This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Detail | |||
|---|---|---|---|
| Vendor | Mpm-Itk Project | First view | 2011-03-29 |
| Product | Mpm-Itk | Last view | 2011-03-29 |
| Version | 2.2.11-02 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:mpm-itk_project:mpm-itk | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 4.3 | 2011-03-29 | CVE-2011-1176 | The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process. |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 74262 | Apache HTTP Server Multi-Processing Module itk.c Configuration Merger mpm-itk... |
OpenVAS Exploits
| id | Description |
|---|---|
| 2011-11-11 | Name : Ubuntu Update for apache2 USN-1259-1 File : nvt/gb_ubuntu_USN_1259_1.nasl |
| 2011-05-12 | Name : Debian Security Advisory DSA 2202-1 (apache2) File : nvt/deb_2202_1.nasl |
| 2011-04-01 | Name : Mandriva Update for apache MDVSA-2011:057 (apache) File : nvt/gb_mandriva_MDVSA_2011_057.nasl |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2011-11-11 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-1259-1.nasl - Type: ACT_GATHER_INFO |
| 2011-04-01 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2011-057.nasl - Type: ACT_GATHER_INFO |
| 2011-03-24 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-2202.nasl - Type: ACT_GATHER_INFO |
