha descubierto una vulnerabilidad en las ramas 1.3 y 2.0 de Apache, concretamente en las versiones anteriores a la 1.3.35 y 2.0.56. Se trata de una vulnerabilidad de cross site scripting en el modulo mod_imap. La explotación de esta vulnerabilidad podría permitir a un atacante remoto ejecutar código Web arbitrario mediante mapas de imagen con un atributo "Referer" especialmente diseñado. |
|
Solución |
|
|
Si lo desea, aplique los mecanismos de actualización propios de su distribución, o bien baje las fuentes del software y compílelo usted mismo. Actualización de software Apache Apache 1.3.35-dev Apache 2.0.56-dev Apache 2.2.1-dev http://httpd.apache.org/download.cgi Red Hat (httpd) Red Hat Desktop (v. 3) Red Hat Desktop (v. 4) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 3) Red Hat Enterprise Linux WS (v. 4) Red Hat Enterprise Linux AS (v. 2.1) Red Hat Enterprise Linux ES (v. 2.1) Red Hat Enterprise Linux WS (v. 2.1) Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor https://rhn.redhat.com/ Mandriva Mandrakelinux 10.1 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-2.0.50-7.6.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-common-2.0.50-7.6.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-devel-2.0.50-7.6.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-manual-2.0.50-7.6.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-mod_cache-2.0.50-7.6.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-mod_dav-2.0.50-7.6.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-mod_deflate-2.0.50-7.6.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-mod_disk_cache-2.0.50-7.6.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-mod_file_cache-2.0.50-7.6.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-mod_ldap-2.0.50-7.6.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-mod_mem_cache-2.0.50-7.6.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-mod_proxy-2.0.50-7.6.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-mod_ssl-2.0.50-4.4.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-modules-2.0.50-7.6.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-source-2.0.50-7.6.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/apache2-worker-2.0.50-7.6.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/SRPMS/apache2-2.0.50-7.6.101mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/SRPMS/apache2-mod_ssl-2.0.50-4.4.101mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-2.0.50-7.6.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-common-2.0.50-7.6.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-devel-2.0.50-7.6.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-manual-2.0.50-7.6.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-mod_cache-2.0.50-7.6.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-mod_dav-2.0.50-7.6.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-mod_deflate-2.0.50-7.6.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-mod_disk_cache-2.0.50-7.6.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-mod_file_cache-2.0.50-7.6.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-mod_ldap-2.0.50-7.6.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-mod_mem_cache-2.0.50-7.6.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-mod_proxy-2.0.50-7.6.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-mod_ssl-2.0.50-4.4.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-modules-2.0.50-7.6.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-source-2.0.50-7.6.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/apache2-worker-2.0.50-7.6.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/SRPMS/apache2-2.0.50-7.6.101mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/SRPMS/apache2-mod_ssl-2.0.50-4.4.101mdk.src.rpm Mandrivalinux LE2005 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/apache2-2.0.53-9.4.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/apache2-common-2.0.53-9.4.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/apache2-devel-2.0.53-9.4.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/apache2-manual-2.0.53-9.4.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/apache2-mod_cache-2.0.53-9.4.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/apache2-mod_dav-2.0.53-9.4.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/apache2-mod_deflate-2.0.53-9.4.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/apache2-mod_disk_cache-2.0.53-9.4.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/apache2-mod_file_cache-2.0.53-9.4.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/apache2-mod_ldap-2.0.53-9.4.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/apache2-mod_mem_cache-2.0.53-9.4.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/apache2-mod_proxy-2.0.53-9.4.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/apache2-mod_ssl-2.0.53-8.3.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/apache2-modules-2.0.53-9.4.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/apache2-peruser-2.0.53-9.4.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/apache2-source-2.0.53-9.4.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/apache2-worker-2.0.53-9.4.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/SRPMS/apache2-2.0.53-9.4.102mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/SRPMS/apache2-mod_ssl-2.0.53-8.3.102mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/apache2-2.0.53-9.4.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/apache2-common-2.0.53-9.4.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/apache2-devel-2.0.53-9.4.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/apache2-manual-2.0.53-9.4.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/apache2-mod_cache-2.0.53-9.4.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/apache2-mod_dav-2.0.53-9.4.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/apache2-mod_deflate-2.0.53-9.4.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/apache2-mod_disk_cache-2.0.53-9.4.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/apache2-mod_file_cache-2.0.53-9.4.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/apache2-mod_ldap-2.0.53-9.4.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/apache2-mod_mem_cache-2.0.53-9.4.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/apache2-mod_proxy-2.0.53-9.4.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/apache2-mod_ssl-2.0.53-8.3.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/apache2-modules-2.0.53-9.4.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/apache2-peruser-2.0.53-9.4.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/apache2-source-2.0.53-9.4.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/apache2-worker-2.0.53-9.4.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/SRPMS/apache2-2.0.53-9.4.102mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/SRPMS/apache2-mod_ssl-2.0.53-8.3.102mdk.src.rpm Mandrivalinux 2006 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-base-2.0.54-13.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-devel-2.0.54-13.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mod_cache-2.0.54-13.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mod_dav-2.0.54-13.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mod_deflate-2.0.54-13.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mod_disk_cache-2.0.54-13.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mod_file_cache-2.0.54-13.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mod_ldap-2.0.54-13.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mod_mem_cache-2.0.54-13.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mod_proxy-2.0.54-13.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mod_ssl-2.0.54-6.1.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-modules-2.0.54-13.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mod_userdir-2.0.54-13.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mpm-peruser-2.0.54-13.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mpm-prefork-2.0.54-13.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-mpm-worker-2.0.54-13.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/apache-source-2.0.54-13.2.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/SRPMS/apache-2.0.54-13.2.20060mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/SRPMS/apache-mod_ssl-2.0.54-6.1.20060mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-base-2.0.54-13.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-devel-2.0.54-13.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mod_cache-2.0.54-13.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mod_dav-2.0.54-13.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mod_deflate-2.0.54-13.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mod_disk_cache-2.0.54-13.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mod_file_cache-2.0.54-13.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mod_ldap-2.0.54-13.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mod_mem_cache-2.0.54-13.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mod_proxy-2.0.54-13.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mod_ssl-2.0.54-6.1.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-modules-2.0.54-13.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mod_userdir-2.0.54-13.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mpm-peruser-2.0.54-13.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mpm-prefork-2.0.54-13.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-mpm-worker-2.0.54-13.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/apache-source-2.0.54-13.2.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/SRPMS/apache-2.0.54-13.2.20060mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/SRPMS/apache-mod_ssl-2.0.54-6.1.20060mdk.src.rpm SGI Advanced Linux Environment 3 / RPM / Patch 10258 ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/RPMS Advanced Linux Environment 3 / SRPM / Patch 10258 ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/SRPMS Suse Linux Las actualizaciones pueden descargarse mediante YAST o del servidor FTP oficial de Suse Linux Hewlett-Packard HP-UX B.11.00, B.11.11, HP-UX B.11.23 / Apache-based Web Server v.2.0.58.00 http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Debian Linux Debian Linux 3.1 Source http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3.dsc http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3.diff.gz http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33.orig.tar.gz Architecture independent http://security.debian.org/pool/updates/main/a/apache/apache-dev_1.3.33-6sarge3_all.deb http://security.debian.org/pool/updates/main/a/apache/apache-doc_1.3.33-6sarge3_all.deb http://security.debian.org/pool/updates/main/a/apache/apache-utils_1.3.33-6sarge3_all.deb Alpha architecture http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_alpha.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_alpha.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_alpha.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_alpha.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_alpha.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_alpha.deb AMD64 http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_amd64.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_amd64.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_amd64.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_amd64.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_amd64.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_amd64.deb ARM http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_arm.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_arm.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_arm.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_arm.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_arm.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_arm.deb HP Precision http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_hppa.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_hppa.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_hppa.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_hppa.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_hppa.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_hppa.deb Intel IA-32 http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_i386.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_i386.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_i386.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_i386.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_i386.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_i386.deb Intel IA-64 http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_ia64.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_ia64.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_ia64.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_ia64.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_ia64.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_ia64.deb Motorola 680x0 http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_m68k.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_m68k.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_m68k.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_m68k.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_m68k.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_m68k.deb Big endian MIPS http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_mips.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_mips.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_mips.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_mips.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_mips.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_mips.deb Little endian MIPS http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_mipsel.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_mipsel.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_mipsel.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_mipsel.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_mipsel.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_mipsel.deb PowerPC http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_powerpc.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_powerpc.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_powerpc.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_powerpc.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_powerpc.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_powerpc.deb IBM S/390 http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_s390.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_s390.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_s390.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_s390.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_s390.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_s390.deb Sun Sparc http://security.debian.org/pool/updates/main/a/apache/apache_1.3.33-6sarge3_sparc.deb http://security.debian.org/pool/updates/main/a/apache/apache-common_1.3.33-6sarge3_sparc.deb http://security.debian.org/pool/updates/main/a/apache/apache-dbg_1.3.33-6sarge3_sparc.deb http://security.debian.org/pool/updates/main/a/apache/apache-perl_1.3.33-6sarge3_sparc.deb http://security.debian.org/pool/updates/main/a/apache/apache-ssl_1.3.33-6sarge3_sparc.deb http://security.debian.org/pool/updates/main/a/apache/libapache-mod-perl_1.29.0.3-6sarge3_sparc.deb Red Hat Linux (apache) Red Hat Stronghold for Enterprise Linux https://rhn.redhat.com/ Sun (102662) Solaris 10 / SPARC / patch / 120543-06 Solaris 10 / x86 / patch / 120544-06 http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage Sun (102663) Solaris 8 / SPARC / patch 116973-05 Solaris 8 / x86 / patch 116974-05 Solaris 9 / SPARC / patch 113146-08 Solaris 9 / x86 / patch 114145-07 Solaris 10 / SPARC / patch 122911-02 Solaris 10 / x86 / patch 122912-02 http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage Hewlett-Packard (HPSBMA02328) HP OpenView Network Node Manager 7.51 / HP-UX (IA) / PHSS_36386 HP OpenView Network Node Manager 7.51 / HP-UX (PA) / PHSS_36385 HP OpenView Network Node Manager 7.51 / Solaris / PSOV_03479 HP OpenView Network Node Manager 7.51 / Linux RedHatAS2.1 / LXOV_00052 HP OpenView Network Node Manager 7.01 / HP-UX (PA) / PHSS_36773 HP OpenView Network Node Manager 7.01 / Solaris / PSOV_03480 HP OpenView Network Node Manager 6.41 / HP-UX (PA) / PHSS_37141 HP OpenView Network Node Manager 6.41 / Solaris / PSOV_03489 |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2005-3352 |
| BID | 15834 |
Recursos adicionales |
|
|
Apache httpd 1.3 vulnerabilities http://httpd.apache.org/security/vulnerabilities_13.html Apache httpd 2.0 vulnerabilities http://httpd.apache.org/security/vulnerabilities_20.html Apache httpd 2.2 vulnerabilities http://httpd.apache.org/security/vulnerabilities_22.html Red Hat Security Advisory RHSA-2006:0159-8 https://rhn.redhat.com/errata/RHSA-2006-0159.html Red Hat Security Advisory (RHSA-2006:0158-4) https://rhn.redhat.com/errata/RHSA-2006-0158.html Red Hat Security Advisory RHSA-2006:0692-4 https://rhn.redhat.com/errata/RHSA-2006-0692.html Mandriva Security Advisory (MDKSA-2006:007) http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:007 SGI Security Advisory (20060101-01-U) ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U.asc SUSE Security Summary Report (SUSE-SR:2006:004) http://www.novell.com/linux/security/advisories/2006_04_sr.html SUSE Security Advisory (SUSE-SA:2006:043) http://www.novell.com/linux/security/advisories/2006_43_apache.html HP SECURITY BULLETIN (HPSBUX02145) http://www5.itrc.hp.com/service/cki/docDisplay.do?docId=c00760969 HP SECURITY BULLETIN (HPSBMA02328) https://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01428449-2 Debian Security Advisory DSA 1167-1 http://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00257.html Sun Alert Notification (102662) http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1 Sun Alert Notification (102663) http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1 SUSE Security Summary Report (SUSE-SR:2007:011) http://www.novell.com/linux/security/advisories/2007_11_sr.html |
|
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Aviso emitido | 2005-12-20 |
| 1.1 | Aviso emitido por Red Hat (RHSA-2006:0159-8) | 2006-01-06 |
| 1.2 | Aviso emitido por Mandriva (MDKSA-2006:007) | 2006-01-09 |
| 1.3 | Aviso emitido por Red Hat (RHSA-2006:0158-4) | 2006-01-17 |
| 1.4 | Aviso emitido por SGI (20060101-01-U) | 2006-01-19 |
| 1.5 | Aviso emitido por Suse (SUSE-SR:2006:004) | 2006-03-01 |
| 1.6 | Aviso emitido por Apache | 2006-03-22 |
| 1.7 | Aviso emitido por Suse (SUSE-SA:2006:043) | 2006-07-31 |
| 1.8 | Aviso emitido por HP (HPSBUX02145) | 2006-09-01 |
| 1.9 | Aviso emitido por Debian (DSA 1167-1) | 2006-09-05 |
| 1.10 | Aviso emitido por Red Hat (RHSA-2006:0692-4) | 2006-10-04 |
| 1.11 | Aviso emitido por Sun (102662, 102663) | 2006-10-17 |
| 1.12 | Aviso actualizado por Sun (102663) | 2006-12-05 |
| 1.13 | Aviso emitido por Suse (SUSE-SR:2007:011) | 2007-05-18 |
| 1.14 | Aviso emitido por HP (HPSBMA02328) | 2008-04-22 |