Lucene search
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.SOLARIS9_X86_114145.NASLHistoryJul 12, 2004 - 12:00 a.m.
Solaris 9 (x86) : 114145-12
2004-07-1200:00:00
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.
www.tenable.com
19
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.429
Percentile
97.4%
SunOS 5.9_x86: Apache Security Patch.
Date this patch was last updated by Sun : Mar/05/10
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text in this plugin was
# extracted from the Oracle SunOS Patch Updates.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(13593);
script_version("1.39");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2003-0020", "CVE-2003-0542", "CVE-2003-0987", "CVE-2003-0993", "CVE-2004-0174", "CVE-2004-0492", "CVE-2007-1349");
script_name(english:"Solaris 9 (x86) : 114145-12");
script_summary(english:"Check for patch 114145-12");
script_set_attribute(
attribute:"synopsis",
value:"The remote host is missing Sun Security Patch number 114145-12"
);
script_set_attribute(
attribute:"description",
value:
"SunOS 5.9_x86: Apache Security Patch.
Date this patch was last updated by Sun : Mar/05/10"
);
script_set_attribute(
attribute:"see_also",
value:"http://download.oracle.com/sunalerts/1021709.1.html"
);
script_set_attribute(
attribute:"solution",
value:"You should install this patch for your system to be up-to-date."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_cwe_id(119, 399);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");
script_set_attribute(attribute:"patch_publication_date", value:"2010/03/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/12");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
script_family(english:"Solaris Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("solaris.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114145-12", obsoleted_by:"", package:"SUNWapchu", version:"11.9.0,REV=2002.08.06.16.05") < 0) flag++;
if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114145-12", obsoleted_by:"", package:"SUNWapchd", version:"11.9.0,REV=2002.08.06.16.05") < 0) flag++;
if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114145-12", obsoleted_by:"", package:"SUNWapchS", version:"11.9.0,REV=2002.08.06.16.05") < 0) flag++;
if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114145-12", obsoleted_by:"", package:"SUNWapchr", version:"11.9.0,REV=2002.08.06.16.05") < 0) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report());
else security_hole(0);
exit(0);
}
audit(AUDIT_HOST_NOT, "affected");
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0020
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0542
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0987
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0993
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0174
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0492
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349
download.oracle.com/sunalerts/1021709.1.html
Related
nessus
nessus
Solaris 8 (x86) : 116974-07
2004-10-17 00:00:00
Solaris 8 (sparc) : 116973-07
2004-10-17 00:00:00
Solaris 9 (sparc) : 113146-13
2004-07-12 00:00:00
gentoo
gentoo
Apache 1.3: Multiple vulnerabilities
2004-05-26 00:00:00
Apache: multiple buffer overflows
2003-10-28 00:00:00
Apache 1.3: Buffer overflow in mod_proxy
2004-06-21 00:00:00
slackware
slackware
apache
2004-05-12 16:54:58
apache security update
2003-11-04 16:48:11
openvas
openvas
Gentoo Security Advisory GLSA 200405-22 (Apache)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200405-22 (Apache)
2008-09-24 00:00:00
Slackware: Security Advisory (SSA:2004-133-01)
2012-09-10 00:00:00
suse
suse
remote file creation in kdelibs/kdelibs3
2004-05-26 11:35:37
remote command execution in cvs
2004-06-09 13:52:11
f5
f5
SOL3144 - Apache mod_alias buffer overflow vulnerability - CAN-2003-0542
2007-05-16 00:00:00
K3144 : Apache mod_alias buffer overflow vulnerability CAN-2003-0542
2013-03-28 00:00:00
K5576 : Authentication vulnerability in Apache mod_digest - CAN-2003-0987
2013-03-28 00:00:00
httpd
httpd
Apache Httpd < 1.3.29 : Local configuration regular expression overflow
2003-08-04 00:00:00
Apache Httpd < 2.0.48 : Local configuration regular expression overflow
2003-08-04 00:00:00
Apache Httpd < 1.3.31 : mod_digest nonce checking
2003-12-18 00:00:00
debiancve
debiancve
securityvulns
securityvulns
NetSec Security Advisory: Multiple Vulnerabilities Resulting From Use Of Apple OSX HFS+
2005-02-17 00:00:00
[SECURITY] [DSA 525-1] New apache packages fix buffer overflow in mod_proxy
2004-06-26 00:00:00
Apache mod_perl resource exhaustion
2007-04-01 00:00:00
cvelist
cvelist
altlinux
altlinux
Security fix for the ALT Linux 10 package apache2 version 2.0.40-21
2003-02-24 00:00:00
Security fix for the ALT Linux 8 package apache2 version 2.0.40-21
2003-02-24 00:00:00
Security fix for the ALT Linux 9 package apache2 version 2.0.40-21
2003-02-24 00:00:00
cve
cve
nvd
nvd
freebsd
freebsd
Apache 1.3 IP address access control failure on some 64-bit platforms
2004-03-07 00:00:00
apache -- heap overflow in mod_proxy
2004-06-10 00:00:00
mod_perl -- remote DoS in PATH_INFO parsing
2007-03-29 00:00:00
redhat
redhat
(RHSA-2004:015) httpd security update
2004-01-13 00:00:00
(RHSA-2003:360) apache security update
2003-12-10 00:00:00
(RHSA-2007:0486) Moderate: mod_perl security update
2007-06-18 00:00:00
ubuntucve
ubuntucve
cert
cert
debian
debian
[SECURITY] [DSA 525-1] New apache packages fix buffer overflow in mod_proxy
2004-06-25 21:04:06
osv
osv
apache - buffer overflow
2004-06-24 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: mod_perl-2.0.3-9.1.fc7
2007-06-09 19:19:09
[SECURITY] Fedora Core 6 Update: mod_perl-2.0.2-6.2.fc6
2007-06-11 19:54:38
[SECURITY] Fedora Core 5 Update: mod_perl-2.0.2-5.2.fc5
2007-06-11 19:54:08
centos
centos
mod_perl security update
2007-06-18 23:45:32
mod_perl security update
2007-06-14 14:57:11
prion
prion
Code injection
2007-03-30 00:19:00
ubuntu
ubuntu
mod_perl vulnerability
2007-07-18 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:15:56
oraclelinux
oraclelinux
Low: mod_perl security update
2007-06-14 00:00:00
seebug
seebug
jetty 6.x - 7.x xss, information disclosure, injection
2014-07-01 00:00:00
jetty 6.x - 7.x xss information disclosure injection
2009-10-26 00:00:00
jetty 6.x - 7.x xss information disclosure injection
2009-10-26 00:00:00
packetstorm
packetstorm
Jetty 6.x / 7.x Information Disclosure / XSS
2009-10-26 00:00:00
exploitpack
exploitpack
jetty 6.x 7.x - Cross-Site Scripting Information Disclosure Injection
2009-10-26 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.429
Percentile
97.4%
Related for SOLARIS9_X86_114145.NASL