Details of VAR-200706-0666

ID

VAR-200706-0666

CVE

CVE-2006-5752

TITLE

Hitachi Web Server Cross-Site Scripting Vulnerability with Server-Status Page

Trust: 0.8

sources: JVNDB: JVNDB-2007-000773

DESCRIPTION

Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform "charset detection" when the content-type is not specified. When Hitachi Web Server receives a request that contains malicious scripts, they are inserted into the server-satus page the Server automatically creates. This allows the inserted malicious scripts to be executed on the client machines. The vulnerability does not affect the product if the server-status reporting feature is disabled.An attacker could execute malicious scripts. The Apache HTTP Server mod_status module is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. This could lead to a denial of service if using a threaded MPM (CVE-2007-1863). Updated packages have been patched to prevent the above issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 _______________________________________________________________________ Updated Packages: Corporate 3.0: 33b4ae40c9eedadc7ea05bbb79a8a023 corporate/3.0/i586/apache2-2.0.48-6.14.C30mdk.i586.rpm 0d2db18ac10c77ab4486c3b3f693b3c9 corporate/3.0/i586/apache2-common-2.0.48-6.14.C30mdk.i586.rpm 530dc14f5f5c28f0c41c28263be70c66 corporate/3.0/i586/apache2-devel-2.0.48-6.14.C30mdk.i586.rpm 23d8731286c81b5ef69e6c743d064751 corporate/3.0/i586/apache2-manual-2.0.48-6.14.C30mdk.i586.rpm fecdea1f465f55798f44dfb54f5d505d corporate/3.0/i586/apache2-mod_cache-2.0.48-6.14.C30mdk.i586.rpm 76b1905e2f629f6b7f44965157edc9f8 corporate/3.0/i586/apache2-mod_dav-2.0.48-6.14.C30mdk.i586.rpm d444c58838c9b6bfb165f20e3947fa71 corporate/3.0/i586/apache2-mod_deflate-2.0.48-6.14.C30mdk.i586.rpm bbf3e12adee9e972716c6d9b3b00024a corporate/3.0/i586/apache2-mod_disk_cache-2.0.48-6.14.C30mdk.i586.rpm 0a4de57e75712e4972cec7be5ea028c1 corporate/3.0/i586/apache2-mod_file_cache-2.0.48-6.14.C30mdk.i586.rpm d3ad1ad4b8d2e6ac0326f319d22c4736 corporate/3.0/i586/apache2-mod_ldap-2.0.48-6.14.C30mdk.i586.rpm 38c489f26dbc7fafb4fb7014310648f8 corporate/3.0/i586/apache2-mod_mem_cache-2.0.48-6.14.C30mdk.i586.rpm 84a4b113c4eb28004920fda04bf6e4c5 corporate/3.0/i586/apache2-mod_proxy-2.0.48-6.14.C30mdk.i586.rpm 39a8ff0956dd1087e14958ce141efaec corporate/3.0/i586/apache2-mod_ssl-2.0.48-6.14.C30mdk.i586.rpm d240e12e5c70884a03d4a4e93c121678 corporate/3.0/i586/apache2-modules-2.0.48-6.14.C30mdk.i586.rpm 8df7637f83d086df49f35caa9efb823e corporate/3.0/i586/apache2-source-2.0.48-6.14.C30mdk.i586.rpm d27c0cc4ee311add44ab39386cda6327 corporate/3.0/i586/libapr0-2.0.48-6.14.C30mdk.i586.rpm 412819e938a35e65159856b6df26d0a3 corporate/3.0/SRPMS/apache2-2.0.48-6.14.C30mdk.src.rpm Corporate 3.0/X86_64: dfccabfd0496f8c43190e8a3fb8126c4 corporate/3.0/x86_64/apache2-2.0.48-6.14.C30mdk.x86_64.rpm 611a03bcb215fea9cdbcb9947e4c2fe5 corporate/3.0/x86_64/apache2-common-2.0.48-6.14.C30mdk.x86_64.rpm 5a0b8194418b87bb5c876689074dae73 corporate/3.0/x86_64/apache2-devel-2.0.48-6.14.C30mdk.x86_64.rpm 243acf8278d50e8aa3603ee66888bee5 corporate/3.0/x86_64/apache2-manual-2.0.48-6.14.C30mdk.x86_64.rpm 3c7e59abeaadf6e7b79625aa7c2a8feb corporate/3.0/x86_64/apache2-mod_cache-2.0.48-6.14.C30mdk.x86_64.rpm ea0051d179e89eb578784da0a06ba515 corporate/3.0/x86_64/apache2-mod_dav-2.0.48-6.14.C30mdk.x86_64.rpm cedc742db5f95e6cfa514ca272a0beb8 corporate/3.0/x86_64/apache2-mod_deflate-2.0.48-6.14.C30mdk.x86_64.rpm 52ea68be3a7d00bfcfb295bf7c838fd8 corporate/3.0/x86_64/apache2-mod_disk_cache-2.0.48-6.14.C30mdk.x86_64.rpm a34a7ef7a90245843abd29a901982458 corporate/3.0/x86_64/apache2-mod_file_cache-2.0.48-6.14.C30mdk.x86_64.rpm ebf80868b29fbcec3cfe98f97c9c039a corporate/3.0/x86_64/apache2-mod_ldap-2.0.48-6.14.C30mdk.x86_64.rpm 9498d52515df024b731c77e86ec8ca80 corporate/3.0/x86_64/apache2-mod_mem_cache-2.0.48-6.14.C30mdk.x86_64.rpm 4d2f6004a024770a542110ddb458d331 corporate/3.0/x86_64/apache2-mod_proxy-2.0.48-6.14.C30mdk.x86_64.rpm 0ba5b39fe791c256f1bcfc31f0283244 corporate/3.0/x86_64/apache2-mod_ssl-2.0.48-6.14.C30mdk.x86_64.rpm da4637c7b4465764f4813d2c2aee33c2 corporate/3.0/x86_64/apache2-modules-2.0.48-6.14.C30mdk.x86_64.rpm 8404598ff3c49d98ba12067f32cce34c corporate/3.0/x86_64/apache2-source-2.0.48-6.14.C30mdk.x86_64.rpm 6fcf4bc783925e54682204f364bfd8ff corporate/3.0/x86_64/lib64apr0-2.0.48-6.14.C30mdk.x86_64.rpm 412819e938a35e65159856b6df26d0a3 corporate/3.0/SRPMS/apache2-2.0.48-6.14.C30mdk.src.rpm Multi Network Firewall 2.0: 3b66d4eaf4091aede0930ec9301064a0 mnf/2.0/i586/apache2-2.0.48-6.14.M20mdk.i586.rpm c94a8966ab3b67071429c14c1eb899f2 mnf/2.0/i586/apache2-common-2.0.48-6.14.M20mdk.i586.rpm dadac33ef4982ab11d5598997d4e4d1d mnf/2.0/i586/apache2-devel-2.0.48-6.14.M20mdk.i586.rpm 9dbe03b9bebae8ce4e4703e210e2c1fa mnf/2.0/i586/apache2-manual-2.0.48-6.14.M20mdk.i586.rpm 7c977a7a26bbeaafa3a799ebd0559ea5 mnf/2.0/i586/apache2-mod_cache-2.0.48-6.14.M20mdk.i586.rpm 2e47db770a1a974710d5dae1ca290936 mnf/2.0/i586/apache2-mod_dav-2.0.48-6.14.M20mdk.i586.rpm e0319ec65d680b04fc0768dcb62e009c mnf/2.0/i586/apache2-mod_deflate-2.0.48-6.14.M20mdk.i586.rpm 56487fcc42cf1213f629eb8e2c0166a8 mnf/2.0/i586/apache2-mod_disk_cache-2.0.48-6.14.M20mdk.i586.rpm f04b85763fe99b9a8675693540abbba9 mnf/2.0/i586/apache2-mod_file_cache-2.0.48-6.14.M20mdk.i586.rpm d64c6bb4f71752fffcfea7fa6df6e9d5 mnf/2.0/i586/apache2-mod_ldap-2.0.48-6.14.M20mdk.i586.rpm 032d38f08b994e8056b7a45b41d6779b mnf/2.0/i586/apache2-mod_mem_cache-2.0.48-6.14.M20mdk.i586.rpm 4daa1573e3b352ae0876ced8a816ddc1 mnf/2.0/i586/apache2-mod_proxy-2.0.48-6.14.M20mdk.i586.rpm 68aa23dad66ad710e96750abab87c359 mnf/2.0/i586/apache2-mod_ssl-2.0.48-6.14.M20mdk.i586.rpm 95b0de0c80b432e4fe82e745408417e6 mnf/2.0/i586/apache2-modules-2.0.48-6.14.M20mdk.i586.rpm d80dca1b0b2a7870f3d65424342b8f1b mnf/2.0/i586/apache2-source-2.0.48-6.14.M20mdk.i586.rpm 4ef56c99d09113cb3139bf3b89b35d86 mnf/2.0/i586/libapr0-2.0.48-6.14.M20mdk.i586.rpm 542f190bea765d0d80dc660396078538 mnf/2.0/SRPMS/apache2-2.0.48-6.14.M20mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFGjEEPmqjQ0CJFipgRAuYaAJ49WMOSIRzYWAfA2I5MZqJ5UHOCiQCfWKIT MjP/AAbsJuhDQISFHH01wow= =xNXK -----END PGP SIGNATURE----- . Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-servers/apache < 2.2.6 *>= 2.0.59-r5 >= 2.2.6 Description =========== Multiple cross-site scripting vulnerabilities have been discovered in mod_status and mod_autoindex (CVE-2006-5752, CVE-2007-4465). An error has been discovered in the recall_headers() function in mod_mem_cache (CVE-2007-1862). The mod_cache module does not properly sanitize requests before processing them (CVE-2007-1863). The Prefork module does not properly check PID values before sending signals (CVE-2007-3304). The mod_proxy module does not correctly check headers before processing them (CVE-2007-3847). Impact ====== A remote attacker could exploit one of these vulnerabilities to inject arbitrary script or HTML content, obtain sensitive information or cause a Denial of Service. Workaround ========== There is no known workaround at this time. Resolution ========== All Apache users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-servers/apache-2.0.59-r5" References ========== [ 1 ] CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 [ 2 ] CVE-2007-1862 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862 [ 3 ] CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 [ 4 ] CVE-2007-3304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 [ 5 ] CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 [ 6 ] CVE-2007-4465 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200711-06.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Summary Updated VMware Hosted products address security issues in libpng and the Apace HTTP Server. 2. Relevant releases VMware Workstation 6.5.2 and earlier, VMware Player 2.5.2 and earlier, VMware ACE 2.5.2 and earlier 3. Problem Description a. Third Party Library libpng Updated to 1.2.35 Several flaws were discovered in the way third party library libpng handled uninitialized pointers. An attacker could create a PNG image file in such a way, that when loaded by an application linked to libpng, it could cause the application to crash or execute arbitrary code at the privilege level of the user that runs the application. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-0040 to this issue. The following table lists what action remediates the vulnerability (column 4) if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected Workstation 6.5.x any 6.5.3 build 185404 or later Player 2.5.x any 2.5.3 build 185404 or later ACE 2.5.x any 2.5.3 build 185404 or later Server 2.x any patch pending Server 1.x any patch pending Fusion 2.x Mac OS/X not affected Fusion 1.x Mac OS/X not affected ESXi 4.0 ESXi not affected ESXi 3.5 ESXi not affected ESX 4.0 ESX not affected ESX 3.5 ESX not affected ESX 3.0.3 ESX not affected ESX 3.0.2 ESX not affected ESX 2.5.5 ESX not affected * * The libpng update for the Service Console of ESX 2.5.5 is documented in VMSA-2009-0007. b. Apache HTTP Server updated to 2.0.63 The new version of ACE updates the Apache HTTP Server on Windows hosts to version 2.0.63 which addresses multiple security issues that existed in the previous versions of this server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752, CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the issues that have been addressed by this update. The following table lists what action remediates the vulnerability (column 4) if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected Workstation 6.5.x any not affected Player 2.5.x any not affected ACE 2.5.x Windows 2.5.3 build 185404 or later ACE 2.5.x Linux update Apache on host system * Server 2.x any not affected Server 1.x any not affected Fusion 2.x Mac OS/X not affected Fusion 1.x Mac OS/X not affected ESXi 4.0 ESXi not affected ESXi 3.5 ESXi not affected ESX 4.0 ESX not affected ESX 3.5 ESX not affected ESX 3.0.3 ESX not affected ESX 3.0.2 ESX not affected ESX 2.5.5 ESX not affected * The Apache HTTP Server is not part of an ACE install on a Linux host. Update the Apache HTTP Server on the host system to version 2.0.63 in order to remediate the vulnerabilities listed above. 4. Solution Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file. VMware Workstation 6.5.3 ------------------------ http://www.vmware.com/download/ws/ Release notes: http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html For Windows Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 7565d16b7d7e0173b90c3b76ca4656bc sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1 For Linux Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 4d55c491bd008ded0ea19f373d1d1fd4 sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: d4a721c1918c0e8a87c6fa4bad49ad35 sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5 Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 72adfdb03de4959f044fcb983412ae7c sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: 83e1f0c94d6974286256c4d3b559e854 sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542 VMware Player 2.5.3 ------------------- http://www.vmware.com/download/player/ Release notes: http://www.vmware.com/support/player25/doc/releasenotes_player253.html Player for Windows binary http://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe md5sum: fe28f193374c9457752ee16cd6cad4e7 sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04 Player for Linux (.rpm) http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm md5sum: c99cd65f19fdfc7651bcb7f328b73bc2 sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e Player for Linux (.bundle) http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle md5sum: 210f4cb5615bd3b2171bc054b9b2bac5 sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b Player for Linux - 64-bit (.rpm) http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm md5sum: f91576ef90b322d83225117ae9335968 sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974 Player for Linux - 64-bit (.bundle) http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle md5sum: 595d44d7945c129b1aeb679d2f001b05 sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4 VMware ACE 2.5.3 ---------------- http://www.vmware.com/download/ace/ Release notes: http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 44cc7b86353047f02cf6ea0653e38418 sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1 VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef ACE Management Server for Windows Windows .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: a4fc92d7197f0d569361cdf4b8cca642 sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75 ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 841005151338c8b954f08d035815fd58 sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e 5. Change log 2009-08-20 VMSA-2009-0010 Initial security advisory after release of Workstation 6.5.3, Player 2.5.3, and ACE 2.5.3 on 2009-08-20. - ------------------------------------------------------------------------ 7. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: * security-announce at lists.vmware.com * bugtraq at securityfocus.com * full-disclosure at lists.grok.org.uk E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055 VMware Security Center http://www.vmware.com/security VMware security response policy http://www.vmware.com/support/policies/security_response.html General support life cycle policy http://www.vmware.com/support/policies/eos.html VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html Copyright 2009 VMware Inc. All rights reserved. ---------------------------------------------------------------------- 2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published How do you know which Secunia advisories are important to you? The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively. Get a free trial of the Secunia Vulnerability Intelligence Solutions: http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv ---------------------------------------------------------------------- TITLE: Hitachi Web Server Multiple Vulnerabilities SECUNIA ADVISORY ID: SA27421 VERIFY ADVISORY: http://secunia.com/advisories/27421/ CRITICAL: Less critical IMPACT: Security Bypass, Cross Site Scripting WHERE: >From remote SOFTWARE: uCosminexus Application Server http://secunia.com/product/13819/ Hitachi Web Server 3.x http://secunia.com/product/13335/ Hitachi Web Server 2.x http://secunia.com/product/13334/ Hitachi Web Server 1.x http://secunia.com/product/13333/ DESCRIPTION: Some vulnerabilities have been reported in the Hitachi Web Server, which can be exploited by malicious people to bypass certain security restrictions or conduct cross-site scripting attacks. 1) An error exists within the handling of SSL requests. This can be exploited to trick a vulnerable server into accepting a forged signature. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html http://www.hitachi-support.com/security_e/vuls_e/HS07-035_e/index-e.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01178795 Version: 1 HPSBUX02262 SSRT071447 rev. 1 - HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS) NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2007-10-02 Last Updated: 2007-10-02 Potential Security Impact: Remote arbitrary code execution, cross site scripting (XSS) Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX. References: CVE-2005-2090, CVE-2006-5752, CVE-2007-0450, CVE-2007-0774, CVE-2007-1355, CVE-2007-1358, CVE-2007-1860, CVE-2007-1863, CVE-2007-1887, CVE-2007-1900, CVE-2007-2449, CVE-2007-2450, CVE-2007-2756, CVE-2007-2872, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386. SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running Apache BACKGROUND To determine if a system has an affected version, search the output of "swlist -a revision -l fileset" for an affected fileset. Then determine if the recommended patch or update is installed. AFFECTED VERSIONS For IPv4: HP-UX B.11.11 ============= hpuxwsAPACHE action: install revision A.2.0.59.00 or subsequent restart Apache URL: https://www.hp.com/go/softwaredepot/ For IPv6: HP-UX B.11.11 HP-UX B.11.23 HP-UX B.11.31 ============= hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 hpuxwsAPACHE,revision=B.2.0.58.01 action: install revision B.2.0.59.00 or subsequent restart Apache URL: https://www.hp.com/go/softwaredepot/ END AFFECTED VERSIONS RESOLUTION HP has made the following available to resolve the vulnerability. HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent. MANUAL ACTIONS: Yes - Update Install HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent. PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa HISTORY Revision: 1 (rev.1) - 02 October 2007 Initial release Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For further information, contact normal HP Services support channel. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save. To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections. To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do * The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement." \xa9Copyright 2007 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1 iQA/AwUBRwVCruAfOvwtKn1ZEQK1YgCfavU7x1Hs59uLdP26lpZFwMxKofIAn3gJ HHoe3AY1sc6hrW3Xk+B1hcbr =+E1W -----END PGP SIGNATURE----- . A local attacker with the ability to run scripts on the server could manipulate the scoreboard and cause arbitrary processes to be terminated (CVE-2007-3304). =========================================================== Ubuntu Security Notice USN-499-1 August 16, 2007 apache2 vulnerabilities CVE-2006-5752, CVE-2007-1863, CVE-2007-3304 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: apache2-common 2.0.55-4ubuntu2.2 apache2-mpm-prefork 2.0.55-4ubuntu2.2 apache2-mpm-worker 2.0.55-4ubuntu2.2 Ubuntu 6.10: apache2-common 2.0.55-4ubuntu4.1 apache2-mpm-prefork 2.0.55-4ubuntu4.1 apache2-mpm-worker 2.0.55-4ubuntu4.1 Ubuntu 7.04: apache2-mpm-prefork 2.2.3-3.2ubuntu0.1 apache2-mpm-worker 2.2.3-3.2ubuntu0.1 apache2.2-common 2.2.3-3.2ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Stefan Esser discovered that mod_status did not force a character set, which could result in browsers becoming vulnerable to XSS attacks when processing the output. If a user were tricked into viewing server status output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. By default, mod_status is disabled in Ubuntu. (CVE-2006-5752) Niklas Edmundsson discovered that the mod_cache module could be made to crash using a specially crafted request. A remote user could use this to cause a denial of service if Apache was configured to use a threaded worker. By default, mod_cache is disabled in Ubuntu. (CVE-2007-1863) A flaw was discovered in the signal handling of Apache. A local attacker could trick Apache into sending SIGUSR1 to other processes. The vulnerable code was only present in Ubuntu Feisty. (CVE-2007-3304) Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.diff.gz Size/MD5: 115882 e94e45574e3b131d3a9a0e07e193f1e5 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.dsc Size/MD5: 1148 c2bc143625fbf8ca59fea300845c5a42 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.2_all.deb Size/MD5: 2124364 9b8ca5d5757c63f5ee6bbd507f0a8357 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_amd64.deb Size/MD5: 833000 be4c7770c725f5f4401ca06d1347211f http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_amd64.deb Size/MD5: 227832 41c12dfe84f109e6544a33e4e1d791a8 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_amd64.deb Size/MD5: 222934 7e4d072bad27239e366a6eda94c09190 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_amd64.deb Size/MD5: 227576 8fc59f78a3fa0e5d6dac81e875039bda http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_amd64.deb Size/MD5: 171082 4318f93373b705563251f377ed398614 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_amd64.deb Size/MD5: 171860 257f4183d70be5a00546c39c5a18f108 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_amd64.deb Size/MD5: 93916 695cee55f91ceb9424abe31d8b6ee1dd http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_amd64.deb Size/MD5: 35902 00c1082a77ff1d863f72874c4472a26d http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_amd64.deb Size/MD5: 285336 0a8510634b21f56f0d9619aa6fc9cec9 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_amd64.deb Size/MD5: 143952 d75f83ac219bce95a15a8f44b82b8ea7 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_i386.deb Size/MD5: 786186 4e78fa0d438867194f66b11b4eb6fc2e http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_i386.deb Size/MD5: 202448 74cf60884e18c1fc93f157010a15b12c http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_i386.deb Size/MD5: 198456 209a0b92995fec453ed4c2c181e3e555 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_i386.deb Size/MD5: 202038 6cbd437caf993fa2b2b38369cd3d5863 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_i386.deb Size/MD5: 171074 0a5a26aa58af7aa2d51d1cf5d7c543d6 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_i386.deb Size/MD5: 171848 af9ca78febc5bc0c7936296dab958349 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_i386.deb Size/MD5: 91884 2857d60b507b28c736f83815c9f3d1b8 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_i386.deb Size/MD5: 35906 202b5b233af0d26e29ca7302cf7fd04c http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_i386.deb Size/MD5: 261418 c90342706ac26682d15032a5ba5cb51a http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_i386.deb Size/MD5: 131850 951a4573901bc2f10d5febf940d57516 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_powerpc.deb Size/MD5: 859126 afdd8642ca447fc9dc70dfed92be0fa6 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_powerpc.deb Size/MD5: 219898 6d9c9f924d2356bf9d3438a280870a7d http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_powerpc.deb Size/MD5: 215602 dd554132cdea0f860e01cf5d4e0dbc7c http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_powerpc.deb Size/MD5: 219378 7a1f4b325dacef287c901fa66680c04e http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_powerpc.deb Size/MD5: 171096 a0e2547d38ef1b84dc419d69e42ffa0b http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_powerpc.deb Size/MD5: 171864 200ab662b2c13786658486df37fda881 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_powerpc.deb Size/MD5: 103628 ae36642fbd4698bb362fa4bf9417b0e3 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_powerpc.deb Size/MD5: 35910 358027282f2f19451d3aa784dc0474dc http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_powerpc.deb Size/MD5: 280950 0d9b56ec076da25e2a03f6d3c6445057 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_powerpc.deb Size/MD5: 141074 f5d3d5e0e5911e0c0156ae55af50f87b sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_sparc.deb Size/MD5: 803440 d66da6a91c08956c3c5062668349ef41 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_sparc.deb Size/MD5: 209970 57f0a8f823a4502ee9a2608e3181cc81 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_sparc.deb Size/MD5: 205582 1dcfb0df796e85c409f614544ea589fe http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_sparc.deb Size/MD5: 209330 6bf7ae824eea35d3487febef384fce91 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_sparc.deb Size/MD5: 171080 1088337f4abcb6c8f65751b6120c2307 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_sparc.deb Size/MD5: 171868 5cda04cd73a9c6d8dfc18abd55c09ebd http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_sparc.deb Size/MD5: 92972 850ab3bb0904e8fe9b6255c42ba7f84c http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_sparc.deb Size/MD5: 35904 7af260b95c4faa17ef34810fed888caf http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_sparc.deb Size/MD5: 267550 08182a8a2cab00fc0e6bca2cccf5165f http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_sparc.deb Size/MD5: 129760 a60606c6d2f12209b0bdae997be4a13f Updated packages for Ubuntu 6.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.diff.gz Size/MD5: 116265 2732761b18dfb3c2cd1aa0b54c2cf623 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.dsc Size/MD5: 1148 4b9c4612469c521db0c5fdbe2f6b9b25 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.1_all.deb Size/MD5: 2124550 8d5c30342b35f9fd595fb09d7659b6fc amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_amd64.deb Size/MD5: 836342 2c4ba483b0b20fdc2d43819109177941 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_amd64.deb Size/MD5: 227390 e61cc1998f5b8f2c44dce587e59d288a http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_amd64.deb Size/MD5: 222376 6bdbff7f7f80fd464d1e3ec52d6e7171 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_amd64.deb Size/MD5: 226848 4356b4caf2b40f364c8893c41b9f9355 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_amd64.deb Size/MD5: 171304 c4395af051e876228541ef5b8037d979 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_amd64.deb Size/MD5: 172074 99dadc4ad0f0947f9368d89f4589d95a http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_amd64.deb Size/MD5: 94204 30f3bb8c72575fe93940ecc730b8e4b6 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_amd64.deb Size/MD5: 36152 ea3cbefcbee7e2f6e5555edb44733ad9 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_amd64.deb Size/MD5: 286544 d555931490d44d93bec31c4bfc19ed12 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_amd64.deb Size/MD5: 145014 3e06ceb0a55598d82f9f781c44e210b3 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_i386.deb Size/MD5: 806938 050bb7665332d3761e1a8e47939fa507 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_i386.deb Size/MD5: 209556 ee530b24aba8838001ebb6c901bc90cd http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_i386.deb Size/MD5: 205718 b52a17c63909eae3c49bad0ab1958f4b http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_i386.deb Size/MD5: 209158 1844fa5e09224a90944f8b886ddb5a2a http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_i386.deb Size/MD5: 171296 9de8aba41f7e3d60f41536ca712adebb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_i386.deb Size/MD5: 172078 01ccd554177364747b08e2933f121d2c http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_i386.deb Size/MD5: 93240 4573597317416869646eb2ea42cd0945 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_i386.deb Size/MD5: 36150 77666d65bade6a91bd58826c79f11dc9 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_i386.deb Size/MD5: 266390 a3963d8e76f6865404f7fadb47880c87 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_i386.deb Size/MD5: 137604 387f6bcdaa58dbbe53082241b3231844 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_powerpc.deb Size/MD5: 865372 27d7f1de1fcb2114d3f3b0a774302488 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_powerpc.deb Size/MD5: 221542 1ae8fa5cf4b77f3b2aa054e2886e587e http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_powerpc.deb Size/MD5: 217044 9134983c40107f79fcac8d1eacbc7117 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_powerpc.deb Size/MD5: 221324 b435dc09c63ecbcd564a0923a8f07350 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_powerpc.deb Size/MD5: 171296 6d2a0abfb7a1daaeae56559eeb322dcb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_powerpc.deb Size/MD5: 172064 ecc2037409554ea43c5a6848aa510c76 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_powerpc.deb Size/MD5: 104654 d0957d8df044c4a34437241792ed97d1 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_powerpc.deb Size/MD5: 36148 34e102e1d2e1c6a6f31801dfb98cb82a http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_powerpc.deb Size/MD5: 284548 c8f325ccc42cbe77191d4ddd9abc2a4e http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_powerpc.deb Size/MD5: 144238 82cfbfcec5fc4931078145af8947c035 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_sparc.deb Size/MD5: 811594 d8548e537fd81994bbb638e105dfbf8b http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_sparc.deb Size/MD5: 212160 81cd0197ff89b79c967c1074ede9f8d7 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_sparc.deb Size/MD5: 207870 5d80ed8dc39b0d4d59fccb747624a684 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_sparc.deb Size/MD5: 211578 9407383d85db831dab728b39cce9acc8 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_sparc.deb Size/MD5: 171294 5e4d695a99bdc1fdfb0bfcef8b91d03d http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_sparc.deb Size/MD5: 172064 06e3e765d799e281dba7329ff9d9e138 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_sparc.deb Size/MD5: 93796 1048b47b289fb2047fa9ac7ebbe94a57 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_sparc.deb Size/MD5: 36150 0d106a177aa4271b1cfc0e96eec1a748 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_sparc.deb Size/MD5: 268444 3912123e7c71cc638132305ca89fe23b http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_sparc.deb Size/MD5: 130626 f4444e0239c2da7d3c31e3486606f95a Updated packages for Ubuntu 7.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.diff.gz Size/MD5: 112120 f7b1a17718aed7ca73da3a6d7aad06b0 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.dsc Size/MD5: 1128 e82b1bee591fff50d6673ed1a443e543 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu0.1_all.deb Size/MD5: 2199184 c03756f87cb164213428532f70e0c198 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu0.1_all.deb Size/MD5: 272064 5be351f491f8d1aae9a270d1214e93e3 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu0.1_all.deb Size/MD5: 6674104 bdbabf8f478562f0e003737e977ffc7b http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1_all.deb Size/MD5: 38668 9f0c7c01e8441285c084002eb4619065 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_amd64.deb Size/MD5: 449624 1b54a8000c40eaaa0f9e31527b9bb180 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_amd64.deb Size/MD5: 445346 d15625641a3247fbf5d9d9b9aed34968 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_amd64.deb Size/MD5: 449208 55f39c28a4de98d53f80231aeb7d6c59 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_amd64.deb Size/MD5: 403570 0042c75be8a2d128d62b79398deaefa8 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_amd64.deb Size/MD5: 404138 929772b95ea67f338ad423a65b2b7011 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_amd64.deb Size/MD5: 341312 906819b0de863209575aa65d39a594a5 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_amd64.deb Size/MD5: 971462 f85e32c5f6437ce149553aee97ffd934 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_i386.deb Size/MD5: 432922 c1b81ac7dc7b7a0b2261fd10d9bcf5c6 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_i386.deb Size/MD5: 428856 f506f2a9dd2dbd5c2d3f72a476cc3537 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_i386.deb Size/MD5: 432314 a5a11947ad8cf14604efa7ddcfd20bfe http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_i386.deb Size/MD5: 403574 da84a3a99276f14a11ac892ce7eee170 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_i386.deb Size/MD5: 404138 0fdd43a53e6957aa3a348a7bd9c876f5 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_i386.deb Size/MD5: 340396 88a0ddbc58335416d91c9f10adc9d5f5 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_i386.deb Size/MD5: 929716 138d58487b882e6002e3c5e4a9489add powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_powerpc.deb Size/MD5: 451530 ddc437092ef642fcd396713cd1972f4c http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_powerpc.deb Size/MD5: 446960 af1b667708e062f81bca4e995355394d http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_powerpc.deb Size/MD5: 450940 ed9f31ec5045a88446115987c6e97655 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_powerpc.deb Size/MD5: 403574 65801ab51335a15dc370b9341a0e50dd http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_powerpc.deb Size/MD5: 404146 fd35e65fadd836feb0190b209947b466 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_powerpc.deb Size/MD5: 360518 b74bc9eead429cd8f0ebecd6a94e5edb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_powerpc.deb Size/MD5: 1073812 376fe5b1ee383a6d870eea5dd3c6a704 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_sparc.deb Size/MD5: 434408 c70ef2e9aed191fe53886ceb3725596e http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_sparc.deb Size/MD5: 430574 7b690896da23a151ee5e106d596c1143 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_sparc.deb Size/MD5: 433918 cc01edfcfc673ba9a86c83fcc66e6870 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_sparc.deb Size/MD5: 403568 a7660cff70394403c764cf8f30c7298a http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_sparc.deb Size/MD5: 404136 b8587d5eba0be59a6576d6cf645b2122 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_sparc.deb Size/MD5: 343370 1572a001a612add57d23350210ac1736 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_sparc.deb Size/MD5: 938586 b74a91fcfbb0503355e94981310bd1ce

Trust: 2.61

sources: NVD: CVE-2006-5752 // JVNDB: JVNDB-2007-000773 // BID: 24645 // VULMON: CVE-2006-5752 // PACKETSTORM: 57506 // PACKETSTORM: 60759 // PACKETSTORM: 80533 // PACKETSTORM: 60585 // PACKETSTORM: 59939 // PACKETSTORM: 57507 // PACKETSTORM: 58667

AFFECTED PRODUCTS

vendor:	redhat	model:	enterprise linux desktop	scope:	eq	version:	3.0	Trust: 1.6
vendor:	redhat	model:	enterprise linux desktop	scope:	eq	version:	4.0	Trust: 1.6
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	3.0	Trust: 1.0
vendor:	redhat	model:	enterprise linux eus	scope:	eq	version:	4.5	Trust: 1.0
vendor:	apache	model:	http server	scope:	lt	version:	2.2.6	Trust: 1.0
vendor:	redhat	model:	enterprise linux workstation	scope:	eq	version:	5.0	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	6.06	Trust: 1.0
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	4.0	Trust: 1.0
vendor:	redhat	model:	enterprise linux workstation	scope:	eq	version:	3.0	Trust: 1.0
vendor:	redhat	model:	enterprise linux workstation	scope:	eq	version:	4.0	Trust: 1.0
vendor:	apache	model:	http server	scope:	gte	version:	2.0.0	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	7	Trust: 1.0
vendor:	redhat	model:	enterprise linux desktop	scope:	eq	version:	5.0	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	7.04	Trust: 1.0
vendor:	apache	model:	http server	scope:	gte	version:	2.2.0	Trust: 1.0
vendor:	apache	model:	http server	scope:	lt	version:	1.3.39	Trust: 1.0
vendor:	apache	model:	http server	scope:	lt	version:	2.0.61	Trust: 1.0
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	5.0	Trust: 1.0
vendor:	apache	model:	http server	scope:	gte	version:	1.3.2	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	6.10	Trust: 1.0
vendor:	hitachi	model:	cosminexus application server enterprise	scope:	eq	version:	version 6	Trust: 0.8
vendor:	hitachi	model:	cosminexus application server standard	scope:	eq	version:	version 6	Trust: 0.8
vendor:	hitachi	model:	cosminexus application server version 5	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	cosminexus developer light version 6	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	cosminexus developer professional version 6	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	cosminexus developer standard version 6	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	cosminexus developer version 5	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	cosminexus server - enterprise edition	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	cosminexus server - standard edition	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	cosminexus server - standard edition version 4	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	cosminexus server - web edition	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	cosminexus server - web edition version 4	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	web server	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	ucosminexus application server enterprise	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	ucosminexus application server standard	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	ucosminexus developer	scope:	eq	version:	professional	Trust: 0.8
vendor:	hitachi	model:	ucosminexus developer light	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	ucosminexus developer standard	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	ucosminexus service architect	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	ucosminexus service platform	scope:	-	version:	-	Trust: 0.8
vendor:	redhat	model:	enterprise linux	scope:	eq	version:	4.0	Trust: 0.6
vendor:	redhat	model:	enterprise linux	scope:	eq	version:	2.1	Trust: 0.6
vendor:	redhat	model:	enterprise linux	scope:	eq	version:	3.0	Trust: 0.6
vendor:	redhat	model:	linux advanced workstation	scope:	eq	version:	2.1	Trust: 0.6
vendor:	vmware	model:	workstation	scope:	eq	version:	6.5.2	Trust: 0.3
vendor:	vmware	model:	workstation	scope:	eq	version:	6.5.1	Trust: 0.3
vendor:	vmware	model:	player	scope:	eq	version:	2.5.2	Trust: 0.3
vendor:	vmware	model:	player	scope:	eq	version:	2.5.1	Trust: 0.3
vendor:	vmware	model:	ace	scope:	eq	version:	2.5.2	Trust: 0.3
vendor:	vmware	model:	ace	scope:	eq	version:	2.5.1	Trust: 0.3
vendor:	ubuntu	model:	linux sparc	scope:	eq	version:	7.04	Trust: 0.3
vendor:	ubuntu	model:	linux powerpc	scope:	eq	version:	7.04	Trust: 0.3
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	7.04	Trust: 0.3
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	7.04	Trust: 0.3
vendor:	ubuntu	model:	linux sparc	scope:	eq	version:	6.10	Trust: 0.3
vendor:	ubuntu	model:	linux powerpc	scope:	eq	version:	6.10	Trust: 0.3
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	6.10	Trust: 0.3
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	6.10	Trust: 0.3
vendor:	ubuntu	model:	linux lts sparc	scope:	eq	version:	6.06	Trust: 0.3
vendor:	ubuntu	model:	linux lts powerpc	scope:	eq	version:	6.06	Trust: 0.3
vendor:	ubuntu	model:	linux lts i386	scope:	eq	version:	6.06	Trust: 0.3
vendor:	ubuntu	model:	linux lts amd64	scope:	eq	version:	6.06	Trust: 0.3
vendor:	turbolinux	model:	server	scope:	eq	version:	10.0x86	Trust: 0.3
vendor:	turbolinux	model:	server	scope:	eq	version:	10.0	Trust: 0.3
vendor:	turbolinux	model:	server	scope:	eq	version:	10.0.0x64	Trust: 0.3
vendor:	turbolinux	model:	fuji	scope:	eq	version:	0	Trust: 0.3
vendor:	turbolinux	model:	appliance server	scope:	eq	version:	2.0	Trust: 0.3
vendor:	trustix	model:	secure linux	scope:	eq	version:	3.0.5	Trust: 0.3
vendor:	trustix	model:	secure linux	scope:	eq	version:	3.0	Trust: 0.3
vendor:	trustix	model:	secure linux	scope:	eq	version:	2.2	Trust: 0.3
vendor:	trustix	model:	operating system enterprise server	scope:	eq	version:	2.0	Trust: 0.3
vendor:	suse	model:	linux enterprise server	scope:	eq	version:	9	Trust: 0.3
vendor:	suse	model:	linux enterprise server sp1	scope:	eq	version:	10	Trust: 0.3
vendor:	suse	model:	linux enterprise sdk 10.sp1	scope:	-	version:	-	Trust: 0.3
vendor:	suse	model:	linux enterprise sdk	scope:	eq	version:	10	Trust: 0.3
vendor:	suse	model:	opensuse	scope:	eq	version:	10.3	Trust: 0.3
vendor:	sun	model:	solaris 9 x86	scope:	-	version:	-	Trust: 0.3
vendor:	sun	model:	solaris 9 sparc	scope:	-	version:	-	Trust: 0.3
vendor:	sun	model:	solaris 8 x86	scope:	-	version:	-	Trust: 0.3
vendor:	sun	model:	solaris 8 sparc	scope:	-	version:	-	Trust: 0.3
vendor:	sun	model:	solaris 10 x86	scope:	-	version:	-	Trust: 0.3
vendor:	sgi	model:	propack sp6	scope:	eq	version:	3.0	Trust: 0.3
vendor:	s u s e	model:	opensuse	scope:	eq	version:	10.2	Trust: 0.3
vendor:	s u s e	model:	open-enterprise-server	scope:	eq	version:	0	Trust: 0.3
vendor:	s u s e	model:	novell linux pos	scope:	eq	version:	9	Trust: 0.3
vendor:	s u s e	model:	novell linux desktop	scope:	eq	version:	9.0	Trust: 0.3
vendor:	s u s e	model:	linux professional oss	scope:	eq	version:	10.0	Trust: 0.3
vendor:	s u s e	model:	linux professional	scope:	eq	version:	10.1	Trust: 0.3
vendor:	s u s e	model:	linux personal oss	scope:	eq	version:	10.0	Trust: 0.3
vendor:	s u s e	model:	linux personal	scope:	eq	version:	10.1	Trust: 0.3
vendor:	rpath	model:	linux	scope:	eq	version:	1	Trust: 0.3
vendor:	redhat	model:	network satellite (for rhel	scope:	eq	version:	4)4.2	Trust: 0.3
vendor:	redhat	model:	network proxy (for rhel	scope:	eq	version:	3)4.2	Trust: 0.3
vendor:	redhat	model:	enterprise linux ws	scope:	eq	version:	4	Trust: 0.3
vendor:	redhat	model:	enterprise linux ws	scope:	eq	version:	3	Trust: 0.3
vendor:	redhat	model:	enterprise linux ws ia64	scope:	eq	version:	2.1	Trust: 0.3
vendor:	redhat	model:	enterprise linux ws	scope:	eq	version:	2.1	Trust: 0.3
vendor:	redhat	model:	enterprise linux es	scope:	eq	version:	4	Trust: 0.3
vendor:	redhat	model:	enterprise linux es	scope:	eq	version:	3	Trust: 0.3
vendor:	redhat	model:	enterprise linux es ia64	scope:	eq	version:	2.1	Trust: 0.3
vendor:	redhat	model:	enterprise linux es	scope:	eq	version:	2.1	Trust: 0.3
vendor:	redhat	model:	enterprise linux desktop workstation client	scope:	eq	version:	5	Trust: 0.3
vendor:	redhat	model:	desktop	scope:	eq	version:	4.0	Trust: 0.3
vendor:	redhat	model:	desktop	scope:	eq	version:	3.0	Trust: 0.3
vendor:	redhat	model:	certificate server	scope:	eq	version:	7.3	Trust: 0.3
vendor:	redhat	model:	advanced workstation for the itanium processor ia64	scope:	eq	version:	2.1	Trust: 0.3
vendor:	redhat	model:	advanced workstation for the itanium processor	scope:	eq	version:	2.1	Trust: 0.3
vendor:	red	model:	hat red hat network satellite server	scope:	eq	version:	5.0	Trust: 0.3
vendor:	red	model:	hat network satellite (for rhel	scope:	eq	version:	3)4.2	Trust: 0.3
vendor:	red	model:	hat network proxy (for rhel	scope:	eq	version:	4)5.0	Trust: 0.3
vendor:	red	model:	hat network proxy (for rhel	scope:	eq	version:	4)4.2	Trust: 0.3
vendor:	red	model:	hat enterprise linux desktop client	scope:	eq	version:	5	Trust: 0.3
vendor:	red	model:	hat enterprise linux as	scope:	eq	version:	4	Trust: 0.3
vendor:	red	model:	hat enterprise linux as	scope:	eq	version:	3	Trust: 0.3
vendor:	red	model:	hat enterprise linux as ia64	scope:	eq	version:	2.1	Trust: 0.3
vendor:	red	model:	hat enterprise linux as	scope:	eq	version:	2.1	Trust: 0.3
vendor:	red	model:	hat enterprise linux server	scope:	eq	version:	5	Trust: 0.3
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	2007.1	Trust: 0.3
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	2007.1	Trust: 0.3
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	2007.0	Trust: 0.3
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	2007.0	Trust: 0.3
vendor:	mandrakesoft	model:	multi network firewall	scope:	eq	version:	2.0	Trust: 0.3
vendor:	mandrakesoft	model:	corporate server x86 64	scope:	eq	version:	4.0	Trust: 0.3
vendor:	mandrakesoft	model:	corporate server x86 64	scope:	eq	version:	3.0	Trust: 0.3
vendor:	mandrakesoft	model:	corporate server	scope:	eq	version:	3.0	Trust: 0.3
vendor:	mandrakesoft	model:	corporate server	scope:	eq	version:	4.0	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	6.0.2.13	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	2.2.2	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	2.0.47.1	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	2.0.47	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	2.0.42.2	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	2.0.42.1	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	2.0.42	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	1.3.28.1	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	1.3.28	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	1.3.26.2	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	1.3.26.1	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	1.3.26	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	1.3.19.5	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	1.3.19.4	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	1.3.19.3	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	1.3.19.2	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	1.3.19.1	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	1.3.19	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	1.3.12.7	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	1.3.12.6	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	1.3.12.5	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	1.3.12.4	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	1.3.12.3	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	1.3.12.2	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	1.3.12.1	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	1.3.12	Trust: 0.3
vendor:	ibm	model:	http server win32	scope:	eq	version:	1.3.6	Trust: 0.3
vendor:	ibm	model:	http server win32	scope:	eq	version:	1.3.6.4	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	1.3.6.3	Trust: 0.3
vendor:	ibm	model:	http server win32	scope:	eq	version:	1.3.6.2	Trust: 0.3
vendor:	ibm	model:	http server unix	scope:	eq	version:	1.3.6.2	Trust: 0.3
vendor:	ibm	model:	http server win32	scope:	eq	version:	1.3.3	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	1.0	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	6.1.0.1	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	6.1.0	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	6.0.2.12	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	2.2.1	Trust: 0.3
vendor:	ibm	model:	http server	scope:	eq	version:	2.0.58	Trust: 0.3
vendor:	hp	model:	hp-ux b.11.31	scope:	-	version:	-	Trust: 0.3
vendor:	hp	model:	hp-ux b.11.11	scope:	-	version:	-	Trust: 0.3
vendor:	gentoo	model:	linux	scope:	-	version:	-	Trust: 0.3
vendor:	fujitsu	model:	interstage studio standard-j edition	scope:	eq	version:	9.0	Trust: 0.3
vendor:	fujitsu	model:	interstage studio standard-j edition	scope:	eq	version:	8.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage studio enterprise edition	scope:	eq	version:	9.0	Trust: 0.3
vendor:	fujitsu	model:	interstage studio enterprise edition	scope:	eq	version:	8.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage job workload server	scope:	eq	version:	8.1	Trust: 0.3
vendor:	fujitsu	model:	interstage business application server enterprise	scope:	eq	version:	8.0.0	Trust: 0.3
vendor:	fujitsu	model:	interstage apworks standard-j edition	scope:	eq	version:	8.0	Trust: 0.3
vendor:	fujitsu	model:	interstage apworks modelers-j edition	scope:	eq	version:	7.0	Trust: 0.3
vendor:	fujitsu	model:	interstage apworks modelers-j edition 6.0a	scope:	-	version:	-	Trust: 0.3
vendor:	fujitsu	model:	interstage apworks modelers-j edition	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage apworks enterprise edition	scope:	eq	version:	8.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server web-j edition	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition a	scope:	eq	version:	9.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition	scope:	eq	version:	9.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition	scope:	eq	version:	8.0.2	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition	scope:	eq	version:	8.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard-j edition	scope:	eq	version:	8.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server standard edition	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus developer	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus developer	scope:	eq	version:	7.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus developer	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus	scope:	eq	version:	7.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus	scope:	eq	version:	7.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server plus	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition a	scope:	eq	version:	9.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	9.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	8.0.2	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	8.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	8.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	7.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	7.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition 6.0a	scope:	-	version:	-	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fujitsu	model:	interstage application server enterprise edition	scope:	eq	version:	5.0	Trust: 0.3
vendor:	avaya	model:	messaging storage server mm3.0	scope:	-	version:	-	Trust: 0.3
vendor:	avaya	model:	message networking	scope:	-	version:	-	Trust: 0.3
vendor:	avaya	model:	interactive response	scope:	eq	version:	1.3	Trust: 0.3
vendor:	avaya	model:	interactive response	scope:	eq	version:	3.0	Trust: 0.3
vendor:	avaya	model:	interactive response	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.4	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2.3	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	eq	version:	2.2	Trust: 0.3
vendor:	apache	model:	software foundation apache	scope:	ne	version:	2.2.6	Trust: 0.3
vendor:	apache	model:	software foundation apache 2.3.38-dev	scope:	ne	version:	-	Trust: 0.3
vendor:	apache	model:	software foundation apache 2.0.60-dev	scope:	ne	version:	-	Trust: 0.3

sources: BID: 24645 // JVNDB: JVNDB-2007-000773 // CNNVD: CNNVD-200706-491 // NVD: CVE-2006-5752

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2006-5752
value:	MEDIUM
Trust: 1.0
IPA:	JVNDB-2007-000773
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200706-491
value:	MEDIUM
Trust: 0.6
VULMON:	CVE-2006-5752
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2006-5752
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
IPA:	JVNDB-2007-000773
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8

sources: VULMON: CVE-2006-5752 // JVNDB: JVNDB-2007-000773 // CNNVD: CNNVD-200706-491 // NVD: CVE-2006-5752

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	CWE-79	Trust: 0.8

sources: JVNDB: JVNDB-2007-000773 // NVD: CVE-2006-5752

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200706-491

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200706-491

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-000773

PATCH

title:	HS07-035	url:	http://www.hitachi-support.com/security_e/vuls_e/HS07-035_e/index-e.html	Trust: 0.8
title:	Ubuntu Security Notice: apache2 vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-499-1	Trust: 0.1
title:	-	url:	https://github.com/Live-Hack-CVE/CVE-2006-5752	Trust: 0.1
title:	-	url:	https://github.com/kasem545/vulnsearch	Trust: 0.1
title:	-	url:	https://github.com/SecureAxom/strike	Trust: 0.1

sources: VULMON: CVE-2006-5752 // JVNDB: JVNDB-2007-000773

EXTERNAL IDS

db:	NVD	id:	CVE-2006-5752	Trust: 3.4
db:	BID	id:	24645	Trust: 2.0
db:	VUPEN	id:	ADV-2007-2727	Trust: 1.7
db:	VUPEN	id:	ADV-2007-3283	Trust: 1.7
db:	VUPEN	id:	ADV-2007-3386	Trust: 1.7
db:	VUPEN	id:	ADV-2007-4305	Trust: 1.7
db:	VUPEN	id:	ADV-2008-0233	Trust: 1.7
db:	SECUNIA	id:	27732	Trust: 1.7
db:	SECUNIA	id:	25920	Trust: 1.7
db:	SECUNIA	id:	26993	Trust: 1.7
db:	SECUNIA	id:	28212	Trust: 1.7
db:	SECUNIA	id:	28606	Trust: 1.7
db:	SECUNIA	id:	26458	Trust: 1.7
db:	SECUNIA	id:	28224	Trust: 1.7
db:	SECUNIA	id:	26842	Trust: 1.7
db:	SECUNIA	id:	27563	Trust: 1.7
db:	SECUNIA	id:	27037	Trust: 1.7
db:	SECUNIA	id:	25873	Trust: 1.7
db:	SECUNIA	id:	26508	Trust: 1.7
db:	SECUNIA	id:	26822	Trust: 1.7
db:	SECUNIA	id:	26273	Trust: 1.7
db:	SECUNIA	id:	26443	Trust: 1.7
db:	SECUNIA	id:	25827	Trust: 1.7
db:	SECUNIA	id:	25830	Trust: 1.7
db:	OSVDB	id:	37052	Trust: 1.7
db:	SECTRACK	id:	1018302	Trust: 1.7
db:	SECUNIA	id:	27421	Trust: 1.0
db:	JVNDB	id:	JVNDB-2007-000773	Trust: 0.8
db:	CNNVD	id:	CNNVD-200706-491	Trust: 0.6
db:	VULMON	id:	CVE-2006-5752	Trust: 0.1
db:	PACKETSTORM	id:	57506	Trust: 0.1
db:	PACKETSTORM	id:	60759	Trust: 0.1
db:	PACKETSTORM	id:	80533	Trust: 0.1
db:	HITACHI	id:	HS07-035	Trust: 0.1
db:	HITACHI	id:	HS07-034	Trust: 0.1
db:	PACKETSTORM	id:	60585	Trust: 0.1
db:	PACKETSTORM	id:	59939	Trust: 0.1
db:	PACKETSTORM	id:	57507	Trust: 0.1
db:	PACKETSTORM	id:	58667	Trust: 0.1

sources: VULMON: CVE-2006-5752 // BID: 24645 // JVNDB: JVNDB-2007-000773 // PACKETSTORM: 57506 // PACKETSTORM: 60759 // PACKETSTORM: 80533 // PACKETSTORM: 60585 // PACKETSTORM: 59939 // PACKETSTORM: 57507 // PACKETSTORM: 58667 // CNNVD: CNNVD-200706-491 // NVD: CVE-2006-5752

REFERENCES

url:	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245112	Trust: 2.0
url:	http://rhn.redhat.com/errata/rhsa-2007-0534.html	Trust: 2.0
url:	http://rhn.redhat.com/errata/rhsa-2007-0556.html	Trust: 2.0
url:	http://support.avaya.com/elmodocs2/security/asa-2007-353.htm	Trust: 2.0
url:	http://www-1.ibm.com/support/docview.wss?uid=swg1pk52702	Trust: 2.0
url:	https://rhn.redhat.com/errata/rhsa-2007-0533.html	Trust: 2.0
url:	http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1	Trust: 2.0
url:	http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html	Trust: 2.0
url:	http://www.securityfocus.com/bid/24645	Trust: 1.8
url:	http://security.gentoo.org/glsa/glsa-200711-06.xml	Trust: 1.8
url:	http://svn.apache.org/viewvc?view=rev&revision=549159	Trust: 1.7
url:	http://www.redhat.com/support/errata/rhsa-2007-0532.html	Trust: 1.7
url:	https://issues.rpath.com/browse/rpl-1500	Trust: 1.7
url:	http://bugs.gentoo.org/show_bug.cgi?id=186219	Trust: 1.7
url:	http://www-1.ibm.com/support/search.wss?rs=0&q=pk49295&apar=only	Trust: 1.7
url:	http://www.redhat.com/archives/fedora-package-announce/2007-september/msg00320.html	Trust: 1.7
url:	http://www.mandriva.com/security/advisories?name=mdksa-2007:140	Trust: 1.7
url:	http://www.mandriva.com/security/advisories?name=mdksa-2007:141	Trust: 1.7
url:	http://www.mandriva.com/security/advisories?name=mdksa-2007:142	Trust: 1.7
url:	http://www.redhat.com/support/errata/rhsa-2007-0557.html	Trust: 1.7
url:	http://www.novell.com/linux/security/advisories/2007_61_apache2.html	Trust: 1.7
url:	http://www.trustix.org/errata/2007/0026/	Trust: 1.7
url:	http://www.ubuntu.com/usn/usn-499-1	Trust: 1.7
url:	http://www.securitytracker.com/id?1018302	Trust: 1.7
url:	http://secunia.com/advisories/25827	Trust: 1.7
url:	http://secunia.com/advisories/25830	Trust: 1.7
url:	http://secunia.com/advisories/25873	Trust: 1.7
url:	http://secunia.com/advisories/25920	Trust: 1.7
url:	http://secunia.com/advisories/26273	Trust: 1.7
url:	http://secunia.com/advisories/26443	Trust: 1.7
url:	http://secunia.com/advisories/26458	Trust: 1.7
url:	http://secunia.com/advisories/26508	Trust: 1.7
url:	http://secunia.com/advisories/26822	Trust: 1.7
url:	http://secunia.com/advisories/26842	Trust: 1.7
url:	http://secunia.com/advisories/26993	Trust: 1.7
url:	http://secunia.com/advisories/27037	Trust: 1.7
url:	http://secunia.com/advisories/27563	Trust: 1.7
url:	http://secunia.com/advisories/27732	Trust: 1.7
url:	http://secunia.com/advisories/28212	Trust: 1.7
url:	http://secunia.com/advisories/28224	Trust: 1.7
url:	http://secunia.com/advisories/28606	Trust: 1.7
url:	http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1	Trust: 1.7
url:	http://www.redhat.com/support/errata/rhsa-2008-0261.html	Trust: 1.7
url:	http://lists.vmware.com/pipermail/security-announce/2009/000062.html	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2008/0233	Trust: 1.7
url:	http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01178795	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2007/4305	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2007/2727	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2007/3283	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2007/3386	Trust: 1.7
url:	http://osvdb.org/37052	Trust: 1.7
url:	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/35097	Trust: 1.7
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10154	Trust: 1.7
url:	http://www.securityfocus.com/archive/1/505990/100/0/threaded	Trust: 1.7
url:	http://httpd.apache.org/security/vulnerabilities_13.html	Trust: 1.4
url:	http://httpd.apache.org/security/vulnerabilities_20.html	Trust: 1.4
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5752	Trust: 1.2
url:	http://httpd.apache.org/security/vulnerabilities_22.html	Trust: 1.1
url:	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3ccvs.httpd.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3ccvs.httpd.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3ccvs.httpd.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3ccvs.httpd.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e	Trust: 1.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5809	Trust: 0.8
url:	http://www.frsirt.com/english/advisories/2007/3666	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-5752	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5809	Trust: 0.8
url:	http://secunia.com/advisories/27421	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2006-5752	Trust: 0.6
url:	httpd.apache.org%3e	Trust: 0.6
url:	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs.	Trust: 0.6
url:	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3ccvs.	Trust: 0.6
url:	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3ccvs.	Trust: 0.6
url:	httpd.apache.org/security/vulnerabilities_13.html	Trust: 0.6
url:	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs.	Trust: 0.6
url:	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs.	Trust: 0.6
url:	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs.	Trust: 0.6
url:	httpd.apache.org/security/vulnerabilities_22.html	Trust: 0.6
url:	https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs.	Trust: 0.6
url:	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs.	Trust: 0.6
url:	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs.	Trust: 0.6
url:	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.	Trust: 0.6
url:	httpd.apache.org/security/vulnerabilities_20.html	Trust: 0.6
url:	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3ccvs.	Trust: 0.6
url:	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs.	Trust: 0.6
url:	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs.	Trust: 0.6
url:	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs.	Trust: 0.6
url:	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs.	Trust: 0.6
url:	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs.	Trust: 0.6
url:	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.	Trust: 0.6
url:	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs.	Trust: 0.6
url:	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs.	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2007-1863	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2007-3304	Trust: 0.4
url:	http://httpd.apache.org/	Trust: 0.3
url:	http://support.avaya.com/elmodocs2/security/asa-2008-012.htm	Trust: 0.3
url:	http://www.apache.org/dist/httpd/changes_2.2.6	Trust: 0.3
url:	/archive/1/481830	Trust: 0.3
url:	/archive/1/479708	Trust: 0.3
url:	http://www-1.ibm.com/support/docview.wss?uid=swg1pk49295	Trust: 0.3
url:	http://rhn.redhat.com/errata/rhsa-2007-0532.html	Trust: 0.3
url:	http://rhn.redhat.com/errata/rhsa-2008-0261.html	Trust: 0.3
url:	http://rhn.redhat.com/errata/rhsa-2008-0263.html	Trust: 0.3
url:	http://rhn.redhat.com/errata/rhsa-2008-0523.html	Trust: 0.3
url:	http://rhn.redhat.com/errata/rhsa-2008-0524.html	Trust: 0.3
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1863	Trust: 0.3
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3304	Trust: 0.3
url:	http://www.mandriva.com/security/	Trust: 0.2
url:	http://www.mandriva.com/security/advisories	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2007-3847	Trust: 0.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3847	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs.httpd.apache.org%3e	Trust: 0.1
url:	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs.httpd.apache.org%3e	Trust: 0.1
url:	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs.httpd.apache.org%3e	Trust: 0.1
url:	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs.httpd.apache.org%3e	Trust: 0.1
url:	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs.httpd.apache.org%3e	Trust: 0.1
url:	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs.httpd.apache.org%3e	Trust: 0.1
url:	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs.httpd.apache.org%3e	Trust: 0.1
url:	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs.httpd.apache.org%3e	Trust: 0.1
url:	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs.httpd.apache.org%3e	Trust: 0.1
url:	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.httpd.apache.org%3e	Trust: 0.1
url:	https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs.httpd.apache.org%3e	Trust: 0.1
url:	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3ccvs.httpd.apache.org%3e	Trust: 0.1
url:	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs.httpd.apache.org%3e	Trust: 0.1
url:	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.httpd.apache.org%3e	Trust: 0.1
url:	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs.httpd.apache.org%3e	Trust: 0.1
url:	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3ccvs.httpd.apache.org%3e	Trust: 0.1
url:	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs.httpd.apache.org%3e	Trust: 0.1
url:	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3ccvs.httpd.apache.org%3e	Trust: 0.1
url:	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs.httpd.apache.org%3e	Trust: 0.1
url:	https://github.com/live-hack-cve/cve-2006-5752	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://usn.ubuntu.com/499-1/	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1862	Trust: 0.1
url:	http://secunia.com/	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4465	Trust: 0.1
url:	http://bugs.gentoo.org.	Trust: 0.1
url:	http://enigmail.mozdev.org	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2007-1862	Trust: 0.1
url:	http://lists.grok.org.uk/full-disclosure-charter.html	Trust: 0.1
url:	http://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	http://security.gentoo.org/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2007-4465	Trust: 0.1
url:	http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.rpm	Trust: 0.1
url:	http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html	Trust: 0.1
url:	http://www.vmware.com/support/player25/doc/releasenotes_player253.html	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5000	Trust: 0.1
url:	http://www.vmware.com/download/ace/	Trust: 0.1
url:	http://www.vmware.com/download/player/	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6388	Trust: 0.1
url:	http://www.vmware.com/security	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2008-0005	Trust: 0.1
url:	http://kb.vmware.com/kb/1055	Trust: 0.1
url:	http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html	Trust: 0.1
url:	http://www.vmware.com/download/ws/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0040	Trust: 0.1
url:	http://www.vmware.com/support/policies/security_response.html	Trust: 0.1
url:	http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.rpm	Trust: 0.1
url:	http://www.vmware.com/support/policies/eos.html	Trust: 0.1
url:	http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.exe	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2007-5000	Trust: 0.1
url:	http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.bundle	Trust: 0.1
url:	http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.bundle	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0040	Trust: 0.1
url:	http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2007-6388	Trust: 0.1
url:	http://www.vmware.com/support/policies/eos_vi.html	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0005	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/product/13335/	Trust: 0.1
url:	http://www.hitachi-support.com/security_e/vuls_e/hs07-034_e/index-e.html	Trust: 0.1
url:	http://secunia.com/advisories/27421/	Trust: 0.1
url:	http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/product/13333/	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1
url:	http://secunia.com/product/13819/	Trust: 0.1
url:	http://www.hitachi-support.com/security_e/vuls_e/hs07-035_e/index-e.html	Trust: 0.1
url:	http://secunia.com/product/13334/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2007-0450	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2007-1860	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2007-1358	Trust: 0.1
url:	https://www.hp.com/go/softwaredepot/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2007-1900	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2007-1355	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2007-0774	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2007-3386	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2007-2450	Trust: 0.1
url:	http://h30046.www3.hp.com/subsignin.php	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2007-2872	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2007-3382	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2007-2756	Trust: 0.1
url:	http://www.itrc.hp.com/service/cki/secbullarchive.do	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2007-3385	Trust: 0.1
url:	http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na&langcode=useng&jumpid=in_sc-gen__driveritrc&topiccode=itrc	Trust: 0.1
url:	https://www.hp.com/go/swa	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2007-1887	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2005-2090	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2007-2449	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.dsc	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.2_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.diff.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu0.1_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu0.1_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu0.1_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.diff.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.1_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.dsc	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.dsc	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.diff.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_i386.deb	Trust: 0.1

CREDITS

Stefan Esser※ s.esser@ematters.de

Trust: 0.6

sources: CNNVD: CNNVD-200706-491

SOURCES

db:	VULMON	id:	CVE-2006-5752
db:	BID	id:	24645
db:	JVNDB	id:	JVNDB-2007-000773
db:	PACKETSTORM	id:	57506
db:	PACKETSTORM	id:	60759
db:	PACKETSTORM	id:	80533
db:	PACKETSTORM	id:	60585
db:	PACKETSTORM	id:	59939
db:	PACKETSTORM	id:	57507
db:	PACKETSTORM	id:	58667
db:	CNNVD	id:	CNNVD-200706-491
db:	NVD	id:	CVE-2006-5752

LAST UPDATE DATE

2024-11-06T22:00:55.244000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2006-5752	date:	2022-09-21T00:00:00
db:	BID	id:	24645	date:	2010-08-05T21:15:00
db:	JVNDB	id:	JVNDB-2007-000773	date:	2014-05-21T00:00:00
db:	CNNVD	id:	CNNVD-200706-491	date:	2021-06-07T00:00:00
db:	NVD	id:	CVE-2006-5752	date:	2023-11-07T01:59:40.033

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2006-5752	date:	2007-06-27T00:00:00
db:	BID	id:	24645	date:	2007-06-26T00:00:00
db:	JVNDB	id:	JVNDB-2007-000773	date:	2008-05-21T00:00:00
db:	PACKETSTORM	id:	57506	date:	2007-07-07T04:30:58
db:	PACKETSTORM	id:	60759	date:	2007-11-07T20:27:55
db:	PACKETSTORM	id:	80533	date:	2009-08-23T16:31:17
db:	PACKETSTORM	id:	60585	date:	2007-11-01T02:12:35
db:	PACKETSTORM	id:	59939	date:	2007-10-10T05:27:27
db:	PACKETSTORM	id:	57507	date:	2007-07-07T04:32:02
db:	PACKETSTORM	id:	58667	date:	2007-08-17T06:30:14
db:	CNNVD	id:	CNNVD-200706-491	date:	2007-06-27T00:00:00
db:	NVD	id:	CVE-2006-5752	date:	2007-06-27T17:30:00