Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA525] DSA-525-1 apache


Vulnerability Assessment Details

[DSA525] DSA-525-1 apache

Vulnerability Assessment Summary
DSA-525-1 apache

Detailed Explanation for this Vulnerability Assessment

Georgi Guninski discovered a buffer overflow bug in Apache's mod_proxy
module, whereby a remote user could potentially cause arbitrary code
to be executed with the rights of an Apache httpd child process
(by default, user www-data). Note that this bug is only exploitable
if the mod_proxy module is in use.
Note that this bug exists in a module in the apache-common package,
shared by apache, apache-ssl and apache-perl, so this update is
sufficient to correct the bug for all three builds of Apache httpd.
However, on systems using apache-ssl or apache-perl, httpd will not
automatically be restarted.
For the current stable distribution (woody), this problem has been
fixed in version 1.3.26-0woody5.
For the unstable distribution (sid), this problem has been fixed in
version 1.3.31-2.
We recommend that you update your apache package.


Solution : http://www.debian.org/security/2004/dsa-525
Network Security Threat Level: High

Networks Security ID: 10508

Vulnerability Assessment Copyright: This script is (C) 2005 Michel Arboi

Cables, Connectors

ACER ASPIRE 5517 5532 Motherboard LA-5481P Tested with cpu / fan
$39.55
ACER ASPIRE 5517 5532 Motherboard LA-5481P Tested with cpu / fan pictureDell Precision T5500 Second CPU Cooling Heatsink Fan W715F W567F 0W567F 0W715F
$39.99
Dell Precision T5500 Second CPU Cooling Heatsink Fan W715F W567F 0W567F 0W715F picturePLEASE READ Intel Core i7-3770 3.40GHz 8MB SR0PK Socket 1155 CPU (Water Stains)
$100.0
PLEASE READ Intel Core i7-3770 3.40GHz 8MB SR0PK Socket 1155 CPU (Water Stains) pictureIntel i5-4570 (#743-0641) 3.2GHz 6MB 5GT/s SR14E LGA1150 CPU Processor
$120.0
Intel i5-4570 (#743-0641) 3.2GHz 6MB 5GT/s SR14E LGA1150 CPU Processor picture


Discussions

No Discussions have been posted on this vulnerability.