Miembros de
Boletines de Vulnerabilidades |
Cross-Site Scripting en mod_proxy_ftp de Apache |
|
Clasificación de la vulnerabilidad |
|
| Propiedad | Valor |
| Nivel de Confianza | Oficial |
| Impacto | Aumento de la visibilidad |
| Dificultad | Avanzado |
| Requerimientos del atacante | Acceso remoto sin cuenta a un servicio estandar |
Información sobre el sistema |
|
| Propiedad | Valor |
| Fabricante afectado | GNU/Linux |
| Software afectado |
Apache 1.3.x <= 1.3.40-dev Apache 2.0.x <= 2.0.62-dev Apache 2.2.x <= 2.2.7-dev |
Descripción |
|
|
Se ha encontrado una vulnerabilidad de tipo Cross-Site Scripting en el módulo mod_proxy_ftp cuando se ejecuta sobre las versiones Apache 2.2.7-dev, Apache 1.3.40-dev, y Apache 2.0.62-dev y anteriores, y se encuentra configurado un proxy de reenvío (forward proxy). La vulnerabilidad reside en un error en la validación de la entrada cuando está codificada en UTF-7. Un atacante remoto podría inyectar código HTML o Javascript arbitrario con codificación UTF-7 en una página Web, que solo será ejecutado por el usuario víctima cuando su navegador no siga las reglas de codificación del RFC 2616. |
|
Solución |
|
|
Actualización de software Red Hat (RHSA-2008:0008-6) RHEL Desktop Workstation (v. 5 cliente) Red Hat Enterprise Linux (v. 5 servidor) Red Hat Enterprise Linux Desktop (v. 5 cliente) https://rhn.redhat.com/ Red Hat (RHSA-2008:0006-6) Red Hat Desktop (v. 4) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 4) https://rhn.redhat.com/ Red Hat (RHSA-2008:0005-4) Red Hat Desktop (v. 3) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux WS (v. 3) https://rhn.redhat.com/ Mandriva (MDVSA-2008:014) Corporate Server 3.0 corporate/3.0/i586/apache-1.3.29-1.7.C30mdk.i586.rpm corporate/3.0/i586/apache-devel-1.3.29-1.7.C30mdk.i586.rpm corporate/3.0/i586/apache-modules-1.3.29-1.7.C30mdk.i586.rpm corporate/3.0/i586/apache-source-1.3.29-1.7.C30mdk.i586.rpm corporate/3.0/SRPMS/apache-1.3.29-1.7.C30mdk.src.rpm X86_64 corporate/3.0/x86_64/apache-1.3.29-1.7.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache-devel-1.3.29-1.7.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache-modules-1.3.29-1.7.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache-source-1.3.29-1.7.C30mdk.x86_64.rpm corporate/3.0/SRPMS/apache-1.3.29-1.7.C30mdk.src.rpm Mandriva (MDVSA-2008:015) Corporate Server 3.0 corporate/3.0/i586/apache2-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-common-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-devel-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-manual-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-mod_cache-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-mod_dav-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-mod_deflate-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-mod_disk_cache-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-mod_file_cache-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-mod_ldap-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-mod_mem_cache-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-mod_proxy-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-mod_ssl-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-modules-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/apache2-source-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/i586/libapr0-2.0.48-6.17.C30mdk.i586.rpm corporate/3.0/SRPMS/apache2-2.0.48-6.17.C30mdk.src.rpm X86_64 corporate/3.0/x86_64/apache2-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-common-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-devel-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-manual-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-mod_cache-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-mod_dav-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-mod_deflate-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-mod_disk_cache-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-mod_file_cache-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-mod_ldap-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-mod_mem_cache-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-mod_proxy-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-mod_ssl-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-modules-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/apache2-source-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/x86_64/lib64apr0-2.0.48-6.17.C30mdk.x86_64.rpm corporate/3.0/SRPMS/apache2-2.0.48-6.17.C30mdk.src.rpm Multi Network Firewall 2.0 mnf/2.0/i586/apache2-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-common-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-devel-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-manual-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-mod_cache-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-mod_dav-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-mod_deflate-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-mod_disk_cache-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-mod_file_cache-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-mod_ldap-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-mod_mem_cache-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-mod_proxy-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-mod_ssl-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-modules-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/apache2-source-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/i586/libapr0-2.0.48-6.17.M20mdk.i586.rpm mnf/2.0/SRPMS/apache2-2.0.48-6.17.M20mdk.src.rpm Mandriva (MDVSA-2008:016) Mandriva Linux 2007 ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-base-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-devel-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-htcacheclean-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_cache-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_dav-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_dbd-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_deflate-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_file_cache-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_ldap-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_proxy-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_ssl-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mod_userdir-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-modules-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mpm-prefork-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-mpm-worker-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/i586/media/main/updates/apache-source-2.2.3-1.3mdv2007.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/SRPMS/main/updates/apache-2.2.3-1.3mdv2007.0.src.rpm X86_64 ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-base-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-devel-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-htcacheclean-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_cache-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_dav-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_deflate-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_file_cache-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_ldap-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_proxy-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_ssl-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mod_userdir-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-modules-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mpm-prefork-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-mpm-worker-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/x86_64/media/main/updates/apache-source-2.2.3-1.3mdv2007.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.0/SRPMS/main/updates/apache-2.2.3-1.3mdv2007.0.src.rpm Mandriva Linux 2007.1 ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-base-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-devel-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-htcacheclean-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_cache-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_dav-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_dbd-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_deflate-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_file_cache-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_ldap-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_proxy-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_ssl-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mod_userdir-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-modules-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mpm-event-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mpm-itk-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mpm-prefork-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-mpm-worker-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/i586/media/main/updates/apache-source-2.2.4-6.4mdv2007.1.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/SRPMS/main/updates/apache-2.2.4-6.4mdv2007.1.src.rpm X86_64 ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-base-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-devel-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-htcacheclean-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_cache-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_dav-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/media/main/updates/apache-mod_deflate-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_file_cache-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_ldap-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_proxy-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_ssl-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mod_userdir-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-modules-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mpm-event-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mpm-itk-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mpm-prefork-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-mpm-worker-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/x86_64/media/main/updates/apache-source-2.2.4-6.4mdv2007.1.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2007.1/SRPMS/main/updates/apache-2.2.4-6.4mdv2007.1.src.rpm Mandriva Linux 2008.0 ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-base-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-devel-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-htcacheclean-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_cache-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_dav-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_dbd-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_deflate-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_file_cache-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_ldap-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_proxy-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_ssl-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mod_userdir-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-modules-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mpm-event-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mpm-itk-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mpm-prefork-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-mpm-worker-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/i586/media/main/updates/apache-source-2.2.6-8.1mdv2008.0.i586.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/SRPMS/main/updates/apache-2.2.6-8.1mdv2008.0.src.rpm X86_64 ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-base-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-devel-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-htcacheclean-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_cache-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_dav-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_deflate-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_file_cache-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_ldap-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_proxy-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_ssl-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mod_userdir-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-modules-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mpm-event-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mpm-itk-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mpm-prefork-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-mpm-worker-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/x86_64/media/main/updates/apache-source-2.2.6-8.1mdv2008.0.x86_64.rpm ftp://ftp.cica.es/pub/Linux/Mandrakelinux/official/updates/2008.0/SRPMS/main/updates/apache-2.2.6-8.1mdv2008.0.src.rpm Corporate Server 4.0 corporate/4.0/i586/apache-base-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-devel-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-htcacheclean-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_cache-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_dav-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_dbd-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_deflate-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_ldap-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_proxy-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_ssl-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mod_userdir-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-modules-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-mpm-worker-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/i586/apache-source-2.2.3-1.3.20060mlcs4.i586.rpm corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm X86_64 corporate/4.0/x86_64/apache-base-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-devel-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-modules-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/x86_64/apache-source-2.2.3-1.3.20060mlcs4.x86_64.rpm corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm Apache Apache 2.0.63 Apache 2.2.8 http://httpd.apache.org/download.cgi Suse Linux Las actualizaciones pueden descargarse mediante YAST o del servidor FTP oficial de Suse Linux. Hewlett-Packard (HPSBUX02431) Web Server v3.05 B.11.23 and B.11.31 PA-32 HPUXWSATW-B305-32.depot Web Server v3.05 B.11.23 and B.11.31 IA-64 HPUXWSATW-B305-64.depot Web Server v2.25 B.11.11 PA-32 HPUXWSATW-B225-1111.depot Web Server v2.25 B.11.23 PA-32 HPUXWSATW-B225-32.depot Web Server v2.25 B.11.23 IA-64 HPUXWSATW-B225-64.depot Web Server v2.25 B.11.31 IA-32 HPUXWSATW-B225-32-1131.depot Web Server v2.25 B.11.31 IA-64 HPUXWSATW-B225-64-1131.depot Hewlett-Packard (HPSBMA02400) Solaris / patch BAC_00641 o posterior Windows / patch BAC_00640 o posterior http://support.openview.hp.com/support.jsp |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2008-0005 |
| BID | 27234 |
Recursos adicionales |
|
|
Red Hat Security Advisory (RHSA-2008:0008-6) https://rhn.redhat.com/errata/RHSA-2008-0008.html Mandriva Security Advisory (MDVSA-2008:014) http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:014 Mandriva Security Advisory (MDVSA-2008:015) http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:015 Mandriva Security Advisory (MDVSA-2008:016) http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:016 Red Hat Security Advisory (RHSA-2008:0006-6) https://rhn.redhat.com/errata/RHSA-2008-0006.html Red Hat Security Advisory (RHSA-2008:0005-4) https://rhn.redhat.com/errata/RHSA-2008-0005.html Apache httpd 2.2.8 http://httpd.apache.org/security/vulnerabilities_22.html Apache httpd 2.0.63 http://httpd.apache.org/security/vulnerabilities_20.html SUSE Security Advisory (SUSE-SA:2008:021) http://www.novell.com/linux/security/advisories/2008_21_apache.html HP SECURITY BULLETIN (HPSBUX02431) http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01756421-1 HP SECURITY BULLETIN (HPSBMA02442) https://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01800059 |
|
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Aviso emitido | 2008-01-16 |
| 1.1 | Aviso emitido por Mandriva (MDVSA-2008:014), Aviso emitido por Mandriva (MDVSA-2008:015), Aviso emitido por Mandriva (MDVSA-2008:016) | 2008-01-22 |
| 1.2 | Aviso emitido por Red Hat (RHSA-2008:0006-6), Aviso emitido por Red Hat (RHSA-2008:0005-4) | 2008-01-23 |
| 1.3 | Aviso emitido por Apache | 2008-01-24 |
| 1.4 | Aviso emitido por Suse (SUSE-SA:2008:021) | 2008-04-15 |
| 1.5 | Aviso emitido por HP (HPSBUX02431) | 2009-07-01 |
| 1.6 | Aviso emitido por HP (HPSBMA02442) | 2010-05-26 |