U n d e r a c h i e v e r wrote: > Hi > > I'm using CentOS 3, and it's fully patched using yum. Apache reports version > 2.0.46 (CentOS) > > A colleague ran a copy of Nikto, a scripted vuln. finder, against my server, > and reported the following problems. The only one I've tested is the > directory traversal, and it seems to be an issue. Will the upstream vendor > patch these issues in Apache 2.0.46, or not? If not, does anyone know why > not? > > # Apache/2.0.46 (CentOS) - Apache 2.0 to 2.0.49 may allow unescaped data > into logfiles, which could pose a threat when logs are viewed/parsed. > CAN-2003-0020. OSVDB-4382. > # Apache/2.0.46 (CentOS) - Apache 2.0 to 2.0.50 contains a DoS with certain > input data. CAN-2004-0493. OSVDB-7269. > # Apache/2.0.46 (CentOS) - Apache 2.0 to 2.0.51 contains a potential > infinite loop. CAN-2004-0748. OSVDB-9523. > # 2.0.46 (CentOS) - TelCondex Simpleserver 2.13.31027 Build 3289 and below > allow directory traversal with '/.../' entries. > # Apache/2.0.46 - "Apache 2.0 up 2.0.46 are vulnerable to multiple remote > problems. CAN-2003-0192. CAN-2003-0253. CAN-2003-0254. CERT VU > # Apache/2.0.46 - Apache 2.0 up 2.0.47 are vulnerable to multiple remote > problems in mod_rewrite and mod_cgi. CAN-2003-0789. CAN-2003-0542. > # Apache/2.0.46 (CentOS) - Apache 2.0 to 2.0.53 contains a memory exhaustion > DoS through MIME folded requests. CAN-2004-0942. OSVDB-11391. > # Apache/2.0.46 (CentOS) - Apache 2.0 to 2.0.52 could allow bypassing of > authentication via the Satisfy directive. CAN-2004-0811. OSVDB-10218. > that script seems to be a brain dead testing setup - its just checking for the version numbers and not the vuln's themselves. Can you actually recreate any of these exploits ? -- Karanbir Singh : http://www.karan.org/ : 2522219 at icq