Slackware 8.1 / 9.0 / 9.1 / current : apache security update (SSA:2003-308-01)

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The remote Slackware host is missing a security update.

Description :

Apache httpd is a hypertext transfer protocol server, and is used by
over two thirds of the Internet's web sites. Upgraded Apache packages
are available for Slackware 8.1, 9.0, 9.1, and -current. These fix
local vulnerabilities that could allow users who can create or edit
Apache config files to gain additional privileges. Sites running
Apache should upgrade to the new packages. In addition, new mod_ssl
packages have been prepared for all platforms, and new PHP packages
have been prepared for Slackware 8.1, 9.0, and - -current (9.1 already
uses PHP 4.3.3). In -current, these packages also move the Apache
module directory from /usr/libexec to /usr/libexec/apache. Links for
all of these related packages are provided below.

See also :

http://www.nessus.org/u?1c39b7c6

Solution :

Update the affected apache, mod_ssl and / or php packages.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Family: Slackware Local Security Checks

Nessus Plugin ID: 18742 ()

Bugtraq ID:

CVE ID: CVE-2003-0542