HP-UX PHSS_34203 : HP-UX VirtualVault running Apache 1.3.X Remote Unauthorized Access (HPSBUX02101 SSRT051128 rev.1)

This script is Copyright (C) 2006-2014 Tenable Network Security, Inc.


Synopsis :

The remote HP-UX host is missing a security-related patch.

Description :

s700_800 11.04 Webproxy 2.1 (Apache 1.x) update :

A security vulnerability has been identified in Apache HTTP server
versions prior to Apache 1.3.34 that may allow HTTP Request
Splitting/Spoofing attacks, resulting in remote unauthorized access.
References: Apache HTTP Server version 1.3.34 announcement.

See also :

http://www.nessus.org/u?e43753d4

Solution :

Install patch PHSS_34203 or subsequent.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)

Family: HP-UX Local Security Checks

Nessus Plugin ID: 21112 (hpux_PHSS_34203.nasl)

Bugtraq ID:

CVE ID: CVE-2005-2088