oval:org.mitre.oval:def:7270

Definition Id: oval:org.mitre.oval:def:7270

Oval ID:	oval:org.mitre.oval:def:7270
Title:	DSA-1816 apache2 -- insufficient security check
Description:	It was discovered that the Apache web server did not properly handle the "Options=" parameter to the AllowOverride directive: In the stable distribution (lenny), local users could (via .htaccess) enable script execution in Server Side Includes even in configurations where the AllowOverride directive contained only Options=IncludesNoEXEC. In the oldstable distribution (etch), local users could (via .htaccess) enable script execution in Server Side Includes and CGI script execution in configurations where the AllowOverride directive contained any "Options=" value. The oldstable distribution (etch), this problem has been fixed in version 2.2.3-4+etch8.
Family:	unix	Class:	patch
Reference(s):	DSA-1816 CVE-2009-1195	Version:	3
Platform(s):	Debian GNU/Linux 5.0 Debian GNU/Linux 4.0	Product(s):	apache2
Definition Synopsis:
Release section Debian GNU/Linux 5.0 is installed AND Architecture section Architecture independent section Installed architecture is all AND Packages section apache2-src is earlier than 2.2.9-10+lenny3 AND apache2-doc is earlier than 2.2.9-10+lenny3 AND apache2 is earlier than 2.2.9-10+lenny3 OR Architecture dependent section Supported architectures section Installed architecture is s390 AND Installed architecture is amd64 AND Installed architecture is sparc AND Installed architecture is arm AND Installed architecture is i386 AND Installed architecture is armel AND Installed architecture is mips AND Installed architecture is ia64 AND Installed architecture is alpha AND Installed architecture is powerpc AND Installed architecture is mipsel AND Installed architecture is hppa AND Packages section apache2-utils is earlier than 2.2.9-10+lenny3 AND apache2-mpm-worker is earlier than 2.2.9-10+lenny3 AND apache2.2-common is earlier than 2.2.9-10+lenny3 AND apache2-suexec-custom is earlier than 2.2.9-10+lenny3 AND apache2-suexec is earlier than 2.2.9-10+lenny3 AND apache2-threaded-dev is earlier than 2.2.9-10+lenny3 AND apache2-dbg is earlier than 2.2.9-10+lenny3 AND apache2-mpm-event is earlier than 2.2.9-10+lenny3 AND apache2-mpm-prefork is earlier than 2.2.9-10+lenny3 AND apache2-prefork-dev is earlier than 2.2.9-10+lenny3 OR Architecture dependent section Supported architectures section Installed architecture is amd64 AND Installed architecture is i386 AND Installed architecture is powerpc AND Installed architecture is hppa AND Installed architecture is sparc AND Installed architecture is armel AND Installed architecture is mips AND Installed architecture is ia64 AND Installed architecture is alpha AND Installed architecture is mipsel AND Installed architecture is arm AND apache2-mpm-itk is earlier than 2.2.6-02-1+lenny1 OR Release section Debian GNU/Linux 4.0 is installed. AND Architecture section Architecture independent section Installed architecture is all AND Packages section apache2-mpm-perchild is earlier than 2.2.3-4+etch8 AND apache2-src is earlier than 2.2.3-4+etch8 AND apache2-doc is earlier than 2.2.3-4+etch8 AND apache2 is earlier than 2.2.3-4+etch8 AND apache2-utils is earlier than 2.2.3-4+etch8 AND apache2-mpm-worker is earlier than 2.2.3-4+etch8 AND apache2.2-common is earlier than 2.2.3-4+etch8 AND apache2-threaded-dev is earlier than 2.2.3-4+etch8 AND apache2-mpm-event is earlier than 2.2.3-4+etch8 AND apache2-mpm-prefork is earlier than 2.2.3-4+etch8 AND apache2-prefork-dev is earlier than 2.2.3-4+etch8 OR Architecture dependent section Supported architectures section Installed architecture is amd64 AND Installed architecture is i386 AND Installed architecture is powerpc AND Installed architecture is hppa AND Installed architecture is sparc AND Installed architecture is mips AND Installed architecture is ia64 AND Installed architecture is alpha AND Installed architecture is mipsel AND Installed architecture is arm AND apache2-mpm-itk is earlier than 2.2.3-01-2+etch2

Definition Id: oval:org.mitre.oval:def:6513

Oval ID:	oval:org.mitre.oval:def:6513
Title:	Debian GNU/Linux 5.0 is installed
Description:	Debian GNU/Linux 5.0 (lenny) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:5.0	Version:	7
Platform(s):	Debian GNU/Linux 5.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 5.0 is installed
Referenced By:
oval:org.mitre.oval:def:7270

Definition Id: oval:org.mitre.oval:def:6461

Oval ID:	oval:org.mitre.oval:def:6461
Title:	Debian GNU/Linux 4.0 is installed.
Description:	Debian GNU/Linux 4.0 (etch) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:4.0	Version:	9
Platform(s):	Debian GNU/Linux 4.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 4.0 is installed
Referenced By:
oval:org.mitre.oval:def:7270

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0343s

Facebook rss twitter linkedin mail