This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Mpm-Itk Project First view 2011-03-29
Product Mpm-Itk Last view 2011-03-29
Version 2.2.11-02 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:mpm-itk_project:mpm-itk

Activity : Overall

Related : CVE

  Date Alert Description
4.3 2011-03-29 CVE-2011-1176

The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process.

Open Source Vulnerability Database (OSVDB)

id Description
74262 Apache HTTP Server Multi-Processing Module itk.c Configuration Merger mpm-itk...

OpenVAS Exploits

id Description
2011-11-11 Name : Ubuntu Update for apache2 USN-1259-1
File : nvt/gb_ubuntu_USN_1259_1.nasl
2011-05-12 Name : Debian Security Advisory DSA 2202-1 (apache2)
File : nvt/deb_2202_1.nasl
2011-04-01 Name : Mandriva Update for apache MDVSA-2011:057 (apache)
File : nvt/gb_mandriva_MDVSA_2011_057.nasl

Nessus® Vulnerability Scanner

id Description
2011-11-11 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-1259-1.nasl - Type: ACT_GATHER_INFO
2011-04-01 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2011-057.nasl - Type: ACT_GATHER_INFO
2011-03-24 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-2202.nasl - Type: ACT_GATHER_INFO