Slackware 10.0 / 8.1 / 9.0 / 9.1 / current : apache+mod_ssl (SSA:2004-305-01)

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The remote Slackware host is missing a security update.

Description :

New apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0,
and -current to fix a security issue. Apache has been upgraded to
version 1.3.33 which fixes a buffer overflow which may allow local
users to execute arbitrary code as the apache user. The mod_ssl
package has also been upgraded to version 2.8.22_1.3.33.

See also :

http://www.nessus.org/u?bbba9317

Solution :

Update the affected apache and / or mod_ssl packages.

Risk factor :

Medium / CVSS Base Score : 6.9
(CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)

Family: Slackware Local Security Checks

Nessus Plugin ID: 18788 ()

Bugtraq ID:

CVE ID: CVE-2004-0940