Slackware 10.0 / 10.1 / 10.2 / 8.1 / 9.0 / 9.1 / current : Apache httpd redux (SSA:2006-130-01)

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.


Synopsis :

The remote Slackware host is missing a security update.

Description :

New Apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0,
10.1, 10.2, and -current to fix a bug with Apache 1.3.35 and glibc
that breaks wildcards in Include directives. It may not occur with all
versions of glibc, but it has been verified on -current (using an
Include within a file already Included causes a crash), so better to
patch it and reissue these packages just to be sure. My apologies if
the last batch of updates caused anyone undue grief... they worked
here with my (too simple?) config files. Note that if you use mod_ssl,
you'll also require the mod_ssl package that was part of yesterday's
release, and on -current you'll need the newest PHP package (if you
use PHP). Thanks to Francesco Gringoli for bringing this issue to my
attention.

See also :

http://www.nessus.org/u?269cdf3c

Solution :

Update the affected apache package.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)

Family: Slackware Local Security Checks

Nessus Plugin ID: 21346 ()

Bugtraq ID:

CVE ID: CVE-2005-3352