Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA195] DSA-195-1 apache-perl

Vulnerability Assessment Details

[DSA195] DSA-195-1 apache-perl

Vulnerability Assessment Summary
DSA-195-1 apache-perl

Detailed Explanation for this Vulnerability Assessment

According to David Wagner, iDEFENSE and the Apache HTTP Server
Project, several vulnerabilities have been found in the Apache server
package, a commonly used webserver. Most of the code is shared
between the Apache and Apache-Perl packages, so vulnerabilities are
shared as well.
These vulnerabilities could permit a possible hacker to enact a denial of
service against a server or execute a cross site scripting attack, or
steal cookies from other web site users. The Common Vulnerabilities
and Exposures (CVE) project identified the following vulnerabilities:
These problems have been fixed in version 1.3.26-1-1.26-0woody2 for
the current stable distribution (woody), in
1.3.9-14.1-1.21.20000309-1.1 for the old stable distribution (potato)
and in version 1.3.26-1.1-1.27-3-1 for the unstable distribution
(sid).
We recommend that you upgrade your Apache-Perl package immediately.

Solution : http://www.debian.org/security/2002/dsa-195
Network Security Threat Level: High

Networks Security ID: 5847, 5884, 5887, 5995

Vulnerability Assessment Copyright: This script is (C) 2005 Michel Arboi

Cables, Connectors