2 Replies Latest reply on Jan 20, 2012 9:29 AM by oppiris

    Apache CVE-2011-3192 check

      Is there a check to test for the vulnerability described in CVE-2011-3192?

        • 1. Re: Apache CVE-2011-3192 check

          Hi Oppris,

           

          Cursory glance says we have quite a few.

           

          To see for yourself, while editing or creating new scans go to:

          Settings

          Vuln Selection

          Search By / CVE Number / CVE-2011-3192 / Search

           

          I see the following:

          (HT5002) Apple Mac OS X Multiple Vulnerabilities

          Debian Linux 5.0, 6.0 DSA-2298-1 Update Is Not Installed

          Debian Linux 5.0, 6.0 DSA-2298-2 Update Is Not Installed

          SuSE SLES 10 apache2-7757 Update Is Not Installed

          (HPSBUX02702) HP-UX Apache Web Server Remote Denial Of Service Vulnerabilities

          (HPSBUX02707) HP-UX Apache Web Server Remote Denial Of Service Vulnerabilities

          (HT5002) Apple Mac OS X Multiple Vulnerabilities

          Apache httpd mod_deflate Resource Exhaustion Denial Of Service

          Debian Linux 5.0, 6.0 DSA-2298-1 Update Is Not Installed

          Debian Linux 5.0, 6.0 DSA-2298-2 Update Is Not Installed

          Fedora Linux 15 FEDORA-2011-12715 Update Is Not Installed

          Fedora Linux 16 FEDORA-2011-12667 Update Is Not Installed

          FreeBSD apache Range Header DoS Vulnerability (7f6108d2-cea8-11e0-9d58-0800279895ea)

          Mandriva Linux 2009.0, 2010.1 MDVSA-2011-130 Update Is Not Installed

          Mandriva Linux 2011.0 MDVSA-2011-130-1 Update Is Not Installed

          Oracle Enterprise Linux ELSA-2011-1245 Update Is Not Installed

          Oracle Enterprise Linux ELSA-2011-1391 Update Is Not Installed

          Oracle Fusion Middleware HTTP Server Apache HTTPD Denial Of Service

          Red Hat Enterprise Linux RHSA-2011-1245 Update Is Not Installed

          Red Hat Enterprise Linux RHSA-2011-1294 Update Is Not Installed

          Red Hat Enterprise Linux RHSA-2011-1391 Update Is Not Installed

          Red Hat Enterprise Linux RHSA-2011-1392 Update Is Not Installed

          Slackware Linux 12.0, 12.1, 12.2, 13.0, 13.1, 13.37 SSA:2011-252-01 Update Is Not Installed

          Slackware Linux 12.0, 12.1, 12.2, 13.0, 13.1, 13.37 SSA:2011-284-01 Update Is Not Installed

          SuSE SLES 10 apache2-7757 Update Is Not Installed

          SuSE SLES 10 SP3 apache2-7721 Update Is Not Installed

          SuSE SLES 10 SP4 apache2-7722 Update Is Not Installed

          SuSE SLES 11, 11 SP1 apache2-5344 Update Is Not Installed

          Ubuntu Linux 10.04, 10.10, 11.04, 8.04 LTS USN-1199-1 Update Is Not Installed

           

          Hope that helps!
          Cathy

          • 2. Re: Apache CVE-2011-3192 check

            Thanks Cathy,

            I tried that.

            But our company runs another tool that checks for that vulnerability and it reports systems that look ok in the MVM reports.

            When I check these machines manually (with a telnet and requesting some overlapping ranges) they respond to the request, which is an indication that apache is vulnerable.

            So could it be that the checks in MVM do not find everything?

             

            P.S.

             

            I can get different results with the other scanner, NMAP check, manual check and a perl script.

             

            Nachricht geändert durch oppiris on 20.01.12 09:29:19 CST