HP-UX PHSS_34169 : HP-UX VirtualVault running Apache 1.3.X Remote Unauthorized Access (HPSBUX02101 SSRT051128 rev.1)

Medium Nessus Plugin ID 21109


The remote HP-UX host is missing a security-related patch.


s700_800 11.04 Virtualvault 4.7 IWS update :

A security vulnerability has been identified in Apache HTTP server versions prior to Apache 1.3.34 that may allow HTTP Request Splitting/Spoofing attacks, resulting in remote unauthorized access.
References: Apache HTTP Server version 1.3.34 announcement.


Install patch PHSS_34169 or subsequent.

See Also


Plugin Details

Severity: Medium

ID: 21109

File Name: hpux_PHSS_34169.nasl

Version: $Revision: 1.16 $

Type: local

Published: 2006/03/21

Modified: 2015/03/19

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 4.3

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:hp:hp-ux

Required KB Items: Host/local_checks_enabled, Host/HP-UX/version, Host/HP-UX/swlist

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2006/03/15

Vulnerability Publication Date: 2005/06/06

Reference Information

CVE: CVE-2005-2088

BID: 14106

OSVDB: 17738

HP: emr_na-c00612828, HPSBUX02101, SSRT051128