Detections
Analytics
SuSE 10 Security Update : Apache 2 (ZYPP Patch Number 5128)
medium Nessus Plugin ID 31768
Synopsis
The remote SuSE 10 host is missing a security-related patch.Description
This update fixes multiple bugs in apache :- cross-site scripting problem in mod_imap.
(CVE-2007-5000)
- cross-site scripting problem in mod_status.
(CVE-2007-6388)
- cross-site scripting problem in the ftp proxy module.
(CVE-2008-0005)
- cross-site scripting problem in the error page for status code 413. (CVE-2007-6203)
- cross-site scripting problem in mod_proxy_balancer.
(CVE-2007-6421)
- A flaw in mod_proxy_balancer allowed attackers to crash apache. (CVE-2007-6422)
Solution
Apply ZYPP patch number 5128.See Also
http://support.novell.com/security/cve/CVE-2007-5000.html
http://support.novell.com/security/cve/CVE-2007-6203.html
http://support.novell.com/security/cve/CVE-2007-6388.html
http://support.novell.com/security/cve/CVE-2007-6421.html
Plugin Details
Severity: Medium
ID: 31768
File Name: suse_apache2-5128.nasl
Version: 1.18
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 4/4/2008
Updated: 1/14/2021
Supported Sensors: Continuous Assessment, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.8
CVSS v2
Risk Factor: Medium
Base Score: 4.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N
Vulnerability Information
CPE: cpe:/o:suse:suse_linux
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Patch Publication Date: 3/26/2008
Reference Information
CVE: CVE-2007-5000, CVE-2007-6203, CVE-2007-6388, CVE-2007-6421, CVE-2007-6422, CVE-2008-0005