Scientific Linux Security Update : httpd on SL6.x i386/x86_64

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

Security Fix(es) :

- It was discovered that the httpd's mod_auth_digest
module did not properly initialize memory before using
it when processing certain headers related to digest
authentication. A remote attacker could possibly use
this flaw to disclose potentially sensitive information
or cause httpd child process to crash by sending
specially crafted requests to a server. (CVE-2017-9788)

- It was discovered that the use of httpd's
ap_get_basic_auth_pw() API function outside of the
authentication phase could lead to authentication
bypass. A remote attacker could possibly use this flaw
to bypass required authentication if the API was used
incorrectly by one of the modules used by httpd.
(CVE-2017-3167)

- A NULL pointer dereference flaw was found in the httpd's
mod_ssl module. A remote attacker could use this flaw to
cause an httpd child process to crash if another module
used by httpd called a certain API function during the
processing of an HTTPS request. (CVE-2017-3169)

- A buffer over-read flaw was found in the httpd's
mod_mime module. A user permitted to modify httpd's MIME
configuration could use this flaw to cause httpd child
process to crash. (CVE-2017-7679)

See also :

http://www.nessus.org/u?ef6fba6f

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 102521 ()

Bugtraq ID:

CVE ID: CVE-2017-3167
CVE-2017-3169
CVE-2017-7679
CVE-2017-9788

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now