The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-0512 advisory.

    - add security fix for CVE-2012-2687 (#850794)
    - add security fixes for CVE-2011-4317, CVE-2012-0053, CVE-2012-0031,       CVE-2011-3607 (#787599)

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-123:02 advisory.

    The Apache HTTP Server is a powerful, efficient, and extensible web server.
    Security issues fixed with this release:
     CVE-2008-0455     Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and     earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x     series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a     name containing XSS sequences and a file extension, which leads to injection within a (1) 406 Not     Acceptable or (2) 300 Multiple Choices HTTP response when the extension is omitted in a request for the     file.
     CVE-2012-2687     Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c     in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is     enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not     properly handled during construction of a variant list.
     CVE-2012-4557     The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an     error state upon detection of a long request-processing time, which allows remote attackers to cause a     denial of service (worker consumption) via an expensive request.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Updated JBoss Enterprise Application Platform 6.0.1 packages that fix multiple security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.

This release serves as a replacement for JBoss Enterprise Application Platform 6.0.0, and includes bug fixes and enhancements. Refer to the 6.0.1 Release Notes for information on the most significant of these changes, available shortly from https://access.redhat.com/knowledge/docs/

This update removes unused signed JARs; unused SHA1 checksums from JAR MANIFEST.MF files to reduce the Server memory footprint; adds MANIFEST.MF to JAR files where it was previously missing; and removes redundant Javadoc files from the main packages. (BZ#853551)

Security fixes :

Apache CXF checked to ensure XML elements were signed or encrypted by a Supporting Token, but not whether the correct token was used. A remote attacker could transmit confidential information without the appropriate security, and potentially circumvent access controls on web services exposed via Apache CXF. (CVE-2012-2379)

When using role-based authorization to configure EJB access, JACC permissions should be used to determine access; however, due to a flaw the configured authorization modules (JACC, XACML, etc.) were not called, and the JACC permissions were not used to determine access to an EJB. (CVE-2012-4550)

A flaw in the way Apache CXF enforced child policies of WS-SecurityPolicy 1.1 on the client side could, in certain cases, lead to a client failing to sign or encrypt certain elements as directed by the security policy, leading to information disclosure and insecure information transmission. (CVE-2012-2378)

A flaw was found in the way IronJacamar authenticated credentials and returned a valid datasource connection when configured to 'allow-multiple-users'. A remote attacker, provided the correct subject, could obtain a datasource connection that might belong to a privileged user. (CVE-2012-3428)

It was found that Apache CXF was vulnerable to SOAPAction spoofing attacks under certain conditions. Note that WS-Policy validation is performed against the operation being invoked, and an attack must pass validation to be successful. (CVE-2012-3451)

When there are no allowed roles for an EJB method invocation, the invocation should be denied for all users. It was found that the processInvocation() method in org.jboss.as.ejb3.security.AuthorizationInterceptor incorrectly authorizes all method invocations to proceed when the list of allowed roles is empty. (CVE-2012-4549)

It was found that in Mojarra, the FacesContext that is made available during application startup is held in a ThreadLocal. The reference is not properly cleaned up in all cases. As a result, if a JavaServer Faces (JSF) WAR calls FacesContext.getCurrentInstance() during application startup, another WAR can get access to the leftover context and thus get access to the other WAR's resources. A local attacker could use this flaw to access another WAR's resources using a crafted, deployed application. (CVE-2012-2672)

An input sanitization flaw was found in the mod_negotiation Apache HTTP Server module. A remote attacker able to upload or create files with arbitrary names in a directory that has the MultiViews options enabled, could use this flaw to conduct cross-site scripting attacks against users visiting the site. (CVE-2008-0455, CVE-2012-2687)

Red Hat would like to thank the Apache CXF project for reporting CVE-2012-2379, CVE-2012-2378, and CVE-2012-3451. The CVE-2012-4550 issue was discovered by Josef Cacek of the Red Hat JBoss EAP Quality Engineering team; CVE-2012-3428 and CVE-2012-4549 were discovered by Arun Neelicattu of the Red Hat Security Response Team; and CVE-2012-2672 was discovered by Marek Schmidt and Stan Silvert of Red Hat.

Warning: Before applying this update, back up your existing JBoss Enterprise Application Platform installation and deployed applications. Refer to the Solution section for further details.

Updated JBoss Enterprise Application Platform 6.0.1 packages that fix multiple security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.

This release serves as a replacement for JBoss Enterprise Application Platform 6.0.0, and includes bug fixes and enhancements. Refer to the 6.0.1 Release Notes for information on the most significant of these changes, available shortly from https://access.redhat.com/knowledge/docs/

This update removes unused signed JARs; unused SHA1 checksums from JAR MANIFEST.MF files to reduce the Server memory footprint; adds MANIFEST.MF to JAR files where it was previously missing; and removes redundant Javadoc files from the main packages. (BZ#830291)

Security fixes :

Apache CXF checked to ensure XML elements were signed or encrypted by a Supporting Token, but not whether the correct token was used. A remote attacker could transmit confidential information without the appropriate security, and potentially circumvent access controls on web services exposed via Apache CXF. (CVE-2012-2379)

When using role-based authorization to configure EJB access, JACC permissions should be used to determine access; however, due to a flaw the configured authorization modules (JACC, XACML, etc.) were not called, and the JACC permissions were not used to determine access to an EJB. (CVE-2012-4550)

A flaw in the way Apache CXF enforced child policies of WS-SecurityPolicy 1.1 on the client side could, in certain cases, lead to a client failing to sign or encrypt certain elements as directed by the security policy, leading to information disclosure and insecure information transmission. (CVE-2012-2378)

A flaw was found in the way IronJacamar authenticated credentials and returned a valid datasource connection when configured to 'allow-multiple-users'. A remote attacker, provided the correct subject, could obtain a datasource connection that might belong to a privileged user. (CVE-2012-3428)

It was found that Apache CXF was vulnerable to SOAPAction spoofing attacks under certain conditions. Note that WS-Policy validation is performed against the operation being invoked, and an attack must pass validation to be successful. (CVE-2012-3451)

When there are no allowed roles for an EJB method invocation, the invocation should be denied for all users. It was found that the processInvocation() method in org.jboss.as.ejb3.security.AuthorizationInterceptor incorrectly authorizes all method invocations to proceed when the list of allowed roles is empty. (CVE-2012-4549)

It was found that in Mojarra, the FacesContext that is made available during application startup is held in a ThreadLocal. The reference is not properly cleaned up in all cases. As a result, if a JavaServer Faces (JSF) WAR calls FacesContext.getCurrentInstance() during application startup, another WAR can get access to the leftover context and thus get access to the other WAR's resources. A local attacker could use this flaw to access another WAR's resources using a crafted, deployed application. (CVE-2012-2672)

An input sanitization flaw was found in the mod_negotiation Apache HTTP Server module. A remote attacker able to upload or create files with arbitrary names in a directory that has the MultiViews options enabled, could use this flaw to conduct cross-site scripting attacks against users visiting the site. (CVE-2008-0455, CVE-2012-2687)

Red Hat would like to thank the Apache CXF project for reporting CVE-2012-2379, CVE-2012-2378, and CVE-2012-3451. The CVE-2012-4550 issue was discovered by Josef Cacek of the Red Hat JBoss EAP Quality Engineering team; CVE-2012-3428 and CVE-2012-4549 were discovered by Arun Neelicattu of the Red Hat Security Response Team; and CVE-2012-2672 was discovered by Marek Schmidt and Stan Silvert of Red Hat.

Warning: Before applying this update, back up your existing JBoss Enterprise Application Platform installation and deployed applications. Refer to the Solution section for further details.

The remote host is affected by the vulnerability described in GLSA-200803-19 (Apache: Multiple vulnerabilities)

    Adrian Pastor and Amir Azam (ProCheckUp) reported that the HTTP Method     specifier header is not properly sanitized when the HTTP return code is     '413 Request Entity too large' (CVE-2007-6203). The mod_proxy_balancer     module does not properly check the balancer name before using it     (CVE-2007-6422). The mod_proxy_ftp does not define a charset in its     answers (CVE-2008-0005). Stefano Di Paola (Minded Security) reported     that filenames are not properly sanitized within the mod_negotiation     module (CVE-2008-0455, CVE-2008-0456).
  Impact :

    A remote attacker could entice a user to visit a malicious URL or send     specially crafted HTTP requests (i.e using Adobe Flash) to perform     Cross-Site Scripting and HTTP response splitting attacks, or conduct a     Denial of Service attack on the vulnerable web server.
  Workaround :

    There is no known workaround at this time.

Updated httpd packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

The httpd packages contain the Apache HTTP Server (httpd), which is the namesake project of The Apache Software Foundation.

An input sanitization flaw was found in the mod_negotiation Apache HTTP Server module. A remote attacker able to upload or create files with arbitrary names in a directory that has the MultiViews options enabled, could use this flaw to conduct cross-site scripting attacks against users visiting the site. (CVE-2008-0455, CVE-2012-2687)

It was discovered that mod_proxy_ajp, when used in configurations with mod_proxy in load balancer mode, would mark a back-end server as failed when request processing timed out, even when a previous AJP (Apache JServ Protocol) CPing request was responded to by the back-end. A remote attacker able to make a back-end use an excessive amount of time to process a request could cause mod_proxy to not send requests to back-end AJP servers for the retry timeout period or until all back-end servers were marked as failed. (CVE-2012-4557)

These updated httpd packages include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.4 Technical Notes, linked to in the References, for information on the most significant of these changes.

All users of httpd are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements. After installing the updated packages, the httpd daemon will be restarted automatically.

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-45:01 advisory.

    The Apache HTTP Server is a powerful, efficient, and extensible web server.
    Security issues fixed with this release:
     CVE-2008-0455     Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and     earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x     series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a     name containing XSS sequences and a file extension, which leads to injection within a (1) 406 Not     Acceptable or (2) 300 Multiple Choices HTTP response when the extension is omitted in a request for the     file.
     CVE-2008-0456     CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in     the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series     allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting     attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension,     which leads to injection within a (1) 406 Not Acceptable or (2) 300 Multiple Choices HTTP response     when the extension is omitted in a request for the file.
     CVE-2012-2687     Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c     in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is     enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not     properly handled during construction of a variant list.
    Fixed bugs:
     Previously, the validity of /etc/pki/tls/private/localhost.key was not checked before running the %post     script for the mod_ssl package: If /etc/pki/tls/certs/localhost.crt did not exist and localhost.key     was present but invalid and upgrading httpd with mod_ssl failed. This has been fixed.
     Added a patch to disable non-FIPS functionality in the mod_ssl module when running in FIPS mode so that     httpd starts as expected under FIPS mode.
     Previously, the httpd exit codes were not LSB compliant. This has been fixed and httpd now returns 1 as     an exist status code.
     Fixed the handling of long chunk-lines (32 bytes or more).
     Fixed header merging for 304 case.
     Fixed the response-line strings handling when run in a proxy set up so that response-lines without a     description string are properly returned to the client.
     Previously, a bug in the mod_mem_cache module could result in a cached entity becoming corrupt when     aborting an HTTP connection. This has been fixed.
    Enhancements:
     Added support for the LDAPReferrals configuration directive.
     The mod_proxy_ajp module now supports the ProxyErrorOverride directive      Now, if the /etc/sysconfig/httpd-disable-posttrans file exists, the %posttrans scriptlet will not     automatically restarts the httpd service after a package upgrade.
     The output of httpd -S now includes configured alias names for each virtual host.
     mod_ssl using the _DN_userID (like SSL_CLIENT_S_DN_userID) now expose new certificate variable     names.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

This update contains the 2.2.23 release of the Apache HTTP Server.

http://www.eu.apache.org/dist/httpd/CHANGES_2.2.23

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

An input sanitization flaw was found in the mod_negotiation Apache HTTP Server module. A remote attacker able to upload or create files with arbitrary names in a directory that has the MultiViews options enabled, could use this flaw to conduct cross-site scripting attacks against users visiting the site. (CVE-2008-0455, CVE-2012-2687)

It was discovered that mod_proxy_ajp, when used in configurations with mod_proxy in load balancer mode, would mark a back-end server as failed when request processing timed out, even when a previous AJP (Apache JServ Protocol) CPing request was responded to by the back-end. A remote attacker able to make a back-end use an excessive amount of time to process a request could cause mod_proxy to not send requests to back-end AJP servers for the retry timeout period or until all back-end servers were marked as failed. (CVE-2012-4557)

After installing the updated packages, the httpd daemon will be restarted automatically.

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-0130 advisory.

    - add security fix for CVE-2008-0456
    - add security fix for CVE-2012-2687 (#850794)

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) '406 Not Acceptable' or (2) '300 Multiple Choices' HTTP response when the extension is omitted in a request for the file.

According to its banner, the version of Apache running on the remote host does not properly escape filenames in 406 responses. A remote attacker can exploit this to inject arbitrary HTTP headers or conduct cross-site scripting attacks by uploading a file with a specially crafted name. 

Note that the remote web server may not actually be affected by these vulnerabilities as Nessus has relied solely on the version number in the server's banner.

Updated httpd packages that fix multiple security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

The httpd packages contain the Apache HTTP Server (httpd), which is the namesake project of The Apache Software Foundation.

Input sanitization flaws were found in the mod_negotiation module. A remote attacker able to upload or create files with arbitrary names in a directory that has the MultiViews options enabled, could use these flaws to conduct cross-site scripting and HTTP response splitting attacks against users visiting the site. (CVE-2008-0455, CVE-2008-0456, CVE-2012-2687)

Bug fixes :

* Previously, no check was made to see if the /etc/pki/tls/private/localhost.key file was a valid key prior to running the '%post' script for the 'mod_ssl' package. Consequently, when /etc/pki/tls/certs/localhost.crt did not exist and 'localhost.key' was present but invalid, upgrading the Apache HTTP Server daemon (httpd) with mod_ssl failed. The '%post' script has been fixed to test for an existing SSL key. As a result, upgrading httpd with mod_ssl now proceeds as expected. (BZ#752618)

* The 'mod_ssl' module did not support operation under FIPS mode.
Consequently, when operating Red Hat Enterprise Linux 5 with FIPS mode enabled, httpd failed to start. An upstream patch has been applied to disable non-FIPS functionality if operating under FIPS mode and httpd now starts as expected. (BZ#773473)

* Prior to this update, httpd exit status codes were not Linux Standard Base (LSB) compliant. When the command 'service httpd reload' was run and httpd failed, the exit status code returned was '0' and not in the range 1 to 6 as expected. A patch has been applied to the init script and httpd now returns '1' as an exit status code.
(BZ#783242)

* Chunked Transfer Coding is described in RFC 2616. Previously, the Apache server did not correctly handle a chunked encoded POST request with a 'chunk-size' or 'chunk-extension' value of 32 bytes or more.
Consequently, when such a POST request was made the server did not respond. An upstream patch has been applied and the problem no longer occurs. (BZ#840845)

* Due to a regression, when mod_cache received a non-cacheable 304 response, the headers were served incorrectly. Consequently, compressed data could be returned to the client without the cached headers to indicate the data was compressed. An upstream patch has been applied to merge response and cached headers before data from the cache is served to the client. As a result, cached data is now correctly interpreted by the client. (BZ#845532)

* In a proxy configuration, certain response-line strings were not handled correctly. If a response-line without a 'description' string was received from the origin server, for a non-standard status code, such as the '450' status code, a '500 Internal Server Error' would be returned to the client. This bug has been fixed so that the original response line is returned to the client. (BZ#853128)

Enhancements :

* The configuration directive 'LDAPReferrals' is now supported in addition to the previously introduced 'LDAPChaseReferrals'.
(BZ#727342)

* The AJP support module for 'mod_proxy', 'mod_proxy_ajp', now supports the 'ProxyErrorOverride' directive. Consequently, it is now possible to configure customized error pages for web applications running on a backend server accessed via AJP. (BZ#767890)

* The '%posttrans' scriptlet which automatically restarts the httpd service after a package upgrade can now be disabled. If the file /etc/sysconfig/httpd-disable-posttrans exists, the scriptlet will not restart the daemon. (BZ#833042)

* The output of 'httpd -S' now includes configured alias names for each virtual host. (BZ#833043)

* New certificate variable names are now exposed by 'mod_ssl' using the '_DN_userID' suffix, such as 'SSL_CLIENT_S_DN_userID', which use the commonly used object identifier (OID) definition of 'userID', OID 0.9.2342.19200300.100.1.1. (BZ#840036)

All users of httpd are advised to upgrade to these updated packages, which fix these issues and add these enhancements.

Input sanitization flaws were found in the mod_negotiation module. A remote attacker able to upload or create files with arbitrary names in a directory that has the MultiViews options enabled, could use these flaws to conduct cross-site scripting and HTTP response splitting attacks against users visiting the site. (CVE-2008-0455, CVE-2008-0456, CVE-2012-2687)

Bug fixes :

  - Previously, no check was made to see if the     /etc/pki/tls/private/localhost.key file was a valid key     prior to running the '%post' script for the 'mod_ssl'     package. Consequently, when     /etc/pki/tls/certs/localhost.crt did not exist and     'localhost.key' was present but invalid, upgrading the     Apache HTTP Server daemon (httpd) with mod_ssl failed.
    The '%post' script has been fixed to test for an     existing SSL key. As a result, upgrading httpd with     mod_ssl now proceeds as expected.

  - The 'mod_ssl' module did not support operation under     FIPS mode. Consequently, when operating Scientific Linux     5 with FIPS mode enabled, httpd failed to start. An     upstream patch has been applied to disable non-FIPS     functionality if operating under FIPS mode and httpd now     starts as expected.

  - Prior to this update, httpd exit status codes were not     Linux Standard Base (LSB) compliant. When the command     'service httpd reload' was run and httpd failed, the     exit status code returned was '0' and not in the range 1     to 6 as expected. A patch has been applied to the init     script and httpd now returns '1' as an exit status code.

  - Chunked Transfer Coding is described in RFC 2616.
    Previously, the Apache server did not correctly handle a     chunked encoded POST request with a 'chunk- size' or     'chunk-extension' value of 32 bytes or more.
    Consequently, when such a POST request was made the     server did not respond. An upstream patch has been     applied and the problem no longer occurs.

  - Due to a regression, when mod_cache received a     non-cacheable 304 response, the headers were served     incorrectly. Consequently, compressed data could be     returned to the client without the cached headers to     indicate the data was compressed. An upstream patch has     been applied to merge response and cached headers before     data from the cache is served to the client. As a     result, cached data is now correctly interpreted by the     client.

  - In a proxy configuration, certain response-line strings     were not handled correctly. If a response-line without a     'description' string was received from the origin     server, for a non-standard status code, such as the     '450' status code, a '500 Internal Server Error' would     be returned to the client. This bug has been fixed so     that the original response line is returned to the     client.

Enhancements :

  - The configuration directive 'LDAPReferrals' is now     supported in addition to the previously introduced     'LDAPChaseReferrals'.

  - The AJP support module for 'mod_proxy', 'mod_proxy_ajp',     now supports the 'ProxyErrorOverride' directive.
    Consequently, it is now possible to configure customized     error pages for web applications running on a backend     server accessed via AJP.

  - The '%posttrans' scriptlet which automatically restarts     the httpd service after a package upgrade can now be     disabled. If the file /etc/sysconfig/httpd-     disable-posttrans exists, the scriptlet will not restart     the daemon.

  - The output of 'httpd -S' now includes configured alias     names for each virtual host.

  - New certificate variable names are now exposed by     'mod_ssl' using the '_DN_userID' suffix, such as     'SSL_CLIENT_S_DN_userID', which use the commonly used     object identifier (OID) definition of 'userID', OID     0.9.2342.19200300.100.1.1.

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:0512 advisory.

    The httpd packages contain the Apache HTTP Server (httpd), which is the     namesake project of The Apache Software Foundation.

    An input sanitization flaw was found in the mod_negotiation Apache HTTP     Server module. A remote attacker able to upload or create files with     arbitrary names in a directory that has the MultiViews options enabled,     could use this flaw to conduct cross-site scripting attacks against users     visiting the site. (CVE-2008-0455, CVE-2012-2687)

    It was discovered that mod_proxy_ajp, when used in configurations with     mod_proxy in load balancer mode, would mark a back-end server as failed     when request processing timed out, even when a previous AJP (Apache JServ     Protocol) CPing request was responded to by the back-end. A remote     attacker able to make a back-end use an excessive amount of time to     process a request could cause mod_proxy to not send requests to back-end     AJP servers for the retry timeout period or until all back-end servers     were marked as failed. (CVE-2012-4557)

    These updated httpd packages include numerous bug fixes and enhancements.
    Space precludes documenting all of these changes in this advisory. Users     are directed to the Red Hat Enterprise Linux 6.4 Technical Notes, linked     to in the References, for information on the most significant of these     changes.

    All users of httpd are advised to upgrade to these updated packages, which     contain backported patches to correct these issues and add these     enhancements. After installing the updated packages, the httpd daemon will     be restarted automatically.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	名称	产品	系列	发布时间	最近更新时间	严重程度
68750	Oracle Linux 6 : httpd (ELSA-2013-0512)	Nessus	Oracle Linux Local Security Checks	2013/7/12	2024/10/23	medium
289414	MiracleLinux 4 : httpd-2.2.15-26.0.1.AXS4 (AXSA:2013-123:02)	Nessus	Miracle Linux Local Security Checks	2026/1/16	2026/1/16	medium
64071	RHEL 5 : JBoss EAP (RHSA-2012:1591)	Nessus	Red Hat Local Security Checks	2013/1/24	2021/1/14	critical
64072	RHEL 6 : JBoss EAP (RHSA-2012:1592)	Nessus	Red Hat Local Security Checks	2013/1/24	2021/1/14	critical
31445	GLSA-200803-19 : Apache: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	2008/3/13	2021/1/6	medium
65145	CentOS 6 : httpd (CESA-2013:0512)	Nessus	CentOS Local Security Checks	2013/3/10	2021/1/4	medium
289813	MiracleLinux 3 : httpd-2.2.3-76.0.1.AXS3 (AXSA:2013-45:01)	Nessus	Miracle Linux Local Security Checks	2026/1/16	2026/1/16	medium
64595	Fedora 17 : httpd-2.2.23-1.fc17 (2013-1661)	Nessus	Fedora Local Security Checks	2013/2/13	2021/1/11	medium
64952	Scientific Linux Security Update : httpd on SL6.x i386/x86_64 (20130221)	Nessus	Scientific Linux Local Security Checks	2013/3/1	2021/1/14	medium
68701	Oracle Linux 5 : httpd (ELSA-2013-0130)	Nessus	Oracle Linux Local Security Checks	2013/7/12	2025/4/29	medium
85708	F5 Networks BIG-IP : Apache HTTP server vulnerability (SOL17201)	Nessus	F5 Networks Local Security Checks	2015/9/1	2021/3/10	medium
17692	Apache mod_negotiation Multi-Line Filename Upload Vulnerabilities	Nessus	Web Servers	2011/11/18	2018/11/15	medium
63575	CentOS 5 : httpd (CESA-2013:0130)	Nessus	CentOS Local Security Checks	2013/1/17	2021/1/4	medium
63597	Scientific Linux Security Update : httpd on SL5.x i386/x86_64 (20130108)	Nessus	Scientific Linux Local Security Checks	2013/1/17	2021/1/14	medium
64761	RHEL 6 : httpd (RHSA-2013:0512)	Nessus	Red Hat Local Security Checks	2013/2/21	2025/4/15	medium

检测

插件搜索

medium

medium

critical

critical

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium