Detections
Analytics
Mandrake Linux Security Advisory : apache2 (MDKSA-2004:135)
medium Nessus Plugin ID 15740
Synopsis
The remote Mandrake Linux host is missing one or more security updates.Description
A vulnerability in apache 2.0.35-2.0.52 was discovered by Chintan Trivedi; he found that by sending a large amount of specially- crafted HTTP GET requests, a remote attacker could cause a Denial of Service on the httpd server. This vulnerability is due to improper enforcement of the field length limit in the header-parsing code.The updated packages have been patched to prevent this problem.
Solution
Update the affected packages.See Also
http://web.archive.org/web/20120208022923/http://xforce.iss.net:80/xforce/xfdb/17930
Plugin Details
Severity: Medium
ID: 15740
File Name: mandrake_MDKSA-2004-135.nasl
Version: 1.19
Type: local
Family: Mandriva Local Security Checks
Published: 11/17/2004
Updated: 1/6/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: Medium
Base Score: 5
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
Vulnerability Information
CPE: p-cpe:/a:mandriva:linux:apache2, p-cpe:/a:mandriva:linux:apache2-common, p-cpe:/a:mandriva:linux:apache2-devel, p-cpe:/a:mandriva:linux:apache2-manual, p-cpe:/a:mandriva:linux:apache2-mod_cache, p-cpe:/a:mandriva:linux:apache2-mod_dav, p-cpe:/a:mandriva:linux:apache2-mod_deflate, p-cpe:/a:mandriva:linux:apache2-mod_disk_cache, p-cpe:/a:mandriva:linux:apache2-mod_file_cache, p-cpe:/a:mandriva:linux:apache2-mod_ldap, p-cpe:/a:mandriva:linux:apache2-mod_mem_cache, p-cpe:/a:mandriva:linux:apache2-mod_proxy, p-cpe:/a:mandriva:linux:apache2-mod_ssl, p-cpe:/a:mandriva:linux:apache2-modules, p-cpe:/a:mandriva:linux:apache2-source, p-cpe:/a:mandriva:linux:apache2-worker, p-cpe:/a:mandriva:linux:lib64apr0, p-cpe:/a:mandriva:linux:libapr0, cpe:/o:mandrakesoft:mandrake_linux:10.0, cpe:/o:mandrakesoft:mandrake_linux:10.1, cpe:/o:mandrakesoft:mandrake_linux:9.2
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list
Patch Publication Date: 11/15/2004
Reference Information
CVE: CVE-2004-0942
MDKSA: 2004:135