HP-UX PHSS_34169 : HP-UX VirtualVault running Apache 1.3.X Remote Unauthorized Access (HPSBUX02101 SSRT051128 rev.1)

Medium Nessus Plugin ID 21109

Synopsis

The remote HP-UX host is missing a security-related patch.

Description

s700_800 11.04 Virtualvault 4.7 IWS update :

A security vulnerability has been identified in Apache HTTP server versions prior to Apache 1.3.34 that may allow HTTP Request Splitting/Spoofing attacks, resulting in remote unauthorized access.
References: Apache HTTP Server version 1.3.34 announcement.

Solution

Install patch PHSS_34169 or subsequent.

See Also

http://www.nessus.org/u?e43753d4

Plugin Details

Severity: Medium

ID: 21109

File Name: hpux_PHSS_34169.nasl

Version: 1.17

Type: local

Published: 2006/03/21

Updated: 2018/07/12

Dependencies: 12634

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:hp:hp-ux

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2006/03/15

Vulnerability Publication Date: 2005/06/06

Reference Information

CVE: CVE-2005-2088

BID: 14106

HP: emr_na-c00612828, HPSBUX02101, SSRT051128